Publishing details
Changelog
libsoup3 (3.4.4-5ubuntu0.1) noble-security; urgency=medium
* SECURITY UPDATE: Request smuggling
- debian/patches/CVE-2024-52530.patch: Strictly don't allow NUL
bytes in headers
- CVE-2024-52530
* SECURITY UPDATE: Buffer overflow
- debian/patches/CVE-2024-52531-1.patch: Be more robust against
invalid input when parsing params
- debian/patches/CVE-2024-52531-2.patch: Add test for passing
invalid UTF-8 to soup_header_parse_semi_param_list()
- CVE-2024-52531
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2024-52532-1.patch: process the frame as soon
as data is read
- debian/patches/CVE-2024-52532-2.patch: disconnect error copy
after the test ends
- CVE-2024-52532
-- Bruce Cable <email address hidden> Mon, 18 Nov 2024 15:21:40 +1100
Builds
Built packages
-
gir1.2-soup-3.0
GObject introspection data for the libsoup HTTP library
-
libsoup-3.0-0
HTTP library implementation in C -- Shared library
-
libsoup-3.0-0-dbgsym
debug symbols for libsoup-3.0-0
-
libsoup-3.0-common
HTTP library implementation in C -- Common files
-
libsoup-3.0-dev
HTTP library implementation in C -- Development files
-
libsoup-3.0-doc
HTTP library implementation in C -- API Reference
-
libsoup-3.0-tests
HTTP library implementation in C -- installed tests
-
libsoup-3.0-tests-dbgsym
debug symbols for libsoup-3.0-tests
Package files