libsoup2.4 2.74.3-7ubuntu0.3 source package in Ubuntu
Changelog
libsoup2.4 (2.74.3-7ubuntu0.3) oracular-security; urgency=medium
* SECURITY UPDATE: Out of bound read.
- debian/patches/CVE-2025-32906-*.patch: Add out of bound checks in
soup_headers_parse_request in ./libsoup/soup-headers.c.
- debian/patches/CVE-2025-32914.patch: Replace strstr operation with
g_strstr_len in ./libsoup/soup-multipart.c.
- CVE-2025-32906
- CVE-2025-32914
* SECURITY UPDATE: Null pointer dereference.
- debian/patches/CVE-2025-32909.patch: Add resource size check in
./libsoup/soup-content-sniffer.c.
- debian/patches/CVE-2025-32910-32912-*.patch: Add checks for missing realm
and nonce, and fix memory leak in ./libsoup/soup-auth-digest.c.
- debian/patches/CVE-2025-32912.patch: Add additional checks for nonce in
./libsoup/soup-auth-digest.c.
- CVE-2025-32909
- CVE-2025-32910
- CVE-2025-32912
* SECURITY UPDATE: Memory corruption.
- debian/patches/CVE-2025-32911-32913-*.patch: Add checks for empty
filename in ./libsoup/soup-message-headers.c.
- CVE-2025-32911
- CVE-2025-32913
* SECURITY UPDATE: Memory leak.
- debian/patches/CVE-2025-46420.patch: Free allocated strings during
iteration in ./libsoup/soup-headers.c.
- CVE-2025-46420
* SECURITY UPDATE: Information exposure through host impersonation.
- debian/patches/CVE-2025-46421.patch: Strip credentials on cross-origin
redirects in ./libsoup/soup-session.c.
- CVE-2025-46421
* debian/patches/Extend-test-cert-to-2049.patch: Extend expiration to 2049 of
a certificate used for build tests.
-- Hlib Korzhynskyy <email address hidden> Fri, 02 May 2025 16:35:11 -0230
Upload details
- Uploaded by:
- Hlib Korzhynskyy
- Uploaded to:
- Oracular
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- oldlibs
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| libsoup2.4_2.74.3.orig.tar.xz | 1.4 MiB | e4b77c41cfc4c8c5a035fcdc320c7bc6cfb75ef7c5a034153df1413fa1d92f13 |
| libsoup2.4_2.74.3-7ubuntu0.3.debian.tar.xz | 38.1 KiB | 6a57929f007aea19a0cedbbf4258da276e86fc21632f9dd45058aa0a8103235f |
| libsoup2.4_2.74.3-7ubuntu0.3.dsc | 3.4 KiB | 1350772ee2e939d81be99a54a8c1a35f2a912b5d23608efc5ef3921adae72218 |
Available diffs
Binary packages built by this source
- gir1.2-soup-2.4: No summary available for gir1.2-soup-2.4 in ubuntu oracular.
No description available for gir1.2-soup-2.4 in ubuntu oracular.
- libsoup-2.4-1: No summary available for libsoup-2.4-1 in ubuntu oracular.
No description available for libsoup-2.4-1 in ubuntu oracular.
- libsoup-2.4-1-dbgsym: No summary available for libsoup-2.4-1-dbgsym in ubuntu oracular.
No description available for libsoup-
2.4-1-dbgsym in ubuntu oracular.
- libsoup-gnome-2.4-1: No summary available for libsoup-gnome-2.4-1 in ubuntu oracular.
No description available for libsoup-gnome-2.4-1 in ubuntu oracular.
- libsoup-gnome-2.4-1-dbgsym: No summary available for libsoup-gnome-2.4-1-dbgsym in ubuntu oracular.
No description available for libsoup-
gnome-2. 4-1-dbgsym in ubuntu oracular.
- libsoup-gnome2.4-dev: No summary available for libsoup-gnome2.4-dev in ubuntu oracular.
No description available for libsoup-
gnome2. 4-dev in ubuntu oracular.
- libsoup2.4-common: No summary available for libsoup2.4-common in ubuntu oracular.
No description available for libsoup2.4-common in ubuntu oracular.
- libsoup2.4-dev: No summary available for libsoup2.4-dev in ubuntu oracular.
No description available for libsoup2.4-dev in ubuntu oracular.
- libsoup2.4-doc: No summary available for libsoup2.4-doc in ubuntu oracular.
No description available for libsoup2.4-doc in ubuntu oracular.
- libsoup2.4-tests: No summary available for libsoup2.4-tests in ubuntu oracular.
No description available for libsoup2.4-tests in ubuntu oracular.
- libsoup2.4-tests-dbgsym: No summary available for libsoup2.4-tests-dbgsym in ubuntu oracular.
No description available for libsoup2.
4-tests- dbgsym in ubuntu oracular.
