import UBI libsoup3-3.6.5-3.el10_0.6
This commit is contained in:
parent
5701397e93
commit
739d76f6ce
16
CVE-2025-32049.patch
Normal file
16
CVE-2025-32049.patch
Normal file
@ -0,0 +1,16 @@
|
||||
diff --git a/libsoup/websocket/soup-websocket-connection.c b/libsoup/websocket/soup-websocket-connection.c
|
||||
index a1448134..48b08b60 100644
|
||||
--- a/libsoup/websocket/soup-websocket-connection.c
|
||||
+++ b/libsoup/websocket/soup-websocket-connection.c
|
||||
@@ -971,6 +971,11 @@ process_contents (SoupWebsocketConnection *self,
|
||||
switch (priv->message_opcode) {
|
||||
case 0x01:
|
||||
case 0x02:
|
||||
+ /* Safety valve */
|
||||
+ if (priv->message_data->len + payload_len > priv->max_incoming_payload_size) {
|
||||
+ too_big_error_and_close (self, (priv->message_data->len + payload_len));
|
||||
+ return;
|
||||
+ }
|
||||
g_byte_array_append (priv->message_data, payload, payload_len);
|
||||
break;
|
||||
default:
|
||||
30
CVE-2025-32907.patch
Normal file
30
CVE-2025-32907.patch
Normal file
@ -0,0 +1,30 @@
|
||||
From 84e601252a9ae5eafaba9cb9cb5e4bd77ca41bdb Mon Sep 17 00:00:00 2001
|
||||
From: Milan Crha <mcrha@redhat.com>
|
||||
Date: Tue, 15 Apr 2025 12:17:39 +0200
|
||||
Subject: [PATCH] soup-message-headers: Correct merge of ranges
|
||||
|
||||
It had been skipping every second range, which generated an array
|
||||
of a lot of insane ranges, causing large memory usage by the server.
|
||||
|
||||
Closes #428
|
||||
---
|
||||
libsoup/soup-message-headers.c | 1 +
|
||||
tests/meson.build | 1 +
|
||||
tests/server-mem-limit-test.c | 144 +++++++++++++++++++++++++++++++++
|
||||
3 files changed, 146 insertions(+)
|
||||
create mode 100644 tests/server-mem-limit-test.c
|
||||
|
||||
diff --git a/libsoup/soup-message-headers.c b/libsoup/soup-message-headers.c
|
||||
index 64847e30..f612bff1 100644
|
||||
--- a/libsoup/soup-message-headers.c
|
||||
+++ b/libsoup/soup-message-headers.c
|
||||
@@ -1024,6 +1024,7 @@ soup_message_headers_get_ranges_internal (SoupMessageHeaders *hdrs,
|
||||
if (cur->start <= prev->end) {
|
||||
prev->end = MAX (prev->end, cur->end);
|
||||
g_array_remove_index (array, i);
|
||||
+ i--;
|
||||
}
|
||||
}
|
||||
}
|
||||
--
|
||||
2.49.0
|
||||
@ -81,3 +81,50 @@ index 5b6da5e4..ec7972fe 100644
|
||||
--
|
||||
GitLab
|
||||
|
||||
From 527428a033df573ef4558ce1106e080fd9ec5c71 Mon Sep 17 00:00:00 2001
|
||||
From: Milan Crha <mcrha@redhat.com>
|
||||
Date: Mon, 28 Apr 2025 10:55:42 +0200
|
||||
Subject: [PATCH] soup-server-http2: Correct check of the validity of the
|
||||
constructed connection URI
|
||||
|
||||
RFC 5740: the CONNECT has unset the "scheme" and "path", thus allow them unset.
|
||||
|
||||
The commit a792b23ab87cacbf4dd9462bf7b675fa678efbae also missed to decrement
|
||||
the `io->in_callback` in the early returns.
|
||||
|
||||
Related to #429
|
||||
---
|
||||
.../server/http2/soup-server-message-io-http2.c | 15 ++++++++++-----
|
||||
1 file changed, 10 insertions(+), 5 deletions(-)
|
||||
|
||||
diff --git a/libsoup/server/http2/soup-server-message-io-http2.c b/libsoup/server/http2/soup-server-message-io-http2.c
|
||||
index f1fe2d5c..913afb46 100644
|
||||
--- a/libsoup/server/http2/soup-server-message-io-http2.c
|
||||
+++ b/libsoup/server/http2/soup-server-message-io-http2.c
|
||||
@@ -771,13 +771,18 @@ on_frame_recv_callback (nghttp2_session *session,
|
||||
char *uri_string;
|
||||
GUri *uri;
|
||||
|
||||
- if (msg_io->scheme == NULL || msg_io->authority == NULL || msg_io->path == NULL)
|
||||
- return NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE;
|
||||
- uri_string = g_strdup_printf ("%s://%s%s", msg_io->scheme, msg_io->authority, msg_io->path);
|
||||
+ if (msg_io->authority == NULL) {
|
||||
+ io->in_callback--;
|
||||
+ return NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE;
|
||||
+ }
|
||||
+ /* RFC 5740: the CONNECT has unset the "scheme" and "path", but the GUri requires the scheme, thus let it be "(null)" */
|
||||
+ uri_string = g_strdup_printf ("%s://%s%s", msg_io->scheme, msg_io->authority, msg_io->path == NULL ? "" : msg_io->path);
|
||||
uri = g_uri_parse (uri_string, SOUP_HTTP_URI_FLAGS, NULL);
|
||||
g_free (uri_string);
|
||||
- if (uri == NULL)
|
||||
- return NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE;
|
||||
+ if (uri == NULL) {
|
||||
+ io->in_callback--;
|
||||
+ return NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE;
|
||||
+ }
|
||||
soup_server_message_set_uri (msg_io->msg, uri);
|
||||
g_uri_unref (uri);
|
||||
|
||||
--
|
||||
GitLab
|
||||
|
||||
|
||||
231
CVE-2025-4035.patch
Normal file
231
CVE-2025-4035.patch
Normal file
@ -0,0 +1,231 @@
|
||||
From 845e198402377f8644e9ae5200f1715df1ddfc08 Mon Sep 17 00:00:00 2001
|
||||
From: Patrick Griffis <pgriffis@igalia.com>
|
||||
Date: Thu, 27 Mar 2025 14:43:26 -0500
|
||||
Subject: [PATCH 1/3] cookie: Always normalize domain value
|
||||
|
||||
In order for libpsl to give accurate results the domain must be lowercased.
|
||||
|
||||
To make it easiest we normalize it at construction time of the cookie.
|
||||
---
|
||||
libsoup/cookies/soup-cookie-jar.c | 11 ++++++++---
|
||||
libsoup/cookies/soup-cookie.c | 22 +++++++++++++++++++---
|
||||
libsoup/soup-tld.c | 11 ++++++++++-
|
||||
libsoup/soup-uri-utils-private.h | 2 ++
|
||||
libsoup/soup-uri-utils.c | 18 ++++++++++++++++++
|
||||
tests/cookies-test.c | 19 +++++++++++++++++++
|
||||
6 files changed, 76 insertions(+), 7 deletions(-)
|
||||
|
||||
diff --git a/libsoup/cookies/soup-cookie-jar.c b/libsoup/cookies/soup-cookie-jar.c
|
||||
index fac53a5f9..7f92ace1f 100644
|
||||
--- a/libsoup/cookies/soup-cookie-jar.c
|
||||
+++ b/libsoup/cookies/soup-cookie-jar.c
|
||||
@@ -519,6 +519,7 @@ incoming_cookie_is_third_party (SoupCookieJar *jar,
|
||||
{
|
||||
SoupCookieJarPrivate *priv;
|
||||
const char *normalized_cookie_domain;
|
||||
+ char *normalized_first_party_host;
|
||||
const char *cookie_base_domain;
|
||||
const char *first_party_base_domain;
|
||||
const char *first_party_host;
|
||||
@@ -540,12 +541,16 @@ incoming_cookie_is_third_party (SoupCookieJar *jar,
|
||||
if (cookie_base_domain == NULL)
|
||||
cookie_base_domain = soup_cookie_get_domain (cookie);
|
||||
|
||||
- first_party_base_domain = soup_tld_get_base_domain (first_party_host, NULL);
|
||||
