Overview

File _patchinfo of Package patchinfo.38576

<patchinfo incident="38576">
  <issue tracker="bnc" id="1240750">VUL-0: CVE-2025-2784: libsoup: Heap buffer over-read in `skip_insignificant_space` when sniffing content</issue>
  <issue tracker="bnc" id="1240752">VUL-0: CVE-2025-32050: libsoup: Integer overflow in append_param_quoted</issue>
  <issue tracker="bnc" id="1240754">VUL-0: CVE-2025-32051: libsoup: Segmentation fault when parsing malformed data URI</issue>
  <issue tracker="bnc" id="1240756">VUL-0: CVE-2025-32052: libsoup: Heap buffer overflow in sniff_unknown()</issue>
  <issue tracker="bnc" id="1240757">VUL-0: CVE-2025-32053: libsoup: Heap buffer overflows in sniff_feed_or_html() and skip_insignificant_space()</issue>
  <issue tracker="bnc" id="1241162">VUL-0: CVE-2025-32913: libsoup,libsoup2: NULL pointer dereference in soup_message_headers_get_content_disposition</issue>
  <issue tracker="bnc" id="1241164">VUL-0: CVE-2025-32914: libsoup,libsoup2: out of bounds read  in `soup_multipart_new_from_message()`.</issue>
  <issue tracker="bnc" id="1241214">VUL-0: CVE-2025-32912: libsoup,libsoup2: NULL pointer dereference in SoupAuthDigest</issue>
  <issue tracker="bnc" id="1241222">VUL-0: CVE-2025-32907: libsoup,libsoup2: excessive memory consumption in server when client requests a large amount of overlapping ranges in a single HTTP request</issue>
  <issue tracker="bnc" id="1241223">VUL-0: CVE-2025-32908: libsoup,libsoup2: HTTP request may lead to server crash due to HTTP/2 server not fully validating the values of pseudo-headers</issue>
  <issue tracker="bnc" id="1241226">VUL-0: CVE-2025-32909: libsoup,libsoup2: NULL pointer dereference in the sniff_mp4 function in soup-content-sniffer.c</issue>
  <issue tracker="bnc" id="1241238">VUL-0: CVE-2025-32911: libsoup,libsoup2: Double free on soup_message_headers_get_content_disposition() via "params".</issue>
  <issue tracker="bnc" id="1241252">VUL-0: CVE-2025-32910: libsoup,libsoup2: null pointer deference on client when server omits the 'realm' parameter in an Unauthorized response with Digest authentication</issue>
  <issue tracker="bnc" id="1241263">VUL-0: CVE-2025-32906: libsoup,libsoup2: Out of bounds reads in soup_headers_parse_request()</issue>
  <issue tracker="bnc" id="1241686">VUL-0: CVE-2025-46420: libsoup,libsoup2: libsoup: Memory leak on soup_header_parse_quality_list() via soup-headers.c</issue>
  <issue tracker="bnc" id="1241688">VUL-0: CVE-2025-46421: libsoup,libsoup2: libsoup: HTTP Authorization Header leak via an HTTP redirect</issue>
  <issue tracker="cve" id="2025-2784"/>
  <issue tracker="cve" id="2025-32050"/>
  <issue tracker="cve" id="2025-32051"/>
  <issue tracker="cve" id="2025-32052"/>
  <issue tracker="cve" id="2025-32053"/>
  <issue tracker="cve" id="2025-32906"/>
  <issue tracker="cve" id="2025-32907"/>
  <issue tracker="cve" id="2025-32908"/>
  <issue tracker="cve" id="2025-32909"/>
  <issue tracker="cve" id="2025-32910"/>
  <issue tracker="cve" id="2025-32911"/>
  <issue tracker="cve" id="2025-32912"/>
  <issue tracker="cve" id="2025-32913"/>
  <issue tracker="cve" id="2025-32914"/>
  <issue tracker="cve" id="2025-46420"/>
  <issue tracker="cve" id="2025-46421"/>
  <packager>mgorse</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for libsoup</summary>
  <description>This update for libsoup fixes the following issues:

 - CVE-2025-2784: Fixed heap buffer over-read in `skip_insignificant_space` when sniffing conten (bsc#1240750) 
 - CVE-2025-32050: Fixed integer overflow in append_param_quoted (bsc#1240752) 
 - CVE-2025-32051: Fixed segmentation fault when parsing malformed data URI (bsc#1240754)
 - CVE-2025-32052: Fixed heap buffer overflow in sniff_unknown() (bsc#1240756) 
 - CVE-2025-32053: Fixed heap buffer overflows in sniff_feed_or_html() and skip_insignificant_space() (bsc#1240757) 
 - CVE-2025-32906: Fixed out of bounds reads in soup_headers_parse_request() (bsc#1241263)
 - CVE-2025-32907: Fixed excessive memory consumption in server when client requests a large amount of overlapping ranges in a single HTTP request (bsc#1241222) 
 - CVE-2025-32908: Fixed HTTP request may lead to server crash due to HTTP/2 server not fully validating the values of pseudo-headers (bsc#1241223)
 - CVE-2025-32909: Fixed NULL pointer dereference in the sniff_mp4 function in soup-content-sniffer.c (bsc#1241226)
 - CVE-2025-32910: Fixed NULL pointer deference on client when server omits the realm parameter in an Unauthorized response with Digest authentication (bsc#1241252)
 - CVE-2025-32911: Fixed double free on soup_message_headers_get_content_disposition() via "params" (bsc#1241238)
 - CVE-2025-32912: Fixed NULL pointer dereference in SoupAuthDigest (bsc#1241214)
 - CVE-2025-32913: Fixed NULL pointer dereference in soup_message_headers_get_content_disposition (bsc#1241162)
 - CVE-2025-32914: Fixed out of bounds read in `soup_multipart_new_from_message()` (bsc#1241164) 
 - CVE-2025-46420: Fixed memory leak on soup_header_parse_quality_list() via soup-headers.c (bsc#1241686) 
 - CVE-2025-46421: Fixed HTTP Authorization Header leak via an HTTP redirect (bsc#1241688) 
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places