Change log for libsoup2.4 package in Ubuntu

175 of 204 results
Published in plucky-release
Deleted in plucky-proposed (Reason: Moved to plucky)
libsoup2.4 (2.74.3-8ubuntu1) plucky; urgency=medium

  * SECURITY UPDATE: Request smuggling
    - debian/patches/CVE-2024-52530.patch: Strictly don't allow NUL
      bytes in headers
    - CVE-2024-52530
  * SECURITY UPDATE: Buffer overflow
    - debian/patches/CVE-2024-52531-1.patch: Be more robust against
      invalid input when parsing params
    - debian/patches/CVE-2024-52531-2.patch: Add test for passing
      invalid UTF-8 to soup_header_parse_semi_param_list()
    - CVE-2024-52531
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2024-52532-1.patch: process the frame as soon
      as data is read
    - debian/patches/CVE-2024-52532-2.patch: disconnect error copy
      after the test ends
    - CVE-2024-52532

 -- Bruce Cable <email address hidden>  Tue, 19 Nov 2024 09:24:54 +1100
Published in oracular-updates
Published in oracular-security
libsoup2.4 (2.74.3-7ubuntu0.1) oracular-security; urgency=medium

  * SECURITY UPDATE: Request smuggling
    - debian/patches/CVE-2024-52530.patch: Strictly don't allow NUL
      bytes in headers
    - CVE-2024-52530
  * SECURITY UPDATE: Buffer overflow
    - debian/patches/CVE-2024-52531-1.patch: Be more robust against
      invalid input when parsing params
    - debian/patches/CVE-2024-52531-2.patch: Add test for passing
      invalid UTF-8 to soup_header_parse_semi_param_list()
    - CVE-2024-52531
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2024-52532-1.patch: process the frame as soon
      as data is read
    - debian/patches/CVE-2024-52532-2.patch: disconnect error copy
      after the test ends
    - CVE-2024-52532

 -- Bruce Cable <email address hidden>  Tue, 19 Nov 2024 09:24:46 +1100
Published in noble-updates
Published in noble-security
libsoup2.4 (2.74.3-6ubuntu1.1) noble-security; urgency=medium

  * SECURITY UPDATE: Request smuggling
    - debian/patches/CVE-2024-52530.patch: Strictly don't allow NUL
      bytes in headers
    - CVE-2024-52530
  * SECURITY UPDATE: Buffer overflow
    - debian/patches/CVE-2024-52531-1.patch: Be more robust against
      invalid input when parsing params
    - debian/patches/CVE-2024-52531-2.patch: Add test for passing
      invalid UTF-8 to soup_header_parse_semi_param_list()
    - CVE-2024-52531
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2024-52532-1.patch: process the frame as soon
      as data is read
    - debian/patches/CVE-2024-52532-2.patch: disconnect error copy
      after the test ends
    - CVE-2024-52532

 -- Bruce Cable <email address hidden>  Tue, 19 Nov 2024 09:24:43 +1100
Published in jammy-updates
Published in jammy-security
libsoup2.4 (2.74.2-3ubuntu0.1) jammy-security; urgency=medium

  * SECURITY UPDATE: Request smuggling
    - debian/patches/CVE-2024-52530.patch: Strictly don't allow NUL
      bytes in headers
    - CVE-2024-52530
  * SECURITY UPDATE: Buffer overflow
    - debian/patches/CVE-2024-52531-1.patch: Be more robust against
      invalid input when parsing params
    - debian/patches/CVE-2024-52531-2.patch: Add test for passing
      invalid UTF-8 to soup_header_parse_semi_param_list()
    - CVE-2024-52531
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2024-52532-1.patch: process the frame as soon
      as data is read
    - debian/patches/CVE-2024-52532-2.patch: disconnect error copy
      after the test ends
    - CVE-2024-52532

 -- Bruce Cable <email address hidden>  Tue, 19 Nov 2024 09:24:38 +1100
Published in focal-updates
Published in focal-security
libsoup2.4 (2.70.0-1ubuntu0.1) focal-security; urgency=medium

  * SECURITY UPDATE: Request smuggling
    - debian/patches/CVE-2024-52530.patch: Strictly don't allow NUL
      bytes in headers
    - CVE-2024-52530
  * SECURITY UPDATE: Buffer overflow
    - debian/patches/CVE-2024-52531-1.patch: Be more robust against
      invalid input when parsing params
    - debian/patches/CVE-2024-52531-2.patch: Add test for passing
      invalid UTF-8 to soup_header_parse_semi_param_list()
    - CVE-2024-52531
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2024-52532-1.patch: process the frame as soon
      as data is read
    - debian/patches/CVE-2024-52532-2.patch: disconnect error copy
      after the test ends
    - CVE-2024-52532

 -- Bruce Cable <email address hidden>  Mon, 18 Nov 2024 17:04:33 +1100
Superseded in plucky-release
Deleted in plucky-proposed (Reason: Moved to plucky)
libsoup2.4 (2.74.3-8) unstable; urgency=medium

  * Add Build-Depends: ca-certificates for build tests (Closes: #1064744)
  * Bump Standards Version to 4.7.0