+ normalized_first_party_host = soup_uri_normalize_domain (first_party_host);
|
||||
+ first_party_base_domain = soup_tld_get_base_domain (normalized_first_party_host, NULL);
|
||||
if (first_party_base_domain == NULL)
|
||||
- first_party_base_domain = first_party_host;
|
||||
+ first_party_base_domain = normalized_first_party_host;
|
||||
|
||||
- if (soup_host_matches_host (cookie_base_domain, first_party_base_domain))
|
||||
+ if (soup_host_matches_host (cookie_base_domain, first_party_base_domain)) {
|
||||
+ g_free (normalized_first_party_host);
|
||||
return FALSE;
|
||||
+ }
|
||||
+ g_free (normalized_first_party_host);
|
||||
|
||||
if (policy == SOUP_COOKIE_JAR_ACCEPT_NO_THIRD_PARTY)
|
||||
return TRUE;
|
||||
diff --git a/libsoup/cookies/soup-cookie.c b/libsoup/cookies/soup-cookie.c
|
||||
index cc80d001f..b6d771646 100644
|
||||
--- a/libsoup/cookies/soup-cookie.c
|
||||
+++ b/libsoup/cookies/soup-cookie.c
|
||||
@@ -168,6 +168,16 @@ parse_date (const char **val_p)
|
||||
return date;
|
||||
}
|
||||
|
||||
+static gboolean
|
||||
+is_lowercase_ascii_string (const char *str)
|
||||
+{
|
||||
+ for (; *str; str++) {
|
||||
+ if (!g_ascii_islower (*str))
|
||||
+ return FALSE;
|
||||
+ }
|
||||
+ return TRUE;
|
||||
+}
|
||||
+
|
||||
#define MAX_AGE_CAP_IN_SECONDS 31536000 // 1 year
|
||||
#define MAX_ATTRIBUTE_SIZE 1024
|
||||
|
||||
@@ -311,6 +321,12 @@ parse_one_cookie (const char *header, GUri *origin)
|
||||
g_free (cookie->domain);
|
||||
cookie->domain = tmp;
|
||||
}
|
||||
+
|
||||
+ if (!is_lowercase_ascii_string (cookie->domain)) {
|
||||
+ char *tmp = soup_uri_normalize_domain (cookie->domain);
|
||||
+ g_free (cookie->domain);
|
||||
+ cookie->domain = tmp;
|
||||
+ }
|
||||
}
|
||||
|
||||
if (origin) {
|
||||
@@ -321,7 +337,7 @@ parse_one_cookie (const char *header, GUri *origin)
|
||||
return NULL;
|
||||
}
|
||||
} else
|
||||
- cookie->domain = g_strdup (g_uri_get_host (origin));
|
||||
+ cookie->domain = soup_uri_normalize_domain (g_uri_get_host (origin));
|
||||
|
||||
/* The original cookie spec didn't say that pages
|
||||
* could only set cookies for paths they were under.
|
||||
@@ -364,7 +380,7 @@ cookie_new_internal (const char *name, const char *value,
|
||||
cookie = g_slice_new0 (SoupCookie);
|
||||
cookie->name = g_strdup (name);
|
||||
cookie->value = g_strdup (value);
|
||||
- cookie->domain = g_strdup (domain);
|
||||
+ cookie->domain = soup_uri_normalize_domain (domain);
|
||||
cookie->path = g_strdup (path);
|
||||
soup_cookie_set_max_age (cookie, max_age);
|
||||
cookie->same_site_policy = SOUP_SAME_SITE_POLICY_LAX;
|
||||
@@ -537,7 +553,7 @@ void
|
||||
soup_cookie_set_domain (SoupCookie *cookie, const char *domain)
|
||||
{
|
||||
g_free (cookie->domain);
|
||||
- cookie->domain = g_strdup (domain);
|
||||
+ cookie->domain = soup_uri_normalize_domain (domain);
|
||||
}
|
||||
|
||||
/**
|
||||
diff --git a/libsoup/soup-tld.c b/libsoup/soup-tld.c
|
||||
index 2d8151662..71fac5749 100644
|
||||
--- a/libsoup/soup-tld.c
|
||||
+++ b/libsoup/soup-tld.c
|
||||
@@ -15,6 +15,7 @@
|
||||
#include <libpsl.h>
|
||||
|
||||
#include "soup-tld.h"
|
||||
+#include "soup-uri-utils-private.h"
|
||||
#include "soup.h"
|
||||
|
||||
static const char *soup_tld_get_base_domain_internal (const char *hostname,
|
||||
@@ -41,6 +42,8 @@ static const char *soup_tld_get_base_domain_internal (const char *hostname,
|
||||
* UTF-8 or ASCII format (and the return value will be in the same
|
||||
* format).
