Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <dispatch@tracker.debian.org> , <debian-lts-changes@lists.debian.org>
Subject: Accepted libsoup2.4 2.72.0-2+deb11u1 (source) into oldstable-security
Date: Thu, 12 Dec 2024 04:10:18 +0000
Signed by: Sean Whitton <spwhitton@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 12 Dec 2024 11:56:13 +0800
Source: libsoup2.4
Architecture: source
Version: 2.72.0-2+deb11u1
Distribution: bullseye-security
Urgency: high
Maintainer: Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org>
Changed-By: Sean Whitton <spwhitton@spwhitton.name>
Closes: 1088812 1089238 1089240
Changes:
 libsoup2.4 (2.72.0-2+deb11u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the LTS Security Team.
   * Backport upstream fixes for
     - CVE-2024-52530: HTTP request smuggling with null bytes at the end of
       header names (Closes: #1088812)
     - CVE-2024-52531: buffer overflow in soup_header_parse_param_list_strict
       (Closes: #1089240)
     - CVE-2024-52532: infinite loop / potential DoS in reading certain
       data from WebSocket clients (Closes: #1089238).
Checksums-Sha1:
 52bf60d5c4b4f0ce5e3058351402b5b381298572 3245 libsoup2.4_2.72.0-2+deb11u1.dsc
 cb7377a6158532de14258f7c58bfa90619eb5d36 29488 libsoup2.4_2.72.0-2+deb11u1.debian.tar.xz
 4a68d2af1379628b4b04a8a0512cedc9cc1530ae 9435 libsoup2.4_2.72.0-2+deb11u1_source.buildinfo
Checksums-Sha256:
 2a9b6e342a137e2f0fad139b13379b6ef9433ea555baafea643af47e44a08605 3245 libsoup2.4_2.72.0-2+deb11u1.dsc
 b0cea3fcc0ecdb8f7d6657ee0ff865b0b913644ee81f3edf1d8d6688260b765e 29488 libsoup2.4_2.72.0-2+deb11u1.debian.tar.xz
 5bbeeee1974f4c5cf24d171e2eca730da058ff9df0cb8205e1444a595477fccc 9435 libsoup2.4_2.72.0-2+deb11u1_source.buildinfo
Files:
 d13ecb61c996d09bf3c7cb53058ff69c 3245 devel optional libsoup2.4_2.72.0-2+deb11u1.dsc
 70e4d69cfec8c38196858d21a9d81919 29488 devel optional libsoup2.4_2.72.0-2+deb11u1.debian.tar.xz
 4d1dd4ec22a075cac32daf784fbd36bd 9435 devel optional libsoup2.4_2.72.0-2+deb11u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJNBAEBCgA3FiEEm5FwB64DDjbk/CSLaVt65L8GYkAFAmdaXu8ZHHNwd2hpdHRv
bkBzcHdoaXR0b24ubmFtZQAKCRBpW3rkvwZiQLUhD/42/Ax7Sq7OpHGBwxEpEHa9
sE1/NYQvM5OIfSyUiXG0nMa/iMtzR7k8Xt530KafJWpugurfiWXEaH7sX/WFqvqX
2RTvRPqjB6QKnnMkpV9iGycLMa63T3PWznNTw+N+iXpixAEwfvL0FPrTxSZ9XPl6
UHMjuJ87z36kMp/CmqAolqTNul0i6rkQBp/JtgDmkVgKH0xGpOGEX29/AWDzSO0E
jtvGT6EBt5qL9fwTFAeRFvMCgfuo14Dlalpaj6YJbwDzQSqk53FiWQVY0YwkKagT
gjzwvvbBWcoO/lRUriPAf+LPb42XnmowA6tPDz29YNW5X3nrkDvnb48SvAGgSxy6
930j/4chTvqTG7Xq4752fiaj4tZXWi2m0/4IM2DXnBboo8zOby7rKBM9WiB8MJKW
v6LheTSUBaJ0psSQznRHrdgP2YPoq7TVPq3PM5PP+zBJOmZSsMNmQRCJ28vStHzy
3otrDczRW5OWxRil1Qr36k3cQTT3gGafphTT8BlDaT1c+8nxQu/EAEJy5g9KY7F3
AFJuCKnGS2+zvteXp8QQIski5jaWbUtrNnc++PkJq5O9i5WvNr5ptgMZMFh6yop9
g88+9q8LuTnw6t+MOv2NdP6tRdFEbG55HJxXbasHhNQH6WCS/cG3+nAr8QFoMtQA
5HSaQAM4FimTY/35NXpjEg==
=vweo
-----END PGP SIGNATURE-----

News for package libsoup2.4