Register | Log in

gsoap

Stub generators for gSOAP

Choose email to subscribe with

general

source: gsoap (main)
version: 2.8.139-1
maintainer: Mattias Ellert (DMD)
arch: all any
std-ver: 4.7.3
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 2.8.104-3
oldstable: 2.8.124-2
stable: 2.8.135-2
testing: 2.8.139-1
unstable: 2.8.139-1

versioned links

2.8.104-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.8.124-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.8.135-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
2.8.139-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

gsoap
gsoap-doc
libgsoap-2.8.139
libgsoap-dev

action needed

2 security issues in bookworm high

There are 2 open security issues in bookworm.

1 important issue:

CVE-2019-25355: gSOAP 2.8 contains a directory traversal vulnerability that allows unauthenticated attackers to access system files by manipulating HTTP path traversal techniques. Attackers can retrieve sensitive files like /etc/passwd by sending crafted GET requests with multiple '../' directory traversal sequences.

1 issue left for the package maintainer to handle:

CVE-2024-4227: (needs triaging) In Genivia gSOAP with a specific configuration an unauthenticated remote attacker can generate a high CPU load when forcing to parse an XML having duplicate ID attributes which can lead to a DoS.

You can find information about how to handle this issue in the security team's documentation.

Created: 2025-08-01 Last update: 2026-02-22 00:16

1 security issue in trixie high

There is 1 open security issue in trixie.

1 important issue:

CVE-2019-25355: gSOAP 2.8 contains a directory traversal vulnerability that allows unauthenticated attackers to access system files by manipulating HTTP path traversal techniques. Attackers can retrieve sensitive files like /etc/passwd by sending crafted GET requests with multiple '../' directory traversal sequences.

Created: 2026-02-22 Last update: 2026-02-22 00:16

1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:

CVE-2019-25355: gSOAP 2.8 contains a directory traversal vulnerability that allows unauthenticated attackers to access system files by manipulating HTTP path traversal techniques. Attackers can retrieve sensitive files like /etc/passwd by sending crafted GET requests with multiple '../' directory traversal sequences.

Created: 2026-02-22 Last update: 2026-02-22 00:16

1 security issue in forky high

There is 1 open security issue in forky.

1 important issue:

CVE-2019-25355: gSOAP 2.8 contains a directory traversal vulnerability that allows unauthenticated attackers to access system files by manipulating HTTP path traversal techniques. Attackers can retrieve sensitive files like /etc/passwd by sending crafted GET requests with multiple '../' directory traversal sequences.

Created: 2026-02-22 Last update: 2026-02-22 00:16

2 security issues in bullseye high

There are 2 open security issues in bullseye.

1 important issue:

CVE-2019-25355: gSOAP 2.8 contains a directory traversal vulnerability that allows unauthenticated attackers to access system files by manipulating HTTP path traversal techniques. Attackers can retrieve sensitive files like /etc/passwd by sending crafted GET requests with multiple '../' directory traversal sequences.

1 issue postponed or untriaged:

CVE-2024-4227: (postponed; to be fixed through a stable update) In Genivia gSOAP with a specific configuration an unauthenticated remote attacker can generate a high CPU load when forcing to parse an XML having duplicate ID attributes which can lead to a DoS.

Created: 2026-02-22 Last update: 2026-02-22 00:16

lintian reports 3 warnings normal

Lintian reports 3 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2026-02-06 Last update: 2026-02-06 22:01

debian/patches: 6 patches to forward upstream low

Among the 6 debian patches available in version 2.8.139-1 of the package, we noticed the following issues:

6 patches where the metadata indicates that the patch has not yet been forwarded upstream. You should either forward the patch upstream or update the metadata to document its real status.

Created: 2023-02-26 Last update: 2026-02-06 19:02

news

[2026-02-11] gsoap 2.8.139-1 MIGRATED to testing (Debian testing watch)
[2026-02-06] Accepted gsoap 2.8.139-1 (source amd64 all) into unstable (Debian FTP Masters) (signed by: Mattias Ellert)
[2024-11-06] gsoap 2.8.135-2 MIGRATED to testing (Debian testing watch)
[2024-11-01] Accepted gsoap 2.8.135-2 (source) into unstable (Mattias Ellert)
[2024-11-01] Accepted gsoap 2.8.135-1 (source amd64 all) into unstable (Debian FTP Masters) (signed by: Mattias Ellert)
[2024-08-12] gsoap 2.8.132-3 MIGRATED to testing (Debian testing watch)
[2024-08-07] Accepted gsoap 2.8.132-3 (source) into unstable (Mattias Ellert)
[2024-05-03] gsoap 2.8.132-2.1 MIGRATED to testing (Debian testing watch)
[2024-02-29] Accepted gsoap 2.8.75-1+deb10u1 (source) into oldoldstable (Adrian Bunk)
[2024-02-29] Accepted gsoap 2.8.132-2.1 (source) into unstable (Steve Langasek)
[2024-02-16] Accepted gsoap 2.8.132-2.1~exp1 (source) into experimental (Steve Langasek)
[2024-02-05] gsoap 2.8.132-2 MIGRATED to testing (Debian testing watch)
[2024-01-25] Accepted gsoap 2.8.132-2 (source) into unstable (Mattias Ellert)
[2024-01-24] Accepted gsoap 2.8.132-1 (source amd64 all) into unstable (Debian FTP Masters) (signed by: Mattias Ellert)
[2022-12-28] gsoap 2.8.124-2 MIGRATED to testing (Debian testing watch)
[2022-12-22] Accepted gsoap 2.8.124-2 (source) into unstable (Mattias Ellert)
[2022-12-22] Accepted gsoap 2.8.124-1 (source amd64 all) into unstable (Debian FTP Masters) (signed by: Mattias Ellert)
[2021-08-29] gsoap 2.8.117-2 MIGRATED to testing (Debian testing watch)
[2021-08-23] Accepted gsoap 2.8.117-2 (source) into unstable (Mattias Ellert)
[2021-08-23] Accepted gsoap 2.8.117-1 (source amd64 all) into unstable, unstable (Debian FTP Masters) (signed by: Mattias Ellert)
[2021-03-14] gsoap 2.8.104-3 MIGRATED to testing (Debian testing watch)
[2021-03-08] Accepted gsoap 2.8.104-3 (source) into unstable (Mattias Ellert)
[2020-07-31] gsoap 2.8.104-2 MIGRATED to testing (Debian testing watch)
[2020-07-25] Accepted gsoap 2.8.104-2 (source) into unstable (Mattias Ellert)
[2020-07-23] Accepted gsoap 2.8.104-1 (source amd64 all) into unstable, unstable (Debian FTP Masters) (signed by: Mattias Ellert)
[2020-04-30] gsoap 2.8.91-3 MIGRATED to testing (Debian testing watch)
[2020-04-24] Accepted gsoap 2.8.91-3 (source) into unstable (Mattias Ellert)
[2019-12-08] gsoap 2.8.91-2 MIGRATED to testing (Debian testing watch)
[2019-12-03] Accepted gsoap 2.8.91-2 (source) into unstable (Mattias Ellert)
[2019-11-24] Accepted gsoap 2.8.91-1 (source amd64 all) into unstable, unstable (Mattias Ellert)

1
2

bugs [bug history graph]

all: 0

links

homepage
lintian (0, 3)
buildd: logs, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
debian patches

ubuntu

[Information about Ubuntu for Debian Developers]

version: 2.8.139-1
2 bugs

Debian Package Tracker — Copyright 2013-2025 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing