Overview

File _patchinfo of Package patchinfo.38914

<patchinfo incident="38914">
  <issue tracker="cve" id="2025-4948"/>
  <issue tracker="cve" id="2025-4969"/>
  <issue tracker="cve" id="2025-4476"/>
  <issue tracker="bnc" id="1243332">VUL-0: CVE-2025-4948: libsoup: Integer Underflow in soup_multipart_new_from_message() Leading to Denial of Service in libsoup</issue>
  <issue tracker="bnc" id="1243422">VUL-0: CVE-2025-4476: libsoup,libsoup2: libsoup: null pointer dereference may lead to denial of service</issue>
  <issue tracker="bnc" id="1243423">VUL-0: CVE-2025-4969: libsoup,libsoup2: libsoup: off-by-one out-of-bounds read may lead to infoleak</issue>
  <packager>mgorse</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for libsoup</summary>
  <description>This update for libsoup fixes the following issues:

- CVE-2025-4969: Fixed off-by-one out-of-bounds read may lead to infoleak (bsc#1243423) 
- CVE-2025-4948: Fixed integer underflow in soup_multipart_new_from_message() leading to denial of service (bsc#1243332) 
- CVE-2025-4476: Fixed NULL pointer dereference may lead to denial of service (bsc#1243422) 
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places