 -- Jeremy Bícha <email address hidden>  Thu, 03 Oct 2024 09:12:27 -0400

Available diffs

Superseded in plucky-release
Published in oracular-release
Deleted in oracular-proposed (Reason: Moved to oracular)
libsoup2.4 (2.74.3-7) unstable; urgency=medium

  * Add Build-Depends: winbind for NTLM support
  * Enable sysprof where available & explicitly disable it elsewhere.
    Previously, sysprof was an auto feature so it would be automatically
    enabled once sysprof was available at build time (which will happen
    once sysprof-enabled glib is used)

 -- Jeremy Bícha <email address hidden>  Thu, 04 Apr 2024 16:13:26 -0400
Superseded in oracular-release
Published in noble-release
Deleted in noble-proposed (Reason: Moved to noble)
Deleted in noble-proposed (Reason: rollback for xz-utils)
libsoup2.4 (2.74.3-6ubuntu1) noble; urgency=medium

  * Explicitly disable sysprof integration instead of leaving it up to
    whether sysprof is installed at build time

 -- Jeremy Bícha <email address hidden>  Thu, 04 Apr 2024 13:24:54 -0400

Available diffs

Superseded in noble-release
Deleted in noble-proposed (Reason: Moved to noble)
Superseded in noble-proposed
libsoup2.4 (2.74.3-6build1) noble; urgency=medium

  * No-change rebuild for CVE-2024-3094

 -- Steve Langasek <email address hidden>  Sun, 31 Mar 2024 02:17:14 +0000
Superseded in noble-release
Deleted in noble-proposed (Reason: Moved to noble)
libsoup2.4 (2.74.3-6) unstable; urgency=medium

  * debian/shlibs.local: Update for binary package rename

 -- Jeremy Bícha <email address hidden>  Thu, 14 Mar 2024 19:14:45 -0400
Superseded in noble-proposed
libsoup2.4 (2.74.3-5build2) noble; urgency=medium

  * No-change rebuild for archive consistency.

 -- Steve Langasek <email address hidden>  Thu, 14 Mar 2024 20:42:58 +0000

Available diffs

Deleted in noble-proposed (Reason: roll back unnecessary rebuild that blocks bootstrap build)
libsoup2.4 (2.74.3-5build1) noble; urgency=medium

  * No-change rebuild against libglib2.0-0t64

 -- Steve Langasek <email address hidden>  Mon, 11 Mar 2024 23:05:37 +0000
Superseded in noble-proposed
libsoup2.4 (2.74.3-5) unstable; urgency=medium

  * Build-depend on dpkg-dev (>= 1.22.5) as safety against backports
  * Release to unstable (Closes: #1062633)

 -- Jeremy Bícha <email address hidden>  Wed, 28 Feb 2024 18:43:05 -0500

Available diffs

Deleted in noble-updates (Reason: superseded by release)
Superseded in noble-release
Deleted in noble-proposed (Reason: Moved to noble)
libsoup2.4 (2.74.3-3) unstable; urgency=medium

  [ Jeremy Bicha ]
  * Don't require php on i386: only used by tests

  [ Simon McVittie ]
  * d/libsoup2.4-doc.lintian-overrides: Remove, no longer needed

 -- Jeremy Bícha <email address hidden>  Mon, 29 Jan 2024 07:27:21 -0500

Available diffs

Superseded in noble-release
Deleted in noble-proposed (Reason: Moved to noble)
libsoup2.4 (2.74.3-2) unstable; urgency=medium

  * Team upload

  [ Amin Bandali ]
  * Update packaging branch to debian/latest

  [ Simon McVittie ]
  * d/control: Stop generating from d/control.in
  * d/control: Explicitly build-depend on required GIR XML
    (Helps: #1030223)
  * d/control: Add ${gir:Depends}, ${gir:Provides} to -dev packages
    (Helps: #1030223)
  * d/control: Use ${gir:Provides} instead of hard-coding
    gir1.2-soupgnome-2.4 Provides
  * Remove version constraints unnecessary since Debian 11
  * Update lintian override info to new format
  * Canonicalize upstream metadata fields: Bug-Database, Bug-Submit
  * Update standards version to 4.6.2 (no changes needed)
  * Move most binary packages to Section: oldlibs.
    This is a deprecated branch of libsoup and has been superseded by
    libsoup3.

 -- Simon McVittie <email address hidden>  Fri, 17 Nov 2023 13:27:26 +0000

Available diffs

Superseded in noble-release
Published in mantic-release
Published in lunar-release
Obsolete in kinetic-release
Deleted in kinetic-proposed (Reason: Moved to kinetic)
libsoup2.4 (2.74.3-1) unstable; urgency=medium

  * New upstream release (LP: #1992504)
  * Drop 3 test patches applied in new release

 -- Jeremy Bicha <email address hidden>  Tue, 11 Oct 2022 15:28:32 -0400

Available diffs

Superseded in kinetic-release
Published in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy)
libsoup2.4 (2.74.2-3) unstable; urgency=medium

