stable

mingw-libsoup-2.74.3-11.fc41

FEDORA-2025-bd12d23d21 created by smani 2 weeks ago for Fedora 41

Backport fixes for CVE-2025-32910, CVE-2025-32911, CVE-2025-32913

Backport fixes for CVE-2025-32050 CVE-2025-32052 CVE-2025-32053 CVE-2025-32906 CVE-2025-32907 CVE-2025-32909

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2025-bd12d23d21

This update has been submitted for testing by smani.

2 weeks ago

This update's test gating status has been changed to 'ignored'.

2 weeks ago

This update has obsoleted mingw-libsoup-2.74.3-10.fc41, and has inherited its bugs and notes.

2 weeks ago

This update has been pushed to testing.

2 weeks ago

This update has been submitted for stable by bodhi.

a week ago

This update has been pushed to stable.

a week ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
0
Signed
Content Type
RPM
Test Gating
Autopush Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
2 weeks ago
in testing
2 weeks ago
in stable
a week ago
approved
a week ago
Builds
1
mingw-libsoup-2.74.3-11.fc41
BZ#2357079 CVE-2025-32050 mingw-libsoup: Integer overflow in append_param_quoted [fedora-all]
0
0
BZ#2357086 CVE-2025-32052 mingw-libsoup: Heap buffer overflow in sniff_unknown() [fedora-all]
0
0
BZ#2357088 CVE-2025-32053 mingw-libsoup: Heap buffer overflows in sniff_feed_or_html() and skip_insignificant_space() [fedora-all]
0
0
BZ#2359346 CVE-2025-32906 mingw-libsoup: Out of bounds reads in soup_headers_parse_request() [fedora-all]
0
0
BZ#2359351 CVE-2025-32907 mingw-libsoup: Denial of service in server when client requests a large amount of overlapping ranges with Range header [fedora-all]
0
0
BZ#2359361 CVE-2025-32909 mingw-libsoup: NULL Pointer Dereference on libsoup through function "sniff_mp4" in soup-content-sniffer.c [fedora-all]
0
0
BZ#2359364 CVE-2025-32910 mingw-libsoup: Null pointer deference on libsoup via /auth/soup-auth-digest.c through "soup_auth_digest_authenticate" on client when server omits the "realm" parameter in an Unauthorized response with Digest authentication [fedora-all]
0
0
BZ#2359367 CVE-2025-32911 mingw-libsoup: Double free on soup_message_headers_get_content_disposition() through "soup-message-headers.c" via "params" GHashTable value [fedora-all]
0
0
BZ#2359370 CVE-2025-32913 mingw-libsoup: NULL pointer dereference in soup_message_headers_get_content_disposition when "filename" parameter is present, but has no value in Content-Disposition header [fedora-all]
0
0
mingw-libsoup-2.74.3-11.fc41

Automated Test Results

Copyright © 2007-2025 Red Hat, Inc. and others.

Running bodhi-server 8.3.0 on bodhi-web-177-5kbt2.

bodhi is Free Software. Please file issues if you have any problems. Read the documentation.

Composes Legal Privacy policy