Compare commits
3 Commits
| Author | SHA256 | Date | |
|---|---|---|---|
|
f716188edf | ||
| f17a577dc6 | |||
|
|
35bd1524df |
30
libsoup-CVE-2025-12105.patch
Normal file
30
libsoup-CVE-2025-12105.patch
Normal file
@@ -0,0 +1,30 @@
|
||||
From 9ba1243a24e442fa5ec44684617a4480027da960 Mon Sep 17 00:00:00 2001
|
||||
From: Eugene Mutavchi <Ievgen_Mutavchi@comcast.com>
|
||||
Date: Fri, 10 Oct 2025 16:24:27 +0000
|
||||
Subject: [PATCH] fix 'heap-use-after-free' caused by 'finishing' queue item
|
||||
twice
|
||||
|
||||
---
|
||||
libsoup/soup-session.c | 6 ++++--
|
||||
1 file changed, 4 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/libsoup/soup-session.c b/libsoup/soup-session.c
|
||||
index c5694d2c..4e6b478b 100644
|
||||
--- a/libsoup/soup-session.c
|
||||
+++ b/libsoup/soup-session.c
|
||||
@@ -2894,8 +2894,10 @@ run_until_read_done (SoupMessage *msg,
|
||||
if (soup_message_io_in_progress (msg))
|
||||
soup_message_io_finished (msg);
|
||||
item->paused = FALSE;
|
||||
- item->state = SOUP_MESSAGE_FINISHING;
|
||||
- soup_session_process_queue_item (item->session, item, FALSE);
|
||||
+ if (item->state != SOUP_MESSAGE_FINISHED) {
|
||||
+ item->state = SOUP_MESSAGE_FINISHING;
|
||||
+ soup_session_process_queue_item (item->session, item, FALSE);
|
||||
+ }
|
||||
}
|
||||
async_send_request_return_result (item, NULL, error);
|
||||
soup_message_queue_item_unref (item);
|
||||
--
|
||||
2.51.1
|
||||
|
||||
@@ -1,5 +1,5 @@
|
||||
-------------------------------------------------------------------
|
||||
Wed Jan 14 03:23:23 UTC 2026 - Alynx Zhou <alynx.zhou@suse.com>
|
||||
Wed Jan 14 03:20:07 UTC 2026 - Alynx Zhou <alynx.zhou@suse.com>
|
||||
|
||||
- Add libsoup-CVE-2026-0716.patch: Fix out-of-bounds read for
|
||||
websocket (bsc#1256418, CVE-2026-0716, glgo#GNOME/libsoup!494).
|
||||
@@ -7,14 +7,23 @@ Wed Jan 14 03:23:23 UTC 2026 - Alynx Zhou <alynx.zhou@suse.com>
|
||||
(bsc#1256399, CVE-2026-0719, glgo#GNOME/libsoup!493).
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Oct 16 03:31:36 UTC 2025 - Alynx Zhou <alynx.zhou@suse.com>
|
||||
Tue Nov 18 19:58:09 UTC 2025 - Michael Gorse <mgorse@suse.com>
|
||||
|
||||
- Add libsoup-CVE-2025-12105.patch: fix use after free caused by
|
||||
'finishing' queue item twice (bsc#1252555 CVE-2025-12105
|
||||
glgo#GNOME/libsoup!481).
|
||||
- Add i586 to the list of architectures where we re-run tests;
|
||||
hsts-db-test is timing out there as well.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Oct 16 03:25:37 UTC 2025 - Alynx Zhou <alynx.zhou@suse.com>
|
||||
|
||||
- Update libsoup-CVE-2025-11021.patch: Add NULL check for
|
||||
soup_date_time_to_string() (bsc#1250562, CVE-2025-11021,
|
||||
glgo#GNOME/libsoup!483).
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sat Oct 11 08:43:16 UTC 2025 - Alynx Zhou <alynx.zhou@suse.com>
|
||||
Sat Oct 11 08:15:04 UTC 2025 - Alynx Zhou <alynx.zhou@suse.com>
|
||||
|
||||
- Add libsoup-CVE-2025-11021.patch: Ignore invalid date when
|
||||
processing cookies to prevent out-of-bounds read (bsc#1250562,
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
#
|
||||
# spec file for package libsoup
|
||||
#
|
||||
# Copyright (c) 2025 SUSE LLC
|
||||
# Copyright (c) 2025 SUSE LLC and contributors
|
||||
#
|
||||
# All modifications and additions to the file contributed by third parties
|
||||
# remain the property of their copyright owners, unless otherwise agreed
|
||||
@@ -42,11 +42,14 @@ Patch5: libsoup-CVE-2025-4969.patch
|
||||
Patch6: libsoup-CVE-2025-4945.patch
|
||||
# PATCH-FIX-UPSTREAM libsoup-CVE-2025-11021.patch bsc#1250562, CVE-2025-11021, glgo#GNOME/libsoup!482 alynx.zhou@suse.com -- Ignore invalid date when processing cookie
|
||||
Patch7: libsoup-CVE-2025-11021.patch
|
||||
# PATCH-FIX-UPSTREAM libsoup-CVE-2025-12105.patch bsc#1252555 mgorse@suse.com -- fix use after free caused by 'finishing' queued item twice.
|
||||
Patch8: libsoup-CVE-2025-12105.patch
|
||||
# PATCH-FIX-UPSTREAM libsoup-CVE-2026-0719.patch bsc#1256399, CVE-2026-0719, glgo#GNOME/libsoup!493 alynx.zhou@suse.com -- Fix overflow for password md4sum
|
||||
Patch9: libsoup-CVE-2026-0719.patch
|
||||
# PATCH-FIX-UPSTREAM libsoup-CVE-2026-0716.patch bsc#1256418, CVE-2026-0716, glgo#GNOME/libsoup!494 alynx.zhou@suse.com -- Fix out-of-bounds read for websocket
|
||||
Patch10: libsoup-CVE-2026-0716.patch
|
||||
|
||||
|
||||
BuildRequires: glib-networking
|
||||
BuildRequires: meson >= 0.53
|
||||
BuildRequires: pkgconfig
|
||||
@@ -159,7 +162,7 @@ mv %{buildroot}%{_datadir}/doc/%{name}-%{api_version} %{buildroot}%{_docdir}
|
||||
%check
|
||||
# Run the regression tests using GnuTLS NORMAL priority
|
||||
export G_TLS_GNUTLS_PRIORITY=NORMAL
|
||||
%ifarch s390x ppc64le
|
||||
%ifarch s390x ppc64le i586
|
||||
%meson_test -t 5 || (%meson_test -t 5)
|
||||
%else
|
||||
%meson_test
|
||||
|
||||
Reference in New Issue
Block a user