  * Team upload
  * Source-only upload to allow testing migration
  * Move to debhelper compat level 13
  * Standards-Version: 4.6.0 (no changes required)
  * Override Lintian errors for RUNPATH in installed-tests.
    These have a private shared library for common code.
  * Override overzealous Lintian hint for documentation outside /usr/share/doc
  * d/p/tests-add-soup_test_build_filename_abs.patch,
    d/p/test-utils-Log-Apache-arguments.patch,
    d/p/test-utils-Save-Apache-server-root-during-initialization.patch:
    Add patches to fix unit test teardown for XMLRPC tests
  * Adjust PHP dependencies.
    php currently has a complicated version number as a result of a
    transition to PHP 8 that was started and then rolled back.
  * d/p/Record-Apache-error-log-for-unit-tests-and-show-it-during.patch:
    Add patch to display Apache error log in test diagnostics
  * d/p/Mark-XMLRPC-tests-as-flaky.patch:
    Add patch to treat tests based on php-xmlrpc as unreliable

 -- Simon McVittie <email address hidden>  Mon, 27 Dec 2021 20:33:29 +0000

Available diffs

Superseded in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy)
libsoup2.4 (2.74.2-2) unstable; urgency=medium

  * Add libsoup2.4-common package for translations

 -- Jeremy Bicha <email address hidden>  Sun, 28 Nov 2021 16:04:43 -0500

Available diffs

Superseded in jammy-proposed
libsoup2.4 (2.74.2-1) unstable; urgency=medium

  * New upstream release
  * Update debian/copyright

 -- Jeremy Bicha <email address hidden>  Sun, 28 Nov 2021 15:57:59 -0500

Available diffs

Superseded in jammy-release
Deleted in jammy-proposed (Reason: Moved to jammy)
libsoup2.4 (2.74.1-1) unstable; urgency=medium

  * New upstream release
  * debian/control.in: Allow building against php8
  * debian/control.in: Add php8 as an alternate dependency to php-xmlrpc

 -- Jeremy Bicha <email address hidden>  Sun, 24 Oct 2021 20:43:30 -0400
Superseded in jammy-proposed
libsoup2.4 (2.74.0-2ubuntu1) jammy; urgency=medium

  * Resynchronize on Debian, remaining change
  * debian/control.in: updated tests depends for the php8 transition,
    don't build with php-xmlrpc, it has been deprecated in php8

 -- Sebastien Bacher <email address hidden>  Thu, 21 Oct 2021 15:13:26 +0200
Superseded in jammy-release
Obsolete in impish-release
Deleted in impish-proposed (Reason: Moved to impish)
libsoup2.4 (2.72.0-3ubuntu3) impish; urgency=medium

  * debian/control.in:
    - don't build with php-xmlrpc, it has been deprecated in php8,
      it was used only for tests.

 -- Sebastien Bacher <email address hidden>  Fri, 21 May 2021 11:39:07 +0200
Superseded in impish-proposed
libsoup2.4 (2.72.0-3ubuntu2) impish; urgency=medium

  * Update the build depends for the php transition

 -- Sebastien Bacher <email address hidden>  Mon, 17 May 2021 16:30:43 +0200

Available diffs

Superseded in impish-proposed
libsoup2.4 (2.72.0-3ubuntu1) impish; urgency=medium

  * debian/control.in: updated tests depends for the php8 transition

 -- Sebastien Bacher <email address hidden>  Mon, 17 May 2021 16:17:53 +0200
Superseded in impish-release
Obsolete in hirsute-release
Deleted in hirsute-proposed (Reason: moved to Release)
libsoup2.4 (2.72.0-3) experimental; urgency=medium

  * d/p/tests-connection-test-Update-expected-events-for-GLib-2.6.patch. Fix
    test compatibility with glib 2.67.0

 -- Iain Lane <email address hidden>  Thu, 04 Mar 2021 22:05:29 +0000

Available diffs

Superseded in hirsute-release
Obsolete in groovy-release
Deleted in groovy-proposed (Reason: moved to Release)
libsoup2.4 (2.72.0-2) unstable; urgency=medium

  * Team upload
  * d/p/gitlab_tests_fix.patch:
    Update patch metadata to reflect it being applied upstream
  * Amend 2.71.1-1 changelog entry to reflect that patch fixing tests when
    run against glib-networking >= 2.65.90 (see #970935)
  * d/p/tests-ensure-we-use-an-absolute-path-for-apache-server-ro.patch:
    Add patch from upstream to fix Apache startup in some circumstances.
    This might make d/p/tests-Skip-tests-if-unable-to-start-Apache.patch
    unnecessary, but that patch was for an intermittent failure, so let's
    get more test results before removing it.
  * Release to unstable

 -- Simon McVittie <email address hidden>  Sun, 27 Sep 2020 16:46:52 +0100

Available diffs

Superseded in groovy-release
Deleted in groovy-proposed (Reason: moved to Release)
libsoup2.4 (2.72.0-1) experimental; urgency=medium

  * New upstream release

 -- Sebastien Bacher <email address hidden>  Tue, 15 Sep 2020 13:59:03 +0200

Available diffs

Superseded in groovy-release
Deleted in groovy-proposed (Reason: moved to Release)
libsoup2.4 (2.71.1-1) experimental; urgency=medium

  * New upstream release
  * debian/patches/gitlab_tests_fix.patch:
    - backport an upstream proposed change to fix the tests

 -- Sebastien Bacher <email address hidden>  Thu, 10 Sep 2020 10:27:08 +0200

Available diffs

Superseded in groovy-release
Deleted in groovy-proposed (Reason: moved to Release)
libsoup2.4 (2.71.0-1) experimental; urgency=medium

  [ Simon McVittie ]
  * d/shlibs.local: Generate lockstep dependencies between binary packages.
    Upstream developers are not going to support mixing binary packages
    of different versions from the same source package, and neither should
    we; they all migrate to testing as a unit anyway.
  * Don't override libexecdir to libexec.
    This is the default now.

  [ Sebastien Bacher ]
  * New upstream release
  * debian/libsoup2.4-1.symbols:
    - refreshed the list of sumbols for the new version
  * d/p/test-utils-Clarify-meaning-of-an-environment-variable.patch:
    - removed, the fix is included in the new version

 -- Sebastien Bacher <email address hidden>  Wed, 19 Aug 2020 13:58:53 +0200

Available diffs

Superseded in groovy-release
Published in focal-release
Deleted in focal-proposed (Reason: moved to Release)
libsoup2.4 (2.70.0-1) unstable; urgency=medium

  * Team upload
  * New upstream stable release
  * Merge packaging changes from unstable
  * d/p/test-utils-Clarify-meaning-of-an-environment-variable.patch,
    d/p/tests-Skip-tests-if-unable-to-start-Apache.patch:
    Work around intermittent failure to start Apache for unit tests
  * Upload 2.70.x branch to unstable

 -- Simon McVittie <email address hidden>  Wed, 11 Mar 2020 09:43:38 +0000

Available diffs

Superseded in focal-release
Deleted in focal-proposed (Reason: moved to Release)
libsoup2.4 (2.69.90-1) experimental; urgency=medium

  [ Sebastien Bacher ]
  * debian/test/build:
    - Use the correct compiler for proposed autopkgtest cross-testing
      support

  [ Simon McVittie ]
  * New upstream release
    - Allow introspection in cross builds
    - Fixes to testing infrastructure
    - Require GLib 2.58, for g_canonicalize_filename()
  * Correct list of patches in previous changelog entry.
    d/p/tests-Disable-parallelism-for-XMLRPC-server-tests.patch
    turned out to be unnecessary and was dropped before upload.
  * d/p/xmlrpc-tests-Cope-with-GLib-2.62-TAP-output.patch,
    d/p/tests-Disable-parallelism-for-installed-tests-too.patch:
    Drop, applied upstream

  [ Iain Lane ]
  * New upstream release:
    - Add new API to expose support for same-site cookies
    - Deprecate soup_date_to_timeval()
    - Fix TRACE method not being considered safe and idempotent internally
    - WebSockets: do not start the input source when IO is closing
  * Add new symbols for 2.69.90

 -- Iain Lane <email address hidden>  Wed, 19 Feb 2020 14:04:37 +0000
Superseded in focal-release
Deleted in focal-proposed (Reason: moved to Release)
libsoup2.4 (2.68.2-2build2) focal; urgency=medium

  * Use the correct pkgconfig for cross compilation

 -- Sebastien Bacher <email address hidden>  Tue, 10 Dec 2019 12:27:09 +0100
Superseded in focal-proposed
libsoup2.4 (2.68.2-2build1) focal; urgency=medium

  * Make autopkgtests cross-test-friendly.

 -- Sebastien Bacher <email address hidden>  Tue, 10 Dec 2019 10:13:37 +0100
Superseded in focal-release
Deleted in focal-proposed (Reason: moved to Release)
libsoup2.4 (2.68.2-2) experimental; urgency=medium

  * Team upload
  * Upload to experimental for NEW processing
  * Install automated tests in a new libsoup2.4-tests binary package
  * d/tests/installed-tests: Run those tests
  * d/p/tests-Disable-parallelism-for-XMLRPC-server-tests.patch,
    d/p/tests-Disable-parallelism-for-installed-tests-too.patch:
    Avoid running tests in parallel if they need a specific port number

 -- Simon McVittie <email address hidden>  Wed, 09 Oct 2019 14:50:18 +0100

Available diffs

Superseded in focal-release
Deleted in focal-proposed (Reason: moved to Release)
libsoup2.4 (2.68.2-1) unstable; urgency=medium

