[Git][security-tracker-team/security-tracker][master] Add CVE-2026-6324/libsoup

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6d29684a by Salvatore Bonaccorso at 2026-05-29T15:00:45+02:00
Add CVE-2026-6324/libsoup

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -433,7 +433,11 @@ CVE-2026-6891 (Improper handling of symbolic links in the installer of My Image
 CVE-2026-6816 (An access bypass vulnerability in Drupal TFA Basic Plugins allows user ...)
 	NOT-FOR-US: Drupal core and addons
 CVE-2026-6324 (A flaw was found in libsoup. A remote attacker could exploit an unsign ...)
-	TODO: check
+	- libsoup3 <unfixed>
+	- libsoup2.4 <removed>
+	NOTE: https://gitlab.gnome.org/GNOME/libsoup/-/issues/508
+	NOTE: https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/517
+	NOTE: https://gitlab.gnome.org/GNOME/libsoup/-/commit/96ac392b444d01bd5de1d1276b187c3ed49d048c (3.7.1)
 CVE-2026-6275 (The StatCounter \u2013 Free Real Time Visitor Stats plugin for WordPre ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2026-5343 (Improper Check for Unusual or Exceptional Conditions vulnerability in  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6d29684a200559a50bdf5883f27299a5f20b3ea8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6d29684a200559a50bdf5883f27299a5f20b3ea8
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260529/bdd95943/attachment-0001.htm>