mgorse/libsoup2
SHA256
1
0
Fork 0
forked from pool/libsoup2
Code Pull Requests Activity

Compare commits

base: mgorse:slfo-main
Branches Tags
mgorse:factory mgorse:slfo-1.2 mgorse:slfo-main pool:factory pool:slfo-main pool:slfo-1.2
..
compare: mgorse:slfo-1.2
Branches Tags
mgorse:slfo-1.2 mgorse:slfo-main mgorse:factory pool:factory pool:slfo-main pool:slfo-1.2

1 Commits
slfo-main ... slfo-1.2

Author SHA256 Message Date
Mike Gorse
0013e04354 CVE fixes 2026-02-08 16:46:18 -06:00
3 changed files with 14 additions and 9 deletions
Expand all files Collapse all files

6
ef6c4bf6.patch
View File

@@ -11,7 +11,7 @@ CVE-2025-2784
3 files changed, 7 insertions(+), 1 deletion(-)
diff --git a/libsoup/soup-content-sniffer.c b/libsoup/soup-content-sniffer.c
index 967ec614..4c8134a7 100644
index 967ec6141..4c8134a7f 100644
--- a/libsoup/soup-content-sniffer.c
+++ b/libsoup/soup-content-sniffer.c
@@ -642,7 +642,7 @@ sniff_feed_or_html (SoupContentSniffer *sniffer, SoupBuffer *buffer)
@@ -24,7 +24,7 @@ index 967ec614..4c8134a7 100644
if (skip_insignificant_space (resource, &pos, resource_length))
diff --git a/tests/sniffing-test.c b/tests/sniffing-test.c
index d2aa86b9..0a4569a4 100644
index d2aa86b9d..0a4569a43 100644
--- a/tests/sniffing-test.c
+++ b/tests/sniffing-test.c
@@ -605,6 +605,11 @@ main (int argc, char **argv)
@@ -40,7 +40,7 @@ index d2aa86b9..0a4569a4 100644
g_test_add_data_func ("/sniffing/disabled",
"/text_or_binary/home.gif",
diff --git a/tests/soup-tests.gresource.xml b/tests/soup-tests.gresource.xml
index 9c08d170..cbef1d40 100644
index 9c08d170e..cbef1d402 100644
--- a/tests/soup-tests.gresource.xml
+++ b/tests/soup-tests.gresource.xml
@@ -25,5 +25,6 @@

15
libsoup2.changes
View File

@@ -1,5 +1,5 @@
-------------------------------------------------------------------
Fri Feb 6 18:52:17 UTC 2026 - Michael Gorse <mgorse@suse.com>
Fri Feb 6 19:18:44 UTC 2026 - Michael Gorse <mgorse@suse.com>
- Add libsoup2-CVE-2026-0716.patch: Fix out-of-bounds read for
websocket (bsc#1256418, CVE-2026-0716, glgo#GNOME/libsoup!494).
@@ -10,19 +10,24 @@ Tue Feb 3 01:52:48 UTC 2026 - Jonathan Kang <songchuan.kang@suse.com>
- Add libsoup2-CVE-2026-1761.patch: multipart: check length of bytes
read soup_filter_input_stream_read_until()
(bsc#1257598, CVE-2026-1761, glgo#GNOME/libsoup!496).
- Refresh ef6c4bf6.patch from upstream git.
-------------------------------------------------------------------
Fri Jan 9 02:52:21 UTC 2026 - Alynx Zhou <alynx.zhou@suse.com>
Tue Jan 13 03:15:10 UTC 2026 - Alynx Zhou <alynx.zhou@suse.com>
- Add libsoup2-CVE-2026-0719.patch: Fix overflow for password
md4sum (bsc#1256399, CVE-2026-0719, glgo#GNOME/libsoup!493).
-------------------------------------------------------------------
Thu Jan 8 05:11:30 UTC 2026 - Alynx Zhou <alynx.zhou@suse.com>
Thu Jan 8 06:07:38 UTC 2026 - Alynx Zhou <alynx.zhou@suse.com>
- Refresh libsoup2-CVE-2025-14523.patch: Follow the update of
upstream (bsc#1254876, CVE-2025-14523, glgo#GNOME/libsoup!491).
-------------------------------------------------------------------
Tue Jan 6 08:25:34 UTC 2026 - Alynx Zhou <alynx.zhou@suse.com>
- Add libsoup2-CVE-2025-14523.patch: Reject duplicated Host in
headers (bsc#1254876, CVE-2025-14523, glgo#GNOME/libsoup!491).
headers (bsc#1254876, CVE-2025-14523, glgo#GNOME/libsoup!489).
-------------------------------------------------------------------
Wed Jun 18 16:47:42 UTC 2025 - Michael Gorse <mgorse@suse.com>

2
libsoup2.spec
View File

@@ -1,7 +1,7 @@
#
# spec file for package libsoup2
#
# Copyright (c) 2026 SUSE LLC and contributors
# Copyright (c) 2025 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed