libsoup3_3.6.5-5_source.changes ACCEPTED into unstable
Debian FTP Masters
ftpmaster at ftp-master.debian.org
Fri Nov 21 21:50:04 GMT 2025
Thank you for your contribution to Debian.
Accepted:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 21 Nov 2025 16:36:49 -0500
Source: libsoup3
Built-For-Profiles: noudeb
Architecture: source
Version: 3.6.5-5
Distribution: unstable
Urgency: high
Maintainer: Debian GNOME Maintainers <pkg-gnome-maintainers at lists.alioth.debian.org>
Changed-By: Jeremy Bícha <jbicha at ubuntu.com>
Closes: 1116469
Changes:
libsoup3 (3.6.5-5) unstable; urgency=high
.
* SECURITY UPDATE: Out of bounds read
- CVE-2025-11021-1.patch, CVE-2025-11021-2.patch:
Cherry-pick upstream patches to fix out-of-bounds read in
libsoup/cookies/soup-cookie.c via soup_date_time_to_string()
- CVE-2025-11021 (Closes: #1116469)
Checksums-Sha1:
5f3c52c4251fb7c23e41877540404c5afbf710a6 3024 libsoup3_3.6.5-5.dsc
bd896214ecc41fe1ec39378516a9a17513bd0e03 41836 libsoup3_3.6.5-5.debian.tar.xz
815a3e239f417266b8579cd127df90e346b85838 14120 libsoup3_3.6.5-5_source.buildinfo
Checksums-Sha256:
e364e8fec7ad79d6e2efc85e97d233c6463e117d690d85107d53e932c3e2fbf5 3024 libsoup3_3.6.5-5.dsc
4ba57679c88e1d12dbfae934a97bfa5e29059292fc1fa49b3327f23b0f274396 41836 libsoup3_3.6.5-5.debian.tar.xz
e469a57ed30aa17ac1707283c2a8a91aa9c4822198f5e3071f9ee3992ca51bf6 14120 libsoup3_3.6.5-5_source.buildinfo
Files:
7d70401b1815a31ce9420174e4a22fae 3024 devel optional libsoup3_3.6.5-5.dsc
a18a53e0d48feeb6739622bbd23d49e4 41836 devel optional libsoup3_3.6.5-5.debian.tar.xz
6016aa85c7cc7f1dbca0d3ca2aa2057f 14120 devel optional libsoup3_3.6.5-5_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEETQvhLw5HdtiqzpaW5mx3Wuv+bH0FAmkg3GUACgkQ5mx3Wuv+
bH27Qg//aH8KxJJGHymKnnCHRCkQnjGoG4LPjylWmNdJ5ji2KjhHY+ORIBwj59q1
blLqr5VhSY2Bp3+Et4pYBq+azFppbLbP3OrPTzFDL7+qcQSkwbnjzm5AtvSOWBui
1SVtp6mO3Nb5KxL+AJleNy/TxGrABoEot7qVqpJZuoaROlMYo1UqtVSchHcPf0U6
OE14+pVGW2ncSScokG2bOQNPT5ABVUYPBFlNX8SPrEkrNcyv6lBa/u8nBCoZovPV
NHNSTu139iTlSk0awD7Zycs2beoFCwJluuJYCRua3115TREbXZSWAhiEasATr/hB
TDy5f6tfdXN+CQK4+RXCRPYi1OSK1UTXHvDV+DT2QQKY9uG9UGHifE+Lepi4fMU+
pvJk0Q2zIod3Wn+KM5ZO8H+47gErHDB1sJDNEMSJiDF3a7c3Hc5t8sVpRqUeH21N
PCzNzaq+qMEnvCtWk7ccGWj1ch4BP9Q8OQ0gJ2ZoOxS5eXR5Q2vQXkK8b8evIbeC
CPVtq7mfDR/DYX6LNj77UDH9tz56yj1IGi71W+KxXZi6bWs/AtYmueE+NsOqtdU3
w3bt+ZhnGQu4OCkuJIm3IxKXrTqwhDzq45w7j836Mr8xwWYuNxtZthRNyGSef2zM
CLkClwlMy2lPhcaQtlB6sOFQorWQoghLWJSBjVeKAYLAQ5xZJHE=
=npd2
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-gnome-maintainers/attachments/20251121/ec5773e4/attachment.sig>
More information about the pkg-gnome-maintainers
mailing list