libsoup2.4_2.74.3-1+deb12u1_source.changes ACCEPTED into proposed-updates
Debian FTP Masters
ftpmaster at ftp-master.debian.org
Sat Dec 21 17:17:09 GMT 2024
Thank you for your contribution to Debian.
Accepted:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 11 Dec 2024 10:52:05 +0800
Source: libsoup2.4
Architecture: source
Version: 2.74.3-1+deb12u1
Distribution: bookworm
Urgency: high
Maintainer: Debian GNOME Maintainers <pkg-gnome-maintainers at lists.alioth.debian.org>
Changed-By: Sean Whitton <spwhitton at spwhitton.name>
Closes: 1088812 1089238 1089240
Changes:
libsoup2.4 (2.74.3-1+deb12u1) bookworm; urgency=high
.
* Backport upstream fixes for
- CVE-2024-52530: HTTP request smuggling with null bytes at the end of
header names (Closes: #1088812)
- CVE-2024-52531: buffer overflow in soup_header_parse_param_list_strict
(Closes: #1089240)
- CVE-2024-52532: infinite loop / potential DoS in reading certain
data from WebSocket clients (Closes: #1089238).
Checksums-Sha1:
ad8a4e23ff73a84e5d6436bc65c8ce7e90711f90 3452 libsoup2.4_2.74.3-1+deb12u1.dsc
43e0dfcd57e8a52f69a01c6d38bfda0ab85a378c 30640 libsoup2.4_2.74.3-1+deb12u1.debian.tar.xz
Checksums-Sha256:
e093290083dfde935215b00758a5e92132118f93b92b513fe3152140675491cd 3452 libsoup2.4_2.74.3-1+deb12u1.dsc
c953dd7b7c4f208305909df0c48bfdb58a134d03a9ef20802981951c939b7b51 30640 libsoup2.4_2.74.3-1+deb12u1.debian.tar.xz
Files:
23b39a83c74e1a8c879353cc820bd766 3452 devel optional libsoup2.4_2.74.3-1+deb12u1.dsc
0e89635a3bcd872e1d69ffecae9998f6 30640 devel optional libsoup2.4_2.74.3-1+deb12u1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEm5FwB64DDjbk/CSLaVt65L8GYkAFAmdZYs8ACgkQaVt65L8G
YkD9sRAAvAX8LUtLW0PbxvL8XPQlO2Xtl/3lY66Nb5/9iyfwZ9Rl5dBP4evm2S9Q
Y019O7ihawCCEGm7SNZMg7fnbc9VauJ2EKMN7sAd25VTf5aQmE65i2YToiNiiJow
hX+3uR1GqPwmyZN3MIby0/CLTYa9MTC4h5KmmOi1k1ujkYQnXmzfvknMUuuKjv8j
02ZWHOs2QdkBOsn+TBW0BhkgMPHsKf+2IAPiRShHJIO5+om5N0+FT/CtXb+pUwj0
s9jPXUlfCOHrcWruOay69Y49PITlxr7EOcqGKj5B2Dq2a++SGOWinciDlz85Ui5o
iTTN18EaIHu84QjERsatH63/swo3IJTXA8yC0ii+9CyfzWQK/51K/myk09XoVry3
Vg6mtpqSz/c0zDiqHHa27ir4/MbHciiTlw6alGRED8k4jnbZz33LhojBR3W69ioj
AHlPHjaknLQ2PrDJkPCQk5MfNP28EOyc4HGdVUdiVwykCR30Hj9OZ1jA2F/zDbDA
LcL/3qQFxFIvB2d7qOekutQFq2rgZgin7xxaFzD/EdW1X3J5UZDS8pbhvNZwOlws
JxvFSR5Fi4Z5+RbbrHfvRo4E/jf0+cPCPMNdsBjG6oUGMMUdbGkgch2BHfYwZRoW
Zgg4X7RwoUgzt2GsBkqN2xPBSOv+czA/QZoPhKj85VovIMJogcs=
=NuFo
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-gnome-maintainers/attachments/20241221/1e51cddc/attachment-0001.sig>
More information about the pkg-gnome-maintainers
mailing list