stable

mingw-libsoup-2.74.3-11.fc42

FEDORA-2025-c4605302b8 created by smani a year ago for Fedora 42

Backport fixes for CVE-2025-32910, CVE-2025-32911, CVE-2025-32913

Backport fixes for CVE-2025-32050 CVE-2025-32052 CVE-2025-32053 CVE-2025-32906 CVE-2025-32907 CVE-2025-32909

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2025-c4605302b8

This update has been submitted for testing by smani.

a year ago

This update's test gating status has been changed to 'ignored'.

a year ago

This update has obsoleted mingw-libsoup-2.74.3-10.fc42, and has inherited its bugs and notes.

a year ago

This update has been pushed to testing.

a year ago

This update has been submitted for stable by bodhi.

12 months ago

This update has been pushed to stable.

12 months ago

Please log in to add feedback.

Metadata
Type
security
Severity
medium
Karma
0
Signed
Content Type
RPM
Test Gating
Autopush Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
a year ago
in testing
a year ago
in stable
12 months ago
approved
12 months ago
Builds
1
mingw-libsoup-2.74.3-11.fc42
BZ#2357079 CVE-2025-32050 mingw-libsoup: Integer overflow in append_param_quoted [fedora-all]
0
0
BZ#2357086 CVE-2025-32052 mingw-libsoup: Heap buffer overflow in sniff_unknown() [fedora-all]
0
0
BZ#2357088 CVE-2025-32053 mingw-libsoup: Heap buffer overflows in sniff_feed_or_html() and skip_insignificant_space() [fedora-all]
0
0
BZ#2359346 CVE-2025-32906 mingw-libsoup: Out of bounds reads in soup_headers_parse_request() [fedora-all]
0
0
BZ#2359351 CVE-2025-32907 mingw-libsoup: Denial of service in server when client requests a large amount of overlapping ranges with Range header [fedora-all]
0
0
BZ#2359361 CVE-2025-32909 mingw-libsoup: NULL Pointer Dereference on libsoup through function "sniff_mp4" in soup-content-sniffer.c [fedora-all]
0
0
BZ#2359364 CVE-2025-32910 mingw-libsoup: Null pointer deference on libsoup via /auth/soup-auth-digest.c through "soup_auth_digest_authenticate" on client when server omits the "realm" parameter in an Unauthorized response with Digest authentication [fedora-all]
0
0
BZ#2359367 CVE-2025-32911 mingw-libsoup: Double free on soup_message_headers_get_content_disposition() through "soup-message-headers.c" via "params" GHashTable value [fedora-all]
0
0
BZ#2359370 CVE-2025-32913 mingw-libsoup: NULL pointer dereference in soup_message_headers_get_content_disposition when "filename" parameter is present, but has no value in Content-Disposition header [fedora-all]
0
0
mingw-libsoup-2.74.3-11.fc42

Automated Test Results

Copyright © 2007-2026 Red Hat, Inc. and others.

Running bodhi-server 25.11.3 on bodhi-web-21-hmlh5.

bodhi is Free Software. Please file issues if you have any problems. Read the documentation.

Composes Legal Privacy policy