Skip to content

[Deepin Integration]~[v25-Release] CVE-2025-4476, CVE-2025-4945, CVE-2025-4948, CVE-2025-4969, CVE-2025-12105, CVE-2025-46421, CVE-2026-1761 by UTsweetyfish@deepin-community/libsoup2.4 by deepin-community-ci-bot[bot] #12938

New issue
New issue
Open
Open
[Deepin Integration]~[v25-Release] CVE-2025-4476, CVE-2025-4945, CVE-2025-4948, CVE-2025-4969, CVE-2025-12105, CVE-2025-46421, CVE-2026-1761 by UTsweetyfish@deepin-community/libsoup2.4 by deepin-community-ci-bot[bot]#12938
Assignees
Zeno-sole
Labels
Project:integrated集成管理相关security
Milestone
v25-Release
@deepin-bot

Description

@deepin-bot
deepin-bot
bot
opened on Mar 20, 2026

Package information | 软件包信息

包名 版本
libsoup2.4 2.74.3-10.1deepin2

Package repository address | 软件包仓库地址

deb [trusted=yes] https://ci.deepin.com/repo/obs/deepin:/CI:/TestingIntegration:/test-integration-pr-3753/testing/ ./

Changelog | 更新信息

libsoup2.4 (2.74.3-10.1deepin2) unstable; urgency=medium

  • SECURITY UPDATE:
    • CVE-2025-4476:
      debian/patches/auth-digest-fix-crash-in-soup_auth_digest_get_protection_.patch
    • CVE-2025-4945:
      debian/patches/soup-date-utils-Add-value-checks-for-date-time-parsing.patch
      tests-Add-tests-for-date-time-including-timezone-validati.patch
    • CVE-2025-4948:
      debian/patches/soup-multipart-Verify-boundary-limits-for-multipart-body.patch
    • CVE-2025-4969:
      debian/patches/soup-multipart-Verify-array-bounds-before-accessing-its-m.patch
    • CVE-2025-12105:
      debian/patches/fix-heap-use-after-free-caused-by-finishing-queue-item-tw.patch
    • CVE-2025-46421:
      debian/patches/session-Strip-authentication-credentails-on-cross-origin-.patch
    • CVE-2026-1761:
      debian/patches/multipart-check-length-of-bytes-read-soup_filter_input_st.patch

Metadata

Metadata

Assignees

Labels

Project:integrated集成管理相关security

Type

No type

Projects

集成管理

Status

已集成

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions