stable

libsoup3-3.6.5-2.fc42

FEDORA-2025-99768b0fab created by mkasik 4 months ago for Fedora 42

This update fixes these CVEs: CVE-2025-4948 CVE-2025-32908 CVE-2025-32907 CVE-2025-4969 CVE-2025-4945 CVE-2025-4476

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2025-99768b0fab

This update has been submitted for testing by mkasik.

4 months ago

This update's test gating status has been changed to 'waiting'.

4 months ago

This update's test gating status has been changed to 'waiting'.

4 months ago

This update's test gating status has been changed to 'passed'.

4 months ago

This update has been pushed to testing.

4 months ago
User Icon bojan commented & provided feedback 4 months ago
karma

Works.

User Icon derekenz commented & provided feedback 4 months ago
karma

Works

This update can be pushed to stable now if the maintainer wishes

4 months ago
User Icon fredrik commented & provided feedback 4 months ago
karma

Works Silverblue 42.20250731.0

This update has been submitted for stable by bodhi.

4 months ago

This update has been pushed to stable.

3 months ago

Please log in to add feedback.

Metadata
Type
security
Severity
high
Karma
3
Signed
Content Type
RPM
Test Gating
Autopush Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
14 days
Dates
submitted
4 months ago
in testing
4 months ago
in stable
3 months ago
approved
4 months ago
Builds
1
libsoup3-3.6.5-2.fc42
BZ#2359349 CVE-2025-32907 libsoup3: Denial of service in server when client requests a large amount of overlapping ranges with Range header [fedora-all]
0
0
BZ#2359350 CVE-2025-32908 libsoup3: Denial of service on libsoup through HTTP/2 server [fedora-all]
0
0
BZ#2366518 CVE-2025-4476 libsoup3: Null pointer dereference in libsoup may lead to Denial Of Service [fedora-41]
0
0
BZ#2366522 CVE-2025-4476 libsoup3: Null pointer dereference in libsoup may lead to Denial Of Service [fedora-42]
0
0
BZ#2367177 CVE-2025-4945 libsoup3: Integer Overflow in Cookie Expiration Date Handling in libsoup [fedora-all]
0
0
BZ#2367189 CVE-2025-4948 libsoup3: Integer Underflow in soup_multipart_new_from_message() Leading to Denial of Service in libsoup [fedora-all]
0
0
BZ#2367554 CVE-2025-4969 libsoup3: Off-by-One Out-of-Bounds Read in find_boundary() in soup-multipart.c [fedora-41]
0
0
BZ#2367557 CVE-2025-4969 libsoup3: Off-by-One Out-of-Bounds Read in find_boundary() in soup-multipart.c [fedora-42]
0
0
libsoup3-3.6.5-2.fc42

Automated Test Results

Copyright © 2007-2025 Red Hat, Inc. and others.

Running bodhi-server 25.5.1 on bodhi-web-10-hzhhp.

bodhi is Free Software. Please file issues if you have any problems. Read the documentation.

Composes Legal Privacy policy