  * Team upload
  * d/gbp.conf: Switch branch to debian/unstable.
    We should upload the fix for CVE-2019-17266 to unstable, but
    the debian/master branch already has a version waiting for NEW
    processing.
  * New upstream release (CVE-2019-17266) (Closes: #941912)
  * libsoup-gnome2.4-dev: Explicitly depend on gir1.2-soup-2.4.
    According to the GIR mini-policy, this is required because
    gir1.2-soup-2.4 contains SoupGNOME-2.4.typelib, corresponding to
    SoupGNOME-2.4.gir in libsoup-gnome2.4-dev. This dependency is not in
    fact strictly necessary, because libsoup-gnome2.4-dev depends on
    libsoup2.4-dev which in turn depends on gir1.2-soup-2.4, but Lintian
    doesn't look at recursive dependencies.
  * libsoup2.4-doc.links: Create symlinks to documentation in /usr/share/doc.
    The actual documentation files remain in /usr/share/gtk-doc/html,
    because they are technically a programmatic interface: other libraries
    that depend on libsoup2.4 and use gtk-doc will use that path to fix
    cross-references in their own documentation.
    There are symlinks in both /u/s/d/libsoup2.4-dev (the "main package"
    in Policy §12.3), and /u/s/d/libsoup2.4-doc (the traditional location
    for documentation).
  * libsoup2.4-doc: Add Recommends: libglib2.0-doc, for the cross-references.
    The libsoup2.4 documentation contains many cross-references to GLib,
    GObject and GIO documentation. Add symlinks in /usr/share/doc so that
    those cross-references can be followed, even in browsers that treat
    symlinks like directories for the purposes of resolving relative paths.
  * d/libsoup2.4-doc.doc-base: Use the symlinks in /usr/share/doc.
    This is functionally equivalent to what we already had, but silences
    a Lintian error.
  * Standards-Version: 4.4.1 (no changes required)
  * d/copyright: Update
  * d/p/xmlrpc-tests-Cope-with-GLib-2.62-TAP-output.patch:
    Add proposed patch to fix test failures with GLib 2.62
  * Explicitly build-depend on libapache2-mod-php, PHP 7 and Python 3.
    The script that checks for the required PHP version is written in
    Python 3 and specifically looks for a php7* module. It seems that in
    practice the dependency resolver used on unstable buildds will always
    select libapache2-mod-php anyway, but the resolver used on
    experimental buildds can select the -cgi or -fpm implementations,
    which are not detected, resulting in the necessary files for some of
    the installed-tests not being installed.
  * Add lintian overrides for the binary package names not precisely
    matching the SONAMEs.
    They're close enough to achieve the goal of the mechanically-generated
    naming convention, and changing them now (other than at the time of an
    upstream SONAME bump) seems like more disruption than it's worth.

 -- Simon McVittie <email address hidden>  Wed, 09 Oct 2019 12:23:19 +0100
Obsolete in disco-updates
Obsolete in disco-security
libsoup2.4 (2.66.1-1ubuntu0.1) disco-security; urgency=medium

  * SECURITY UPDATE: heap over-read in soup_ntlm_parse_challenge()
    - debian/patches/CVE-2019-17266.patch: avoid a potential heap buffer
      overflow in v2 authentication in libsoup/soup-auth-ntlm.c.
    - CVE-2019-17266

 -- Marc Deslauriers <email address hidden>  Wed, 09 Oct 2019 10:34:56 -0400
Published in bionic-updates
Published in bionic-security
libsoup2.4 (2.62.1-1ubuntu0.4) bionic-security; urgency=medium

  * SECURITY UPDATE: heap over-read in soup_ntlm_parse_challenge()
    - debian/patches/CVE-2019-17266.patch: avoid a potential heap buffer
      overflow in v2 authentication in libsoup/soup-auth-ntlm.c.
    - CVE-2019-17266

 -- Marc Deslauriers <email address hidden>  Wed, 09 Oct 2019 10:37:09 -0400
Superseded in focal-release
Obsolete in eoan-release
Deleted in eoan-proposed (Reason: moved to Release)
libsoup2.4 (2.68.2-0ubuntu1) eoan; urgency=medium

  * New upstream version

 -- Sebastien Bacher <email address hidden>  Wed, 09 Oct 2019 12:41:32 +0200
Superseded in eoan-release
Deleted in eoan-proposed (Reason: moved to Release)
libsoup2.4 (2.68.1-1) experimental; urgency=medium

  [ Philip Chimento ]
  * debian/control.in: Add build dependency on libnss-myhostname, this
    should provide a way to resolve *.localhost which the HSTS tests depend
    on.
  * debian/patches/disable_buggy_test.patch: Dropped, the test passes now.

  [ Sebastien Bacher ]
  * New upstream release

 -- Sebastien Bacher <email address hidden>  Mon, 16 Sep 2019 15:18:07 +0200
Superseded in eoan-proposed
libsoup2.4 (2.68.0-1) experimental; urgency=medium

  [ Simon McVittie ]
  * Add a superficial autopkgtest for the -dev packages.
    This will detect bugs like #935944 in future.
  * libsoup2.4-dev: Add missing dependency on libbrotli-dev
    (Closes: #935944)

  [ Sebastien Bacher ]
  * New upstream release
  * debian/control.in:
    - libsoup2.4-dev depends also on zlib1g-dev now
  * debian/patches/disable_buggy_test.patch:
    - disabled some buggy tests following upstream's recommendation, at
      least until the next version where they plan to rework or drop those

 -- Sebastien Bacher <email address hidden>  Wed, 11 Sep 2019 12:56:56 +0200
Superseded in eoan-release
Deleted in eoan-proposed (Reason: moved to release)
libsoup2.4 (2.67.92-2ubuntu2) eoan; urgency=medium

  * debian/control.in:
    - the .pc requires brotli and zlib now, add the corresponding depends
      to the -dev, caught by the tracker autopkgtest

