1. Forum
  2. Usenet
  3. LINUX.DEBIAN.CHANGES

  • Accepted libsoup2.4 2.74.3-1+deb12u1 (source) into proposed-updates

    From Debian FTP Masters@21:1/5 to All on Sat Dec 21 18:20:02 2024
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    Format: 1.8
    Date: Wed, 11 Dec 2024 10:52:05 +0800
    Source: libsoup2.4
    Architecture: source
    Version: 2.74.3-1+deb12u1
    Distribution: bookworm
    Urgency: high
    Maintainer: Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org>
    Changed-By: Sean Whitton <spwhitton@spwhitton.name>
    Closes: 1088812 1089238 1089240
    Changes:
    libsoup2.4 (2.74.3-1+deb12u1) bookworm; urgency=high
    .
    * Backport upstream fixes for
    - CVE-2024-52530: HTTP request smuggling with null bytes at the end of
    header names (Closes: #1088812)
    - CVE-2024-52531: buffer overflow in soup_header_parse_param_list_strict
    (Closes: #1089240)
    - CVE-2024-52532: infinite loop / potential DoS in reading certain
    data from WebSocket clients (Closes: #1089238).
    Checksums-Sha1:
    ad8a4e23ff73a84e5d6436bc65c8ce7e90711f90 3452 libsoup2.4_2.74.3-1+deb12u1.dsc
    43e0dfcd57e8a52f69a01c6d38bfda0ab85a378c 30640 libsoup2.4_2.74.3-1+deb12u1.debian.tar.xz
    Checksums-Sha256:
    e093290083dfde935215b00758a5e92132118f93b92b513fe3152140675491cd 3452 libsoup2.4_2.74.3-1+deb12u1.dsc
    c953dd7b7c4f208305909df0c48bfdb58a134d03a9ef20802981951c939b7b51 30640 libsoup2.4_2.74.3-1+deb12u1.debian.tar.xz
    Files:
    23b39a83c74e1a8c879353cc820bd766 3452 devel optional libsoup2.4_2.74.3-1+deb12u1.dsc
    0e89635a3bcd872e1d69ffecae9998f6 30640 devel optional libsoup2.4_2.74.3-1+deb12u1.debian.tar.xz

    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEm5FwB64DDjbk/CSLaVt65L8GYkAFAmdZYs8ACgkQaVt65L8G YkD9sRAAvAX8LUtLW0PbxvL8XPQlO2Xtl/3lY66Nb5/9iyfwZ9Rl5dBP4evm2S9Q Y019O7ihawCCEGm7SNZMg7fnbc9VauJ2EKMN7sAd25VTf5aQmE65i2YToiNiiJow hX+3uR1GqPwmyZN3MIby0/CLTYa9MTC4h5KmmOi1k1ujkYQnXmzfvknMUuuKjv8j 02ZWHOs2QdkBOsn+TBW0BhkgMPHsKf+2IAPiRShHJIO5+om5N0+FT/CtXb+pUwj0 s9jPXUlfCOHrcWruOay69Y49PITlxr7EOcqGKj5B2Dq2a++SGOWinciDlz85Ui5o iTTN18EaIHu84QjERsatH63/swo3IJTXA8yC0ii+9CyfzWQK/51K/myk09XoVry3 Vg6mtpqSz/c0zDiqHHa27ir4/MbHciiTlw6alGRED8k4jnbZz33LhojBR3W69ioj AHlPHjaknLQ2PrDJkPCQk5MfNP28EOyc4HGdVUdiVwykCR30Hj9OZ1jA2F/zDbDA LcL/3qQFxFIvB2d7qOekutQFq2rgZgin7xxaFzD/EdW1X3J5UZDS8pbhvNZwOlws JxvFSR5Fi4Z5+RbbrHfvRo4E/jf0+cPCPMNdsBjG6oUGMMUdbGkgch2BHfYwZRoW Zgg4X7RwoUgzt2GsBkqN2xPBSOv+czA/QZoPhKj85VovIMJogcs=
    =NuFo
    -----END PGP SIGNATURE-----


    --==============U37741110763564176=Content-Type: application/pgp-signature

    -----BEGIN PGP SIGNATURE-----

    iHUEABYIAB0WIQTziqJOuF8J+ZI8pJSb9qggYcy5IQUCZ2b4FQAKCRCb9qggYcy5 IdKdAP9exUlzU2/RrccS0VOdmjgnLPzHZ7En7Wo0k6zoVyY/nQEAzB3gUSGuCw1l cqvdAGY42VQBCg14Sz0sb23PiGOrPgw=qqkr
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)