File mingw32-libsoup.changes of Package mingw32-libsoup
------------------------------------------------------------------- Fri Jul 18 10:07:36 UTC 2025 - Ralf Habacker <ralf.habacker@freenet.de> - Use python3 on all distributions ------------------------------------------------------------------- Fri Jul 4 20:57:23 UTC 2025 - Peter Ross <pross@xvid.org> - Update to version 2.74.3 - Apply upstream CVE patches from SuSE libsoup2 - disable tls_interaction-test https://gitlab.gnome.org/GNOME/libsoup/issues/120 - libsoup2-extend-test-cert.patch boo#1102840 -- Fix tests after 2027 - 4d12c3e5.patch -- lib: Add g_task_set_source_tag() everywhere - 48b3b611.patch -- lib: Add names to various GSources - ced3c5d8.patch -- Fix build with libxml2-2.12.0 and clang-17 - 04df03bc.patch boo#1233285 mgorse@suse.com -- strictly don't allow NUL bytes in headers. - libsoup-CVE-2024-52532.patch boo#1233287 mgorse@suse.com -- process the frame as soon as we read data. - 29b96fab.patch boo#1233287 mgorse@suse.com -- websocket-test: disconnect error copy after the test ends. - a35222dd.patch boo#1233292 mgorse@suse.com -- be more robust against invalid input when parsing params. - 4c9e75c6.patch boo#1233287 mgorse@suse.com -- fix an intermittent test failure. - ef6c4bf6.patch boo#1240750 mgorse@suse.com -- fix a potential overflow. - 96c22b67.patch boo#1240750 mgorse@suse.com -- add better coverage of skip_insignificant_space. - 19124679.patch boo#1240752 mgorse@suse.com -- Fix using int instead of size_t for strcspn return. - a5b86bfc.patch boo#1240756 mgorse@suse.com -- fix heap buffer overflow in soup_content_sniffer_sniff. - 5739a090.patch boo#1240757 mgorse@suse.com -- fix heap buffer overflow in soup_content_sniffer.c:sniff_feed_or_html - c9083869.patch boo#1241686 mgorse@suse.com -- fix leak in soup_header_parse_quality_list. - libsoup-CVE-2025-32914.patch boo#1241164 mgorse@suse.com -- fix read out of buffer bounds under soup_multipart_new_from_message. - libsoup-CVE-2025-32907.patch boo#1241222 mgorse@suse.com -- correct merge of ranges. - libsoup-CVE-2025-46421.patch boo#1241688 mgorse@suse.com -- strip authentication credentials on cross-origin redirect. - libsoup-CVE-2025-32913.patch boo#1241162 mgorse@suse.com -- fix NULL deref in soup_message_headers_get_content_disposition. - libsoup-CVE-2025-32910.patch boo#1241252 mgorse@suse.com -- fix NULL deref with missing realm in authenticate header. - libsoup-CVE-2025-32912.patch boo#1241214 mgorse@suse.com -- fix NULL pointer deref in SoupAuthDigest. - libsoup-CVE-2025-32906.patch boo#1241263 mgorse@suse.com -- fix an out-of-bounds read parsing headers. - libsoup-CVE-2025-32909.patch boo#1241226 mgorse@suse.com -- handle sniffing resource shorter than 4 bytes. - libsoup-CVE-2025-4948.patch boo#1243332 mgorse@suse.com -- verify boundary limits for multipart body. - libsoup-CVE-2025-4969.patch boo#1243423 mgorse@suse.com -- soup-multipart: Verify array bounds before accessing its members. - libsoup-CVE-2025-4945.patch boo#1243314 mgorse@suse.com -- add value checks for date/time parsing. ------------------------------------------------------------------- Wed Apr 4 18:34:33 UTC 2018 - mardnh@gmx.de - Fix build for Leap 15.0 and Tumbleweed.
