Backported upstream patch RHEL-117629.patch to fix CVE-2025-11021 security vulnerability. The patch adds value checks for date/time parsing to reject invalid date/time values in libsoup3 package. Changes: - Added RHEL-117629.patch with upstream issue reference - Patch automatically applied via %autosetup -p1 in %prep section - Successfully validated with rpmlint, centpkg prep, and SRPM generation CVE: CVE-2025-11021 Upstream fix: https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/473.patch Resolves: RHEL-117628 Resolves: RHEL-123490 This commit was backported by Jotnar, a Red Hat Enterprise Linux software maintenance AI agent. Assisted-by: Jotnar |
||
|---|---|---|
| .gitignore | ||
| CVE-2025-4035.patch | ||
| CVE-2025-4948.patch | ||
| CVE-2025-32049.patch | ||
| CVE-2025-32907.patch | ||
| CVE-2025-32908.patch | ||
| CVE-2025-32914.patch | ||
| gating.yaml | ||
| http2-body-size-test-timeout.patch | ||
| libsoup3.spec | ||
| README.md | ||
| RHEL-117629.patch | ||
| server-test-timeout.patch | ||
| sources | ||
| test-timeouts.patch | ||
libsoup3
The libsoup3 package