Your message dated Mon, 5 May 2025 11:06:35 +0200
with message-id <[email protected]>
and subject line Re: Bug#1104717: libsoup2.4 2.74.3-1+deb12u1: CVE-2025-32911
has caused the Debian Bug report #1104717,
regarding libsoup2.4 2.74.3-1+deb12u1: CVE-2025-32911
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1104717: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1104717
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: libsoup2.4
Version: 2.74.3-1+deb12u1
Severity: important
Tags: bookworm security
CVE-ID: CVE-2025-32911
Hi,
I am reaching out to inquire about the availability of a fix for
CVE-2025-32911<https://security-tracker.debian.org/tracker/CVE-2025-32911>, as
it is a critical vulnerability. We are currently in the process of maintaining
and securing our Bookworm-based product, and this CVE presents a significant
concern for us. We understand that it has already been fixed in Bullseye and
Sid.
Could you kindly provide an estimated timeline for when a fix will be available
for Bookworm or any additional details regarding the resolution of this issue?
Given the nature of the vulnerability, timely remediation is crucial to
maintaining the security and stability of our system.
We would appreciate your prompt response and guidance on how we can mitigate or
address the issue in the meantime.
Thank you for your attention to this matter.
We greatly appreciate your ongoing efforts to support the security of
Debian-based systems.
Regards,
Syeda Shagufta Naaz
--- End Message ---
--- Begin Message ---
On Mon, May 05, 2025 at 07:27:03AM +0000, Naaz, Syeda Shagufta wrote:
> Source: libsoup2.4
> Version: 2.74.3-1+deb12u1
> Severity: important
> Tags: bookworm security
> CVE-ID: CVE-2025-32911
> I am reaching out to inquire about the availability of a fix for
> CVE-2025-32911<https://security-tracker.debian.org/tracker/CVE-2025-32911>,
> as it is a critical vulnerability. We are currently in the process of
> maintaining and securing our Bookworm-based product, and this CVE presents a
> significant concern for us. We understand that it has already been fixed in
> Bullseye and Sid.
This is already tracked as #1103515, and on security-tracker as
https://security-tracker.debian.org/tracker/CVE-2025-32911
Closing.
--- End Message ---
