From 73a12bf7d6fa26ed5492f0539d31c50fc7241cb50acdef1a45f5f6e939d3598a Mon Sep 17 00:00:00 2001
From: Dominique Leuenberger <dimstar@opensuse.org>
Date: Mon, 14 Aug 2017 14:29:49 +0000
Subject: [PATCH] Accepting request 516810 from GNOME:Next

New stable rel, CVE-2017-2885

OBS-URL: https://build.opensuse.org/request/show/516810
OBS-URL: https://build.opensuse.org/package/show/GNOME:Factory/libsoup?expand=0&rev=188
---
 libsoup-2.58.1.tar.xz | 3 ---
 libsoup-2.58.2.tar.xz | 3 +++
 libsoup.changes       | 7 +++++++
 libsoup.spec          | 4 ++--
 4 files changed, 12 insertions(+), 5 deletions(-)
 delete mode 100644 libsoup-2.58.1.tar.xz
 create mode 100644 libsoup-2.58.2.tar.xz

diff --git a/libsoup-2.58.1.tar.xz b/libsoup-2.58.1.tar.xz
deleted file mode 100644
index 86b31a1..0000000
--- a/libsoup-2.58.1.tar.xz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:62c669f557de745b7b20ba9d5b74d839c95e4c9cea1a5ab7f3da5531a1aeefb9
-size 1820096
diff --git a/libsoup-2.58.2.tar.xz b/libsoup-2.58.2.tar.xz
new file mode 100644
index 0000000..3f694b5
--- /dev/null
+++ b/libsoup-2.58.2.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:442300ca1b1bf8a3bbf2f788203287ff862542d4fc048f19a92a068a27d17b72
+size 1815256
diff --git a/libsoup.changes b/libsoup.changes
index f0bb909..6330688 100644
--- a/libsoup.changes
+++ b/libsoup.changes
@@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Mon Aug 14 12:22:57 UTC 2017 - zaitor@opensuse.org
+
+- Update to version 2.58.2 (CVE-2017-2885):
+  + Fixed a chunked decoding buffer overrun that could be exploited
+    against either clients or servers (bgo#785774, CVE-2017-2885).
+
 -------------------------------------------------------------------
 Sat May 20 09:09:11 UTC 2017 - dimstar@opensuse.org
 
diff --git a/libsoup.spec b/libsoup.spec
index da7c7b7..de4d7a5 100644
--- a/libsoup.spec
+++ b/libsoup.spec
@@ -20,10 +20,10 @@ Name:           libsoup
 Summary:        HTTP client/server library for GNOME
 License:        LGPL-2.1+
 Group:          Development/Libraries/GNOME
-Version:        2.58.1
+Version:        2.58.2
 Release:        0
 Url:            http://www.gnome.org
-Source:         http://download.gnome.org/sources/libsoup/2.58/%{name}-%{version}.tar.xz
+Source:         https://download.gnome.org/sources/libsoup/2.58/%{name}-%{version}.tar.xz
 Source99:       baselibs.conf
 BuildRequires:  glib-networking
 BuildRequires:  glib2-devel >= 2.38.0