Your message dated Sat, 03 May 2025 09:36:51 +0000
with message-id <[email protected]>
and subject line Bug#1103517: fixed in libsoup2.4 2.74.3-10.1
has caused the Debian Bug report #1103517,
regarding libsoup2.4: CVE-2025-32909
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1103517: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103517
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: libsoup2.4
Version: 2.74.3-10
Severity: important
Tags: security upstream
Forwarded: https://gitlab.gnome.org/GNOME/libsoup/-/issues/431
X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>
Hi,
The following vulnerability was published for libsoup2.4.
CVE-2025-32909[0]:
| A flaw was found in libsoup. SoupContentSniffer may be vulnerable to
| a NULL pointer dereference in the sniff_mp4 function. The HTTP
| server may cause the libsoup client to crash.
Code was refactored later, but the same issue in
libsoup/soup-content-sniffer.c should be present as well in 2.4
series.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2025-32909
https://www.cve.org/CVERecord?id=CVE-2025-32909
[1] https://gitlab.gnome.org/GNOME/libsoup/-/issues/431
[2]
https://gitlab.gnome.org/GNOME/libsoup/-/commit/ba4c3a6f988beff59e45801ab36067293d24ce92
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: libsoup2.4
Source-Version: 2.74.3-10.1
Done: Sean Whitton <[email protected]>
We believe that the bug you reported is fixed in the latest version of
libsoup2.4, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Sean Whitton <[email protected]> (supplier of updated libsoup2.4 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 03 May 2025 17:11:55 +0800
Source: libsoup2.4
Architecture: source
Version: 2.74.3-10.1
Distribution: unstable
Urgency: high
Maintainer: Debian GNOME Maintainers
<[email protected]>
Changed-By: Sean Whitton <[email protected]>
Closes: 1103512 1103515 1103516 1103517 1103521 1104055
Changes:
libsoup2.4 (2.74.3-10.1) unstable; urgency=high
.
* Non-maintainer upload.
* CVE-2025-32906:
soup_headers_parse_request() function may be vulnerable to an
out-of-bound read. This flaw allows a malicious user to use a specially
crafted HTTP request to crash the HTTP server (Closes: #1103521).
* CVE-2025-32909:
SoupContentSniffer may be vulnerable to a NULL pointer dereference in
the sniff_mp4 function. The HTTP server may cause the libsoup client to
crash (Closes: #1103517).
* CVE-2025-32910:
soup_auth_digest_authenticate() is vulnerable to a NULL pointer
dereference. This issue may cause the libsoup client to crash
(Closes: #1103516).
* CVE-2025-32911:
use-after-free memory issue not on the heap in the
soup_message_headers_get_content_disposition() function. This flaw
allows a malicious HTTP client to cause memory corruption in the libsoup
server (Closes: #1103515).
* CVE-2025-32913:
the soup_message_headers_get_content_disposition() function is
vulnerable to a NULL pointer dereference. This flaw allows a malicious
HTTP peer to crash a libsoup client or server that uses this function.
(same fix for both CVE-2025-32911 and CVE-2025-32913)
* CVE-2025-32912:
SoupAuthDigest is vulnerable to a NULL pointer dereference. The HTTP
server may cause the libsoup client to crash.
* CVE-2025-32914:
the soup_multipart_new_from_message() function is vulnerable to an
out-of-bounds read. This flaw allows a malicious HTTP client to induce the
libsoup server to read out of bounds (Closes: #1103512).
* CVE-2025-46420:
the soup_header_parse_quality_list() function is vulnerable to memory
leaks when parsing a quality list that contains elements with all zeroes
(Closes: #1104055).
Checksums-Sha1:
0b74059af68211f441995a5e3625e392d8966561 3502 libsoup2.4_2.74.3-10.1.dsc
8cf27e41713610ead2f7929ed04b27bdbc829200 41460
libsoup2.4_2.74.3-10.1.debian.tar.xz
Checksums-Sha256:
63037e6fdeb35c467c0cb53965e2993cbbb726a144895d67e195cb82246da916 3502
libsoup2.4_2.74.3-10.1.dsc
9da0db7d0eb8cd6d1ea5f52d512dd1c449b8d25877e12329992ec85e6916f3c2 41460
libsoup2.4_2.74.3-10.1.debian.tar.xz
Files:
f602dfa3ab9f30c332fae32a389dc1c0 3502 oldlibs optional
libsoup2.4_2.74.3-10.1.dsc
be028af7a7d05f16e60df7e596b8de84 41460 oldlibs optional
libsoup2.4_2.74.3-10.1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEm5FwB64DDjbk/CSLaVt65L8GYkAFAmgV4FgACgkQaVt65L8G
YkCYEw/5AaIuUAdF/YeTZSWIanyq2+BSO2jejBd6g/5IrvIBDlpZ17HK174RoGvp
PlHXVX9TarNB6iqLPLKC/uk+FPcVucPrRrIchQ4vVBIXWoxKGOilZ5bnRl2aICx1
JyYrbsDiAmnWGKDdkGfC8BvsEaG9y/z2EKj1zNgtKXrCxkefNZsaq7cETZCyzb0B
M3VL5gm61mAenTn+tc+3BwDBh6mw+qAkqdO3zGIw1B0hSKXXEasvTWFUW4fZcxU1
ucCHWsD7D4ly7uipRgSPFJbXUn+jfLEY8cO8tHicGxHR49HOay441BJjL6MltPdO
IEdZC6B8a3/xBrH15RpW9ASqNIAXDHxxV6qYuSWNU+o20kgwRY2i3P+8GP5kv8Zg
kx1mwNiCigFf57hQDLctPHEZU3IkZ9IjG3uCUbO3Pmh3CN1tdcU2NyCCqdc8n4FS
6MQ4aqQWdM5g8njNtq7smiKirr4DqACV59CK6h9gkNF2MIXV149oppzlisEXVoAd
sxDAfaWgU8rshbbItT06p6y/I9usB6UAOeby9z9DpcF9qn+UWXaVHkk75mydtRUH
1SCGm6v8u6u3iaKap9w3ybZA1Fn6fVb7VXy/9CLx1IcZcagfV5vWTDxNiPctUVpo
AjOfbCgoloX8we8k9T+APWtYCZN1h6N6ob5vxxITs8Y8QOEu9Mk=
=dFP4
-----END PGP SIGNATURE-----
pgpZhf959B_iz.pgp
Description: PGP signature
--- End Message ---
