-
libsoup2.4 (2.60.1-1ubuntu0.1) artful-security; urgency=medium
* SECURITY UPDATE: Fail to handle empty hostnames
- debian/patches/CVE-2018-12910.patch: fix in libsoup/soup-cookie-jar.c.
- CVE-2018-12910
-- <email address hidden> (Leonidas S. Barbosa) Mon, 02 Jul 2018 12:39:13 -0300
-
libsoup2.4 (2.60.1-1) unstable; urgency=medium
* New upstream release (LP: #1717216)
* Bump Standards-Version to 4.1.1
-- Jeremy Bicha <email address hidden> Wed, 11 Oct 2017 10:12:43 -0400
-
libsoup2.4 (2.56.1-1) unstable; urgency=high
* New upstream release.
+ CVE-2017-2885: Fixed a chunked decoding buffer overrun that
could be exploited against either clients or servers.
Closes: #871650.
-- Emilio Pozuelo Monfort <email address hidden> Thu, 10 Aug 2017 18:29:43 +0200
-
libsoup2.4 (2.56.0-2ubuntu1) artful; urgency=medium
* SECURITY UPDATE: chunked encoding stack buffer overflow
- debian/patches/CVE-2017-2885.patch: better boundary checking in
soup-filter-input-stream.c
- CVE-2017-2885
-- Steve Beattie <email address hidden> Thu, 10 Aug 2017 10:10:12 -0700
-
libsoup2.4 (2.56.0-2) unstable; urgency=medium
* Team upload
* Add patches from upstream 2.57.1 to make freeing a SoupSession
thread-safe, fixing one of several root causes of ostree test
failures (see #827473 and
https://github.com/ostreedev/ostree/issues/601).
-- Simon McVittie <email address hidden> Wed, 21 Dec 2016 17:10:16 +0000