|
||||
*
|
||||
+ * For accurate results @hostname must be lowercase.
|
||||
+ *
|
||||
* Returns: a pointer to the start of the base domain in @hostname. If
|
||||
* an error occurs, %NULL will be returned and @error set.
|
||||
**/
|
||||
@@ -80,6 +83,8 @@ gboolean
|
||||
soup_tld_domain_is_public_suffix (const char *domain)
|
||||
{
|
||||
const psl_ctx_t* psl = soup_psl_context ();
|
||||
+ char *normalized;
|
||||
+ gboolean is_public_suffix;
|
||||
|
||||
g_return_val_if_fail (domain, FALSE);
|
||||
|
||||
@@ -88,7 +93,11 @@ soup_tld_domain_is_public_suffix (const char *domain)
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
- return psl_is_public_suffix2 (psl, domain, PSL_TYPE_ANY | PSL_TYPE_NO_STAR_RULE);
|
||||
+ normalized = soup_uri_normalize_domain (domain);
|
||||
+ is_public_suffix = psl_is_public_suffix2 (psl, normalized, PSL_TYPE_ANY | PSL_TYPE_NO_STAR_RULE);
|
||||
+ g_free (normalized);
|
||||
+
|
||||
+ return is_public_suffix;
|
||||
}
|
||||
|
||||
/**
|
||||
diff --git a/libsoup/soup-uri-utils-private.h b/libsoup/soup-uri-utils-private.h
|
||||
index 0119f0814..c2f984f86 100644
|
||||
--- a/libsoup/soup-uri-utils-private.h
|
||||
+++ b/libsoup/soup-uri-utils-private.h
|
||||
@@ -28,6 +28,8 @@ GUri *soup_uri_copy_with_normalized_flags (GUri *uri);
|
||||
|
||||
char *soup_uri_get_host_for_headers (GUri *uri);
|
||||
|
||||
+char *soup_uri_normalize_domain (const char *domain);
|
||||
+
|
||||
#define SOUP_URI_IS_VALID(x) ((x) && g_uri_get_host(x) && g_uri_get_host(x)[0])
|
||||
|
||||
G_END_DECLS
|
||||
diff --git a/libsoup/soup-uri-utils.c b/libsoup/soup-uri-utils.c
|
||||
index 0963a1143..1f65faede 100644
|
||||
--- a/libsoup/soup-uri-utils.c
|
||||
+++ b/libsoup/soup-uri-utils.c
|
||||
@@ -506,3 +506,21 @@ soup_uri_get_host_for_headers (GUri *uri)
|
||||
|
||||
return g_strdup (host);
|
||||
}
|
||||
+
|
||||
+char *
|
||||
+soup_uri_normalize_domain (const char *domain)
|
||||
+{
|
||||
+ char *lower;
|
||||
+ char *normalized;
|
||||
+
|
||||
+ g_assert (domain);
|
||||
+
|
||||
+ if (g_str_is_ascii (domain))
|
||||
+ return g_ascii_strdown (domain, -1);
|
||||
+
|
||||
+ lower = g_utf8_casefold (domain, -1);
|
||||
+ normalized = g_utf8_normalize (lower, -1, G_NORMALIZE_NFKC);
|
||||
+ g_free (lower);
|
||||
+
|
||||
+ return normalized;
|
||||
+}
|
||||
diff --git a/tests/cookies-test.c b/tests/cookies-test.c
|
||||
index 1d2d45630..7007aaf59 100644
|
||||
--- a/tests/cookies-test.c
|
||||
+++ b/tests/cookies-test.c
|
||||
@@ -695,6 +695,24 @@ do_cookies_threads_test (void)
|
||||
soup_test_session_abort_unref (session);
|
||||
}
|
||||
|
||||
+static void
|
||||
+do_cookies_public_suffix_test (void)
|
||||
+{
|
||||
+ SoupCookieJar *jar = soup_cookie_jar_new ();
|
||||
+ GUri *uri = g_uri_parse ("http://example.CO.uk", SOUP_HTTP_URI_FLAGS, NULL);
|
||||
+ GSList *cookies;
|
||||
+
|
||||
+ soup_cookie_jar_set_cookie (jar, uri, "value=1; domain=.co.uk");
|
||||
+ soup_cookie_jar_set_cookie (jar, uri, "value=1; domain=.CO.uk");
|
||||
+ soup_cookie_jar_set_cookie (jar, uri, "value=1; domain=.CO.UK");
|
||||
+
|
||||
+ cookies = soup_cookie_jar_all_cookies (jar);
|
||||
+ g_assert_cmpint (g_slist_length (cookies), ==, 0);
|