 -- Sebastien Bacher <email address hidden>  Mon, 26 Aug 2019 16:00:31 +0300
Superseded in eoan-proposed
libsoup2.4 (2.67.92-2ubuntu1) eoan; urgency=medium

  * debian/patches/disable_buggy_test.patch:
    - disabled some buggy tests following upstream's recommendation, at
      least until the next version where they plan to rework or drop those

 -- Sebastien Bacher <email address hidden>  Mon, 26 Aug 2019 11:14:00 +0300
Superseded in eoan-proposed
libsoup2.4 (2.67.92-2) experimental; urgency=medium

  * debian/rules:
    - set the feature arguments to 'enabled'

 -- Sebastien Bacher <email address hidden>  Wed, 21 Aug 2019 15:46:10 +0200

Available diffs

Superseded in eoan-proposed
libsoup2.4 (2.67.3-1) experimental; urgency=medium

  * debian/watch: Find unstable versions
  * New upstream release
  * debian/rules: Explicilty enable the new brotli support
  * debian/rules: 'doc' is renamed to 'gtk_doc' in meson_options.txt
  * debian/libsoup2.4-1.symbols: Add new symbols introduced w/this release

 -- Iain Lane <email address hidden>  Fri, 19 Jul 2019 11:00:24 +0100
Superseded in bionic-updates
Deleted in bionic-proposed (Reason: moved to -updates)
libsoup2.4 (2.62.1-1ubuntu0.3) bionic; urgency=medium

  * debian/patches/git_ntlmv2_support.patch:
    - update with an extra upstream tweak

Superseded in bionic-proposed
libsoup2.4 (2.62.1-1ubuntu0.2) bionic; urgency=medium

  * debian/patches/git_ntlmv2_support.patch,
    debian/patches/git_ntlmv2_test.patch:
    - include upstream changes for NTLMv2 responses support, that's
      required for evolution-ews to be able to connect some exchange
      servers, also include corresponding code tests
      (lp: #1817537)

 -- Sebastien Bacher <email address hidden>  Tue, 09 Jul 2019 17:00:43 +0200
Superseded in eoan-release
Obsolete in disco-release
Deleted in disco-proposed (Reason: moved to release)
libsoup2.4 (2.66.1-1) experimental; urgency=medium

  * New upstream release
    + Code cleanups
    + Fix random CI failures due to parallel apache tests
    + Meson build system improvements
  * Bump meson BD per upstream

 -- Iain Lane <email address hidden>  Tue, 09 Apr 2019 12:09:51 +0100

Available diffs

Superseded in disco-release
Deleted in disco-proposed (Reason: moved to release)
libsoup2.4 (2.66.0-1) experimental; urgency=medium

  * New upstream release
  * Drop the 2 patches to fix tests: Applied in new release

 -- Jeremy Bicha <email address hidden>  Tue, 12 Mar 2019 06:18:51 -0400

Available diffs

Superseded in disco-release
Deleted in disco-proposed (Reason: moved to release)
libsoup2.4 (2.65.91-2) experimental; urgency=medium

  * Have libsoup2.4-dev depend on libpsl-dev & libsqlite3-dev

 -- Jeremy Bicha <email address hidden>  Sun, 24 Feb 2019 19:19:55 -0500

Available diffs

Superseded in disco-proposed
libsoup2.4 (2.65.91-1) experimental; urgency=medium

  * New upstream development release
  * Build-Depend on dh-sequence-gir and dh-sequence-gnome
  * Cherry-pick 2 patches to fix tests
  * debian/libsoup2.4-1.symbols: Add new symbols

 -- Jeremy Bicha <email address hidden>  Sun, 24 Feb 2019 10:41:21 -0500

Available diffs

Superseded in disco-release
Deleted in disco-proposed (Reason: moved to release)
libsoup2.4 (2.64.2-2) unstable; urgency=medium

  * Restore -Wl,-O1 to our LDFLAGS
  * Bump Standards-Version to 4.3.0

 -- Jeremy Bicha <email address hidden>  Thu, 27 Dec 2018 23:09:24 -0500

Available diffs

Superseded in disco-release
Deleted in disco-proposed (Reason: moved to release)
libsoup2.4 (2.64.2-1) unstable; urgency=medium

  * New upstream release

 -- Sebastien Bacher <email address hidden>  Tue, 13 Nov 2018 17:15:41 +0100

Available diffs

Superseded in disco-release
Deleted in disco-proposed (Reason: moved to release)
libsoup2.4 (2.64.1-3) unstable; urgency=medium

  * Modify skip-tls_interaction-test.patch:
    - Don't run the unreliable test

 -- Jeremy Bicha <email address hidden>  Mon, 08 Oct 2018 11:20:37 -0400

Available diffs

Superseded in disco-release
Obsolete in cosmic-release
Deleted in cosmic-proposed (Reason: moved to release)
libsoup2.4 (2.64.1-1) unstable; urgency=medium

  * New upstream release
  * Drop all patches: applied in new release

 -- Jeremy Bicha <email address hidden>  Tue, 25 Sep 2018 11:20:40 -0400

Available diffs

Superseded in cosmic-release
Deleted in cosmic-proposed (Reason: moved to release)
libsoup2.4 (2.64.0-2) unstable; urgency=medium

