Accepted libsoup2.4 2.74.3-10 (source) into unstable

To: debian-devel-changes@lists.debian.org
Subject: Accepted libsoup2.4 2.74.3-10 (source) into unstable
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Sat, 12 Apr 2025 19:50:57 +0000
Message-id: <[🔎] E1u3gsT-00Bckq-V7@fasolo.debian.org>
Mail-followup-to: debian-devel@lists.debian.org
Reply-to: debian-devel@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 12 Apr 2025 15:15:11 -0400
Source: libsoup2.4
Built-For-Profiles: noudeb
Architecture: source
Version: 2.74.3-10
Distribution: unstable
Urgency: high
Maintainer: Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org>
Changed-By: Jeremy Bícha <jbicha@ubuntu.com>
Closes: 1102208 1102212 1102214 1102215
Launchpad-Bugs-Fixed: 2107263
Changes:
 libsoup2.4 (2.74.3-10) unstable; urgency=high
 .
   [ Fabian Toepfer ]
   * SECURITY UPDATE: out-of-bounds read
     - debian/patches/CVE-2025-2784-1.patch: Fix potential overflow
     - debian/patches/CVE-2025-2784-2.patch: Add better coverage of
       skip_insignificant_space()
     - CVE-2025-2784 (Closes: #1102208) (LP: #2107263)
   * SECURITY UPDATE: out-of-bounds read
     - debian/patches/CVE-2025-32050.patch: Fix using int instead of
       size_t for strcspn return
     - CVE-2025-32050 (Closes: #1102212)
   * SECURITY UPDATE: out-of-bounds read
     - debian/patches/CVE-2025-32052.patch: Fix heap buffer overflow in
       soup_content_sniffer_sniff
     - CVE-2025-32052 (Closes: #1102214)
   * SECURITY UPDATE: out-of-bounds read
     - debian/patches/CVE-2025-32053.patch: Fix heap buffer overflow in
       sniff_feed_or_html()
     - CVE-2025-32053 (Closes: #1102215)
Checksums-Sha1:
 4fde94ca1ee2d946606b1dfd6fdadd83afa065be 3374 libsoup2.4_2.74.3-10.dsc
 dcfc60c75ea2a0b51c2c1347663f2a29b398b586 34944 libsoup2.4_2.74.3-10.debian.tar.xz
 f3b3aa08e65fba5881b936999c9adf081e9a5539 13992 libsoup2.4_2.74.3-10_source.buildinfo
Checksums-Sha256:
 623d6be3bdfc1d0b974fc0121d49118ff61cd95ff8e8304803b20a4bcab609f9 3374 libsoup2.4_2.74.3-10.dsc
 88050934e7943dea52820b1f6d904e1a96e31db48cf6899f4d6d413ad61163bd 34944 libsoup2.4_2.74.3-10.debian.tar.xz
 21c005f10a00295f7934b8d887dc7d9e9729f35f6b93c2eb27751c8b98e40097 13992 libsoup2.4_2.74.3-10_source.buildinfo
Files:
 15d2998630b888ed2e9a05580243ab0b 3374 oldlibs optional libsoup2.4_2.74.3-10.dsc
 b4edea6b706ec3e5380cd392785ab511 34944 oldlibs optional libsoup2.4_2.74.3-10.debian.tar.xz
 0e6447ea5ce4a1057e784e68d73e5803 13992 oldlibs optional libsoup2.4_2.74.3-10_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEETQvhLw5HdtiqzpaW5mx3Wuv+bH0FAmf6vX8ACgkQ5mx3Wuv+
bH2yTg//WJY28kQDX2DQg7E3/TCKjf6unraYQ5neawPBNunzl1vvxSkH2WRr9pOF
cycQK6tZPnLcbM1I9aWPVcIRBYGJJf0/Qfc4uriM400UC9oESuGNEQ+LVZ21BLx3
8wobKydBBEB7X/P/MqPxqqSYzeTtd7JWLyA9tqSohnVkqAeEbCvUa2clUK+E/9I1
CvTV6ZXBTe721ADQgCsXArUrWzSxJPvWquIiz0L8d8tYVn0NkBfnZT2UozK8BMdi
7tzasUGkL3FALXhzQon11hq3YJ//pmCVpU4bQVXcYxZn9b9VJAo+Crt67oYlA5xe
Y3WsgWQiD4YQ8zggWwYHnZpDiEjjxIr/VZE305fxlMfjECWysVBGMPDlOb/S8yaM
xmdV++dwarZw88QnfdXKR6G9yMbq5yjQrAv9PGkryOeXL5NrrKrdnI5x8Oj2mU9x
m5kxQZWy/8n02HnOM4tj/vAqbk5UiC9qETBYp7PomlQc8S/dbZeOuSZnB7wjPb3v
CBUTwbK9Lsn5yc0e9Uw4BVvh1r+DP7ZNXkiYgZpHhDQ2/zaFMuP88fbajkJq2RJI
joHOI0dv03XvevxS09FdnhA+h55HCBXYooyzbYO05uTsk4GB1Yq9h2DzhR9KuzQe
MflEXJ/8Ce7J+1szj5A7nVyj+k7sYNlmWQZu3rOJTvR+VZD+IZA=
=HKru
-----END PGP SIGNATURE-----

Attachment: pgpnvwbQXTScP.pgp
Description: PGP signature

Reply to:

Prev by Date: Accepted kontrast 25.03.90-1 (source) into unstable
Next by Date: Accepted kio-gdrive 24.12.3-1 (source) into unstable
Previous by thread: Accepted kontrast 25.03.90-1 (source) into unstable
Next by thread: Accepted kio-gdrive 24.12.3-1 (source) into unstable
Index(es):
- Date
- Thread