||||
+
|
||||
+ g_uri_unref (uri);
|
||||
+ g_object_unref (jar);
|
||||
+}
|
||||
+
|
||||
int
|
||||
main (int argc, char **argv)
|
||||
{
|
||||
@@ -726,6 +744,7 @@ main (int argc, char **argv)
|
||||
g_test_add_func ("/cookies/secure-cookies", do_cookies_strict_secure_test);
|
||||
g_test_add_func ("/cookies/prefix", do_cookies_prefix_test);
|
||||
g_test_add_func ("/cookies/threads", do_cookies_threads_test);
|
||||
+ g_test_add_func ("/cookies/public-suffix", do_cookies_public_suffix_test);
|
||||
|
||||
ret = g_test_run ();
|
||||
|
||||
--
|
||||
GitLab
|
||||
89
CVE-2025-4948.patch
Normal file
89
CVE-2025-4948.patch
Normal file
@ -0,0 +1,89 @@
|
||||
From 66521f00e9f87f709d8ad9138f19052db933cf06 Mon Sep 17 00:00:00 2001
|
||||
From: Milan Crha <mcrha@redhat.com>
|
||||
Date: Thu, 15 May 2025 17:49:11 +0200
|
||||
Subject: [PATCH] soup-multipart: Verify boundary limits for multipart body
|
||||
|
||||
It could happen that the boundary started at a place which resulted into
|
||||
a negative number, which in an unsigned integer is a very large value.
|
||||
Check the body size is not a negative value before setting it.
|
||||
|
||||
Closes https://gitlab.gnome.org/GNOME/libsoup/-/issues/449
|
||||
---
|
||||
libsoup/soup-multipart.c | 2 +-
|
||||
tests/multipart-test.c | 40 ++++++++++++++++++++++++++++++++++++++++
|
||||
2 files changed, 41 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/libsoup/soup-multipart.c b/libsoup/soup-multipart.c
|
||||
index 102ce372..a587fe7c 100644
|
||||
--- a/libsoup/soup-multipart.c
|
||||
+++ b/libsoup/soup-multipart.c
|
||||
@@ -204,7 +204,7 @@ soup_multipart_new_from_message (SoupMessageHeaders *headers,
|
||||
*/
|
||||
part_body = g_bytes_new_from_bytes (body, // FIXME
|
||||
split - body_data,
|
||||
- end - 2 - split);
|
||||
+ end - 2 >= split ? end - 2 - split : 0);
|
||||
g_ptr_array_add (multipart->bodies, part_body);
|
||||
|
||||
start = end;
|
||||
diff --git a/tests/multipart-test.c b/tests/multipart-test.c
|
||||
index f5b98688..92b673eb 100644
|
||||
--- a/tests/multipart-test.c
|
||||
+++ b/tests/multipart-test.c
|
||||
@@ -527,6 +527,45 @@ test_multipart_bounds_bad (void)
|
||||
g_bytes_unref (bytes);
|
||||
}
|
||||
|
||||
+static void
|
||||
+test_multipart_too_large (void)
|
||||
+{
|
||||
+ const char *raw_body =
|
||||
+ "-------------------\r\n"
|
||||
+ "-\n"
|
||||
+ "Cont\"\r\n"
|
||||
+ "Content-Tynt----e:n\x8erQK\r\n"
|
||||
+ "Content-Disposition: name= form-; name=\"file\"; filename=\"ype:i/ -d; ----\xae\r\n"
|
||||
+ "Content-Typimag\x01/png--\\\n"
|
||||
+ "\r\n"
|
||||
+ "---:\n\r\n"
|
||||
+ "\r\n"
|
||||
+ "-------------------------------------\r\n"
|
||||
+ "---------\r\n"
|
||||
+ "----------------------";
|
||||
+ GBytes *body;
|
||||
+ GHashTable *params;
|
||||
+ SoupMessageHeaders *headers;
|
||||
+ SoupMultipart *multipart;
|
||||
+
|
||||
+ params = g_hash_table_new (g_str_hash, g_str_equal);
|
||||
+ g_hash_table_insert (params, (gpointer) "boundary", (gpointer) "-----------------");
|
||||
+ headers = soup_message_headers_new (SOUP_MESSAGE_HEADERS_MULTIPART);
|
||||
+ soup_message_headers_set_content_type (headers, "multipart/form-data", params);
|
||||