  * Cherry-pick 6 commits with meson build fixes

 -- Jeremy Bicha <email address hidden>  Tue, 04 Sep 2018 17:58:53 -0400

Available diffs

Superseded in cosmic-release
Deleted in cosmic-proposed (Reason: moved to release)
libsoup2.4 (2.64.0-1) unstable; urgency=medium

  [ Jeremy Bicha ]
  * New upstream release
  * Build with meson
  * Release to unstable

  [ Iain Lane ]
  * Make the runtime directory with 0700 permissions
  * Use dh_auto_test not $(MAKE), since we're using meson now

 -- Jeremy Bicha <email address hidden>  Tue, 04 Sep 2018 09:33:53 -0400

Available diffs

Superseded in cosmic-release
Deleted in cosmic-proposed (Reason: moved to release)
libsoup2.4 (2.63.92-1) experimental; urgency=medium

  * New upstream version

 -- Sebastien Bacher <email address hidden>  Wed, 29 Aug 2018 12:36:57 +0200

Available diffs

Superseded in cosmic-release
Deleted in cosmic-proposed (Reason: moved to release)
libsoup2.4 (2.63.90-1) experimental; urgency=medium

  * debian/{gbp.conf,control{,.in}}: Update for experimental.
  * New upstream release 2.63.90 (LP: #1786789)
    - Avoid unaligned memory accesses in WebSocket implementation
    - Bail out on cookie-jar calls with empty hostnames
    - Fix crash under soup_socket_new()
    - Fix critical warning in SoupSocket
    - Fix digest authentication with encoded URIs
    - Fixes to GObject-introspection
    - Fixes to the simple-httpd example
    - Fixes to xmlrpc-server test with PHP >= 7.2 and related
    - Many Coverity-found code fixes
    - Set default cookie path for NULL origins
    - Use atomic-refcounting in classes that are not using GObject-refcounting
    - Use base domain to decide if cookies are third-party
    - Use libpsl for the SoupTLD API instead of shipping a copy of the
      public-suffix list
  * debian/control.in:
    - Build-Depend on libpsl-dev per upstream.
    - Rules-Requires-Root: no - we don't need to be root to build/test.
    - Standards-Version → 4.2.0
  * debian/patches: Drop, included from upstream.

 -- Iain Lane <email address hidden>  Fri, 10 Aug 2018 13:29:19 +0100

Available diffs

Superseded in bionic-updates
Superseded in bionic-security
libsoup2.4 (2.62.1-1ubuntu0.1) bionic-security; urgency=medium

  * SECURITY UPDATE: Fail to handle empty hostnames
    - debian/patches/CVE-2018-12910.patch: fix in libsoup/soup-cookie-jar.c.
    - CVE-2018-12910

 -- <email address hidden> (Leonidas S. Barbosa)  Mon, 02 Jul 2018 12:42:47 -0300
Obsolete in artful-updates
Obsolete in artful-security
libsoup2.4 (2.60.1-1ubuntu0.1) artful-security; urgency=medium

  * SECURITY UPDATE: Fail to handle empty hostnames
    - debian/patches/CVE-2018-12910.patch: fix in libsoup/soup-cookie-jar.c.
    - CVE-2018-12910

 -- <email address hidden> (Leonidas S. Barbosa)  Mon, 02 Jul 2018 12:39:13 -0300
Published in xenial-updates
Published in xenial-security
libsoup2.4 (2.52.2-1ubuntu0.3) xenial-security; urgency=medium

  * SECURITY UPDATE: Fail to handle empty hostnames
    - debian/patches/CVE-2018-12910.patch: fix in libsoup/soup-cookie-jar.c.
    - CVE-2018-12910

 -- <email address hidden> (Leonidas S. Barbosa)  Mon, 02 Jul 2018 12:35:26 -0300
Published in trusty-updates
Published in trusty-security
libsoup2.4 (2.44.2-1ubuntu2.3) trusty-security; urgency=medium

  * SECURITY UPDATE: Fail to handle empty hostnames
    - debian/patches/CVE-2018-12910.patch: fix in libsoup/soup-cookie-jar.c.
    - CVE-2018-12910

 -- <email address hidden> (Leonidas S. Barbosa)  Mon, 02 Jul 2018 12:29:22 -0300
Superseded in cosmic-release
Deleted in cosmic-proposed (Reason: moved to release)
libsoup2.4 (2.62.2-2) unstable; urgency=high

  * debian/patches/0001-cookie-jar-bail-if-hostname-is-an-empty-string.patch,
    debian/patches/0002-Add-soup_cookie_jar_get_cookies-with-empty-hostname-.patch:
    Cherry-pick two patches from upstream to fix an out of bounds access in
    the cookie jar (CVE-2018-12910).

