Bug#1109147: libsoup3 3.2.3-0+deb12u1 flagged for acceptance

To: 1109147@bugs.debian.org
Cc: 1109147-submitter@bugs.debian.org
Subject: Bug#1109147: libsoup3 3.2.3-0+deb12u1 flagged for acceptance
From: Adam D Barratt <adam@adam-barratt.org.uk>
Date: Fri, 22 Aug 2025 14:07:59 +0000
Message-id: <[🔎] E1upSQx-00CFCY-2U@coccia.debian.org>
Reply-to: Adam D Barratt <adam@adam-barratt.org.uk>, 1109147@bugs.debian.org
References: <aHJw1PBkAe2yFgbh@remnant.pseudorandom.co.uk>

package release.debian.org
tags 1109147 = bookworm pending
thanks

Hi,

The upload referenced by this bug report has been flagged for acceptance into the proposed-updates queue for Debian bookworm.

Thanks for your contribution!

Upload details
==============

Package: libsoup3
Version: 3.2.3-0+deb12u1

Explanation: new upstream bug-fix release; fix buffer overrrun issue [CVE-2024-52531]; fix denial of service issues [CVE-2024-52532 CVE-2025-32051]; fix heap overflow issues [CVE-2025-32052 CVE-2025-32053]; fix integer overflow issue [CVE-2025-32050]; fix heap buffer overflow issues [CVE-2025-2784]; reject HTTP headers if they contain NUL bytes [CVE-2024-52530]; fix denial of service issues [CVE-2025-32909 CVE-2025-32910 CVE-2025-46420 CVE-2025-32912 CVE-2025-32906]; fix memory management issues [CVE-2025-32911 CVE-2025-32913]; fix credential disclosure issue [CVE-2025-46421]; fix use-after-free during disconnection, which can cause GNOME Calculator to hang at startup

Reply to:

Follow-Ups:
- Processed: libsoup3 3.2.3-0+deb12u1 flagged for acceptance
  - From: "Debian Bug Tracking System" <owner@bugs.debian.org>

Prev by Date: Processed: node-tmp 0.2.2+dfsg+~0.2.3-1.1~deb13u1 flagged for acceptance
Next by Date: Bug#1105009: erlang 25.2.3+dfsg-1+deb12u2 flagged for acceptance
Previous by thread: Processed: trixie-pu: package puppet-module-tempest/25.0.0-1
Next by thread: Processed: libsoup3 3.2.3-0+deb12u1 flagged for acceptance
Index(es):
- Date
- Thread