+ g_hash_table_unref (params);
|
||||
+
|
||||
+ body = g_bytes_new_static (raw_body, strlen (raw_body));
|
||||
+ multipart = soup_multipart_new_from_message (headers, body);
|
||||
+ soup_message_headers_unref (headers);
|
||||
+ g_bytes_unref (body);
|
||||
+
|
||||
+ g_assert_nonnull (multipart);
|
||||
+ g_assert_cmpint (soup_multipart_get_length (multipart), ==, 1);
|
||||
+ g_assert_true (soup_multipart_get_part (multipart, 0, &headers, &body));
|
||||
+ g_assert_cmpint (g_bytes_get_size (body), ==, 0);
|
||||
+ soup_multipart_free (multipart);
|
||||
+}
|
||||
+
|
||||
int
|
||||
main (int argc, char **argv)
|
||||
{
|
||||
@@ -556,6 +595,7 @@ main (int argc, char **argv)
|
||||
g_test_add_data_func ("/multipart/async-small-reads", GINT_TO_POINTER (ASYNC_MULTIPART_SMALL_READS), test_multipart);
|
||||
g_test_add_func ("/multipart/bounds-good", test_multipart_bounds_good);
|
||||
g_test_add_func ("/multipart/bounds-bad", test_multipart_bounds_bad);
|
||||
+ g_test_add_func ("/multipart/too-large", test_multipart_too_large);
|
||||
|
||||
ret = g_test_run ();
|
||||
|
||||
--
|
||||
GitLab
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
## (rpmautospec version 0.6.5)
|
||||
## RPMAUTOSPEC: autorelease, autochangelog
|
||||
%define autorelease(e:s:pb:n) %{?-p:0.}%{lua:
|
||||
release_number = 3;
|
||||
release_number = 6;
|
||||
base_release_number = tonumber(rpm.expand("%{?-b*}%{!?-b:1}"));
|
||||
print(release_number + base_release_number - 1);
|
||||
}%{?-e:.%{-e*}}%{?-s:.%{-s*}}%{!?-n:%{?dist}}
|
||||
@ -12,7 +12,7 @@
|
||||
|
||||
Name: libsoup3
|
||||
Version: 3.6.5
|
||||
Release: %autorelease
|
||||
Release: 3%{?dist}.%{autorelease -n}
|
||||
Summary: Soup, an HTTP library implementation
|
||||
|
||||
License: LGPL-2.0-or-later
|
||||
@ -31,6 +31,15 @@ Patch: CVE-2025-32914.patch
|
||||
# https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/451
|
||||
Patch: CVE-2025-32908.patch
|
||||
|
||||
# https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/448 (simplified and corrected)
|
||||
Patch: CVE-2025-4035.patch
|
||||
# https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/463
|
||||
Patch: CVE-2025-4948.patch
|
||||
# https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/408 (simplified)
|
||||
Patch: CVE-2025-32049.patch
|
||||
# https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/452
|
||||
Patch: CVE-2025-32907.patch
|
||||
|
||||
BuildRequires: ca-certificates
|
||||
BuildRequires: gcc
|
||||
BuildRequires: gettext
|
||||
@ -124,6 +133,15 @@ install -m 644 -D tests/libsoup.supp %{buildroot}%{_datadir}/libsoup-3.0/libsoup
|
||||
|
||||
%changelog
|
||||
## START: Generated by rpmautospec
|
||||
* Wed May 21 2025 Michael Catanzaro <mcatanzaro@redhat.com> - 3.6.5-6
|
||||
- Add patch for CVE-2025-32907
|
||||
|
||||
* Wed May 21 2025 Michael Catanzaro <mcatanzaro@redhat.com> - 3.6.5-5
|
||||
- Fix release field
|
||||
|
||||
* Wed May 21 2025 Michael Catanzaro <mcatanzaro@redhat.com> - 3.6.5-4
|
||||
- Fix several CVEs
|
||||
|
||||
* Thu May 01 2025 Michael Catanzaro <mcatanzaro@redhat.com> - 3.6.5-3
|
||||
- Add patch to hopefully fix http2-body-size-test timeouts
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user