1. Forum
  2. Usenet
  3. LINUX.DEBIAN.CHANGES.DEVE

  • Accepted libsoup2.4 2.74.3-10 (source) into unstable

    From Debian FTP Masters@21:1/5 to All on Sat Apr 12 22:00:02 2025
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    Format: 1.8
    Date: Sat, 12 Apr 2025 15:15:11 -0400
    Source: libsoup2.4
    Built-For-Profiles: noudeb
    Architecture: source
    Version: 2.74.3-10
    Distribution: unstable
    Urgency: high
    Maintainer: Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org>
    Changed-By: Jeremy BĂ­cha <jbicha@ubuntu.com>
    Closes: 1102208 1102212 1102214 1102215
    Launchpad-Bugs-Fixed: 2107263
    Changes:
    libsoup2.4 (2.74.3-10) unstable; urgency=high
    .
    [ Fabian Toepfer ]
    * SECURITY UPDATE: out-of-bounds read
    - debian/patches/CVE-2025-2784-1.patch: Fix potential overflow
    - debian/patches/CVE-2025-2784-2.patch: Add better coverage of
    skip_insignificant_space()
    - CVE-2025-2784 (Closes: #1102208) (LP: #2107263)
    * SECURITY UPDATE: out-of-bounds read
    - debian/patches/CVE-2025-32050.patch: Fix using int instead of
    size_t for strcspn return
    - CVE-2025-32050 (Closes: #1102212)
    * SECURITY UPDATE: out-of-bounds read
    - debian/patches/CVE-2025-32052.patch: Fix heap buffer overflow in
    soup_content_sniffer_sniff
    - CVE-2025-32052 (Closes: #1102214)
    * SECURITY UPDATE: out-of-bounds read
    - debian/patches/CVE-2025-32053.patch: Fix heap buffer overflow in
    sniff_feed_or_html()
    - CVE-2025-32053 (Closes: #1102215)
    Checksums-Sha1:
    4fde94ca1ee2d946606b1dfd6fdadd83afa065be 3374 libsoup2.4_2.74.3-10.dsc
    dcfc60c75ea2a0b51c2c1347663f2a29b398b586 34944 libsoup2.4_2.74.3-10.debian.tar.xz
    f3b3aa08e65fba5881b936999c9adf081e9a5539 13992 libsoup2.4_2.74.3-10_source.buildinfo
    Checksums-Sha256:
    623d6be3bdfc1d0b974fc0121d49118ff61cd95ff8e8304803b20a4bcab609f9 3374 libsoup2.4_2.74.3-10.dsc
    88050934e7943dea52820b1f6d904e1a96e31db48cf6899f4d6d413ad61163bd 34944 libsoup2.4_2.74.3-10.debian.tar.xz
    21c005f10a00295f7934b8d887dc7d9e9729f35f6b93c2eb27751c8b98e40097 13992 libsoup2.4_2.74.3-10_source.buildinfo
    Files:
    15d2998630b888ed2e9a05580243ab0b 3374 oldlibs optional libsoup2.4_2.74.3-10.dsc
    b4edea6b706ec3e5380cd392785ab511 34944 oldlibs optional libsoup2.4_2.74.3-10.debian.tar.xz
    0e6447ea5ce4a1057e784e68d73e5803 13992 oldlibs optional libsoup2.4_2.74.3-10_source.buildinfo

    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEETQvhLw5HdtiqzpaW5mx3Wuv+bH0FAmf6vX8ACgkQ5mx3Wuv+ bH2yTg//WJY28kQDX2DQg7E3/TCKjf6unraYQ5neawPBNunzl1vvxSkH2WRr9pOF cycQK6tZPnLcbM1I9aWPVcIRBYGJJf0/Qfc4uriM400UC9oESuGNEQ+LVZ21BLx3 8wobKydBBEB7X/P/MqPxqqSYzeTtd7JWLyA9tqSohnVkqAeEbCvUa2clUK+E/9I1 CvTV6ZXBTe721ADQgCsXArUrWzSxJPvWquIiz0L8d8tYVn0NkBfnZT2UozK8BMdi 7tzasUGkL3FALXhzQon11hq3YJ//pmCVpU4bQVXcYxZn9b9VJAo+Crt67oYlA5xe Y3WsgWQiD4YQ8zggWwYHnZpDiEjjxIr/VZE305fxlMfjECWysVBGMPDlOb/S8yaM xmdV++dwarZw88QnfdXKR6G9yMbq5yjQrAv9PGkryOeXL5NrrKrdnI5x8Oj2mU9x m5kxQZWy/8n02HnOM4tj/vAqbk5UiC9qETBYp7PomlQc8S/dbZeOuSZnB7wjPb3v CBUTwbK9Lsn5yc0e9Uw4BVvh1r+DP7ZNXkiYgZpHhDQ2/zaFMuP88fbajkJq2RJI joHOI0dv03XvevxS09FdnhA+h55HCBXYooyzbYO05uTsk4GB1Yq9h2DzhR9KuzQe MflEXJ/8Ce7J+1szj5A7nVyj+k7sYNlmWQZu3rOJTvR+VZD+IZA=
    =HKru
    -----END PGP SIGNATURE-----


    --==============Y44343038961172330=Content-Type: application/pgp-signature

    -----BEGIN PGP SIGNATURE-----

    iHUEABYIAB0WIQTziqJOuF8J+ZI8pJSb9qggYcy5IQUCZ/rEIQAKCRCb9qggYcy5 IcsgAP0Q+jJ52n8dWaerxAjnqnKJ8iH+hJxXvydhNyJfr+EH7QD+Pa4qekasNa3c rxZPSk6CQVYLp7+ZTH/UQrALiQ7LKgk=+MIy
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)