Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-lts-changes@lists.debian.org> , <dispatch@tracker.debian.org>
Subject: Accepted libsoup2.4 2.72.0-2+deb10u1 (source) into oldstable-security
Date: Thu, 12 Dec 2024 04:00:20 +0000
Signed by: Sean Whitton <spwhitton@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 11 Dec 2024 18:53:30 +0800
Source: libsoup2.4
Architecture: source
Version: 2.72.0-2+deb10u1
Distribution: bullseye-security
Urgency: high
Maintainer: Debian GNOME Maintainers <pkg-gnome-maintainers@lists.alioth.debian.org>
Changed-By: Sean Whitton <spwhitton@spwhitton.name>
Closes: 1088812 1089238 1089240
Changes:
 libsoup2.4 (2.72.0-2+deb10u1) bullseye-security; urgency=high
 .
   * Non-maintainer upload by the LTS Security Team.
   * Backport upstream fixes for
     - CVE-2024-52530: HTTP request smuggling with null bytes at the end of
       header names (Closes: #1088812)
     - CVE-2024-52531: buffer overflow in soup_header_parse_param_list_strict
       (Closes: #1089240)
     - CVE-2024-52532: infinite loop / potential DoS in reading certain
       data from WebSocket clients (Closes: #1089238).
Checksums-Sha1:
 328c10c3e2b57142d08ce3b5496e593ac5c49b74 3245 libsoup2.4_2.72.0-2+deb10u1.dsc
 6aaed6b49b13e287b7c3bba546ba49fec4ea72a5 1477940 libsoup2.4_2.72.0.orig.tar.xz
 14bc6bb9f3e0fd01b8eb37a8a8a0119deffe8c03 29492 libsoup2.4_2.72.0-2+deb10u1.debian.tar.xz
 e8eb037b028f9ae412c53d309ad51ed1420d9e97 9435 libsoup2.4_2.72.0-2+deb10u1_source.buildinfo
Checksums-Sha256:
 67788f493a0e6ba1d43ca637104759f9d1716c0204421a07123b0ca8ecab3b58 3245 libsoup2.4_2.72.0-2+deb10u1.dsc
 170c3f8446b0f65f8e4b93603349172b1085fb8917c181d10962f02bb85f5387 1477940 libsoup2.4_2.72.0.orig.tar.xz
 63abf4ddc8a89bba576b6872999835640663ba83146efde11d3e4ea2d8edd178 29492 libsoup2.4_2.72.0-2+deb10u1.debian.tar.xz
 b76c980ebcdf05adc1bc2a67648154f1bc29a207dad40a683c8224f627a76305 9435 libsoup2.4_2.72.0-2+deb10u1_source.buildinfo
Files:
 9f42f35ccb285490ba9d8b8ec6f4fd03 3245 devel optional libsoup2.4_2.72.0-2+deb10u1.dsc
 859380b76b51fb55d720daea3c76c945 1477940 devel optional libsoup2.4_2.72.0.orig.tar.xz
 b2235d9f9b259715cefbfbc1aeb4fc98 29492 devel optional libsoup2.4_2.72.0-2+deb10u1.debian.tar.xz
 69d8511d0c6d25ab6fa573d3ac6846a8 9435 devel optional libsoup2.4_2.72.0-2+deb10u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJNBAEBCgA3FiEEm5FwB64DDjbk/CSLaVt65L8GYkAFAmdaW0IZHHNwd2hpdHRv
bkBzcHdoaXR0b24ubmFtZQAKCRBpW3rkvwZiQB/yD/961CvYHYtrze6RJ04O5rk0
GINu8EGEVuBZ3pOw4rgV1HTgjqJ0oMmYfrDjQnpzV9qgtVT6QJlUcUFJV5PC/vcq
EOZZGlPwtzoYkTWW+bUxrFz9upwtpivH2zCcNK21I1W41/9f9ue0ghra8403SEp1
QUODCwFsxUhuQ/qMM4585VcE1snTvvWoM+op874NIo+2HHG0Z+wIV4P8gAvD/3M6
9PS7oSDZ1/Xv/yeRfTWnBgsWhFpw1eGhtYG8mKgRK0vTfA2MCkBNHJFr4EPiH2Mu
D+nV5OmRVUZAE8uzTA1puE4CgumDUYzt4Uww8jrDpiqjUhDqga45f/dC7CeQiGmY
wN5m2WFNrWXYWHY8brjudyFzIVw4EiQ9NguLVTUWhUw9mrbornHthpihSPTS6uD+
owQ3+wX56NnbyyP7NPRKJXx5qiZGqrmXgGDhyeLkm58d8+MDgYaS6f0cfXn75t2w
RBEK9cIJiEKHIogaZutgtMwFmTGaCcPg2ORVh8KyfMbH+otE1gTtdzG/PWS0/8sN
vHLSq3PqUNrmm5MYgHWL1maVUz2lAX2RWADotLpDbsnWwF7a3B2zC02pWB2for0F
03LvUUB20TLHmaKjWDOMy+xDSDQIS8J9Ht4LexcCMotX0vP48jUePyeiqoRW63+G
T1cqxDfGG4yF0naZDbVgdw==
=VOl9
-----END PGP SIGNATURE-----

News for package libsoup2.4