 -- Iain Lane <email address hidden>  Thu, 28 Jun 2018 19:57:42 +0100

Available diffs

Superseded in cosmic-release
Deleted in cosmic-proposed (Reason: moved to release)
libsoup2.4 (2.62.2-1) unstable; urgency=medium

  * New upstream release

 -- Jeremy Bicha <email address hidden>  Mon, 07 May 2018 10:59:55 -0400

Available diffs

Superseded in cosmic-release
Published in bionic-release
Deleted in bionic-proposed (Reason: moved to release)
libsoup2.4 (2.62.1-1) unstable; urgency=medium

  * New upstream release
  * Drop cookie-jar-use-base-domain.patch: Applied in new release
  * Bump Standards-Version to 4.1.4

 -- Jeremy Bicha <email address hidden>  Tue, 10 Apr 2018 14:47:57 -0400

Available diffs

Superseded in bionic-release
Deleted in bionic-proposed (Reason: moved to release)
libsoup2.4 (2.62.0-1) unstable; urgency=medium

  * New upstream release
  * Release to unstable
  * Add cookie-jar-use-base-domain.patch:
    - proposed patch to treat cookies from the base domain as first party

 -- Jeremy Bicha <email address hidden>  Mon, 12 Mar 2018 14:31:25 -0400

Available diffs

Superseded in bionic-release
Deleted in bionic-proposed (Reason: moved to release)
libsoup2.4 (2.61.90-1) experimental; urgency=medium

  * New upstream release
  * debian/libsoup2.4-1.symbols: Add new symbols

 -- Jeremy Bicha <email address hidden>  Mon, 05 Feb 2018 12:42:17 -0500

Available diffs

Superseded in bionic-release
Deleted in bionic-proposed (Reason: moved to release)
libsoup2.4 (2.60.3-1) unstable; urgency=medium

  * New upstream release
  * Update Vcs fields for migration to https://salsa.debian.org/

 -- Jeremy Bicha <email address hidden>  Sun, 21 Jan 2018 09:24:30 -0500

Available diffs

Superseded in bionic-release
Deleted in bionic-proposed (Reason: moved to release)
libsoup2.4 (2.60.2-2) unstable; urgency=medium

  [ Simon McVittie ]
  * gir1.2-soup-2.4 Provides gir1.2-soupgnome-2.4, reflecting the fact
    that it contains both Soup-2.4.typelib and SoupGNOME-2.4.typelib.
  * Drop obsolete Provides on gir1.2-soup-gnome-2.4: nothing depends on
    it, and it does not match the naming scheme used in the g-i
    mini-policy.

  [ Jeremy Bicha ]
  * Update Vcs fields for conversion to git
  * Add debian/gbp.conf
  * Bump Standards-Version to 4.1.2
  * Bump debhelper compat to 11

 -- Jeremy Bicha <email address hidden>  Tue, 19 Dec 2017 18:08:22 -0500

Available diffs

Superseded in bionic-release
Deleted in bionic-proposed (Reason: moved to release)
libsoup2.4 (2.60.2-1) unstable; urgency=medium

  * New upstream release

 -- Michael Biebl <email address hidden>  Tue, 31 Oct 2017 23:21:09 +0100

Available diffs

Superseded in bionic-release
Obsolete in artful-release
Deleted in artful-proposed (Reason: moved to release)
libsoup2.4 (2.60.1-1) unstable; urgency=medium

  * New upstream release (LP: #1717216)
  * Bump Standards-Version to 4.1.1

 -- Jeremy Bicha <email address hidden>  Wed, 11 Oct 2017 10:12:43 -0400

Available diffs

Superseded in artful-release
Deleted in artful-proposed (Reason: moved to release)
libsoup2.4 (2.56.1-1) unstable; urgency=high

  * New upstream release.
    + CVE-2017-2885: Fixed a chunked decoding buffer overrun that
      could be exploited against either clients or servers.
      Closes: #871650.

 -- Emilio Pozuelo Monfort <email address hidden>  Thu, 10 Aug 2017 18:29:43 +0200
Superseded in artful-release
Deleted in artful-proposed (Reason: moved to release)
libsoup2.4 (2.56.0-2ubuntu1) artful; urgency=medium

  * SECURITY UPDATE: chunked encoding stack buffer overflow
    - debian/patches/CVE-2017-2885.patch: better boundary checking in
      soup-filter-input-stream.c
    - CVE-2017-2885

 -- Steve Beattie <email address hidden>  Thu, 10 Aug 2017 10:10:12 -0700
Superseded in trusty-updates
Superseded in trusty-security
libsoup2.4 (2.44.2-1ubuntu2.2) trusty-security; urgency=medium

  * SECURITY UPDATE: chunked encoding stack buffer overflow
    - debian/patches/CVE-2017-2885.patch: better boundary checking in
      soup-filter-input-stream.c
    - CVE-2017-2885

 -- Steve Beattie <email address hidden>  Wed, 09 Aug 2017 00:07:21 -0700
Superseded in xenial-updates
Superseded in xenial-security
libsoup2.4 (2.52.2-1ubuntu0.2) xenial-security; urgency=medium

  * SECURITY UPDATE: chunked encoding stack buffer overflow
    - debian/patches/CVE-2017-2885.patch: better boundary checking in
      soup-filter-input-stream.c
    - CVE-2017-2885

 -- Steve Beattie <email address hidden>  Tue, 08 Aug 2017 21:36:58 -0700
175 of 204 results