[Git][security-tracker-team/security-tracker][master] Track fixed version for libsoup2.4 via unstable

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat May 3 12:22:28 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3734aa15 by Salvatore Bonaccorso at 2025-05-03T13:22:03+02:00
Track fixed version for libsoup2.4 via unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3168,7 +3168,7 @@ CVE-2025-46421 (A flaw was found in libsoup. When libsoup clients encounter an H
 	NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libsoup/-/commit/3e5c26415811f19e7737238bb23305ffaf96f66b (3.6.5)
 CVE-2025-46420 (A flaw was found in libsoup. It is vulnerable to memory leaks in the s ...)
 	- libsoup3 3.6.4-1
-	- libsoup2.4 <unfixed> (bug #1104055)
+	- libsoup2.4 2.74.3-10.1 (bug #1104055)
 	NOTE: https://gitlab.gnome.org/GNOME/libsoup/-/issues/438
 	NOTE: https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/421
 	NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libsoup/-/commit/c9083869ec2a3037e6df4bd86b45c419ba295f8e (3.6.2)
@@ -6704,21 +6704,21 @@ CVE-2025-32930
 CVE-2025-32914 (A flaw was found in libsoup, where the soup_multipart_new_from_message ...)
 	{DLA-4140-1}
 	- libsoup3 <unfixed> (bug #1103267)
-	- libsoup2.4 <unfixed> (bug #1103512)
+	- libsoup2.4 2.74.3-10.1 (bug #1103512)
 	NOTE: https://gitlab.gnome.org/GNOME/libsoup/-/issues/436
 	NOTE: https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/450
 	NOTE: https://gitlab.gnome.org/GNOME/libsoup/-/commit/5bfcf8157597f2d327050114fb37ff600004dbcf
 CVE-2025-32913 (A flaw was found in libsoup, where the soup_message_headers_get_conten ...)
 	{DLA-4140-1}
 	- libsoup3 3.6.4-1
-	- libsoup2.4 <unfixed> (bug #1103515)
+	- libsoup2.4 2.74.3-10.1 (bug #1103515)
 	NOTE: https://gitlab.gnome.org/GNOME/libsoup/-/issues/435
 	NOTE: https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/422
 	NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libsoup/-/commit/f4a761fb66512fff59798765e8ac5b9e57dceef0 (3.6.2)
 CVE-2025-32912 (A flaw was found in libsoup, where SoupAuthDigest is vulnerable to a N ...)
 	{DLA-4140-1}
 	- libsoup3 3.6.5-1
-	- libsoup2.4 <unfixed> (bug #1103516)
+	- libsoup2.4 2.74.3-10.1 (bug #1103516)
 	NOTE: https://gitlab.gnome.org/GNOME/libsoup/-/issues/434
 	NOTE: https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/417
 	NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libsoup/-/commit/ea16eeacb052e423eb5c3b0b705e5eab34b13832 (3.6.2)
@@ -6728,21 +6728,21 @@ CVE-2025-32912 (A flaw was found in libsoup, where SoupAuthDigest is vulnerable
 CVE-2025-32911 (A use-after-free type vulnerability was found in libsoup, in the soup_ ...)
 	{DLA-4140-1}
 	- libsoup3 3.6.4-1
-	- libsoup2.4 <unfixed> (bug #1103515)
+	- libsoup2.4 2.74.3-10.1 (bug #1103515)
 	NOTE: https://gitlab.gnome.org/GNOME/libsoup/-/issues/433
 	NOTE: https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/422
 	NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libsoup/-/commit/f4a761fb66512fff59798765e8ac5b9e57dceef0 (3.6.2)
 CVE-2025-32910 (A flaw was found in libsoup, where soup_auth_digest_authenticate() is  ...)
 	{DLA-4140-1}
 	- libsoup3 3.6.4-1
-	- libsoup2.4 <unfixed> (bug #1103516)
+	- libsoup2.4 2.74.3-10.1 (bug #1103516)
 	NOTE: https://gitlab.gnome.org/GNOME/libsoup/-/issues/432
 	NOTE: https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/417
 	NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libsoup/-/commit/ea16eeacb052e423eb5c3b0b705e5eab34b13832 (3.6.2)
 CVE-2025-32909 (A flaw was found in libsoup. SoupContentSniffer may be vulnerable to a ...)
 	{DLA-4140-1}
 	- libsoup3 3.6.4-1
-	- libsoup2.4 <unfixed> (bug #1103517)
+	- libsoup2.4 2.74.3-10.1 (bug #1103517)
 	NOTE: https://gitlab.gnome.org/GNOME/libsoup/-/issues/431
 	NOTE: Fixed by: https://gitlab.gnome.org/GNOME/libsoup/-/commit/ba4c3a6f988beff59e45801ab36067293d24ce92 (3.6.2)
 CVE-2025-32908 (A flaw was found in libsoup. The HTTP/2 server in libsoup may not full ...)
@@ -6761,7 +6761,7 @@ CVE-2025-32907 (A flaw was found in libsoup. The implementation of HTTP range re
 CVE-2025-32906 (A flaw was found in libsoup, where the soup_headers_parse_request() fu ...)
 	{DLA-4140-1}
 	- libsoup3 3.6.5-1
-	- libsoup2.4 <unfixed> (bug #1103521)
+	- libsoup2.4 2.74.3-10.1 (bug #1103521)
 	NOTE: https://gitlab.gnome.org/GNOME/libsoup/-/issues/404
 	NOTE: Same underlying issue as https://gitlab.gnome.org/GNOME/libsoup/-/issues/407
 	NOTE: https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/440



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3734aa152a65d02b7aaa28b319390791a76642a9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3734aa152a65d02b7aaa28b319390791a76642a9
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250503/85972481/attachment.htm>

More information about the debian-security-tracker-commits mailing list