[Git][security-tracker-team/security-tracker][master] Add two more libsoup issues (CVE-2025-32913 and CVE-2025-32914)

Mon Apr 14 22:01:48 BST 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
24b218cb by Salvatore Bonaccorso at 2025-04-14T23:01:14+02:00
Add two more libsoup issues (CVE-2025-32913 and CVE-2025-32914)

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -43,9 +43,15 @@ CVE-2025-32931 (DevDojo Voyager 1.4.0 through 1.8.0, when Laravel 8 or later is
 CVE-2025-32930
 	REJECTED
 CVE-2025-32914 (A flaw was found in libsoup, where the soup_multipart_new_from_message ...)
-	TODO: check
+	- libsoup3 <unfixed>
+	- libsoup2.4 <unfixed>
+	NOTE: https://gitlab.gnome.org/GNOME/libsoup/-/issues/436
 CVE-2025-32913 (A flaw was found in libsoup, where the soup_message_headers_get_conten ...)
-	TODO: check
+	- libsoup3 3.6.4-1
+	- libsoup2.4 <unfixed>
+	NOTE: https://gitlab.gnome.org/GNOME/libsoup/-/issues/435
+	NOTE: https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/422
+	NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libsoup/-/commit/f4a761fb66512fff59798765e8ac5b9e57dceef0 (3.6.2)
 CVE-2025-32912 (A flaw was found in libsoup, where SoupAuthDigest is vulnerable to a N ...)
 	TODO: check
 CVE-2025-32910 (A flaw was found in libsoup, where soup_auth_digest_authenticate() is  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/24b218cb46c9524720169726ce2333d004c5bb12

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/24b218cb46c9524720169726ce2333d004c5bb12
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250414/fa9fb36a/attachment.htm>
