Skip to content

[Deepin Integration]~[v25-Release] feat: update libsoup3 to 3.6.5-8 by deepin-community-bot[bot]@deepin-community/libsoup3 by deepin-community-ci-bot[bot] #12937

New issue
New issue
Open
Open
[Deepin Integration]~[v25-Release] feat: update libsoup3 to 3.6.5-8 by deepin-community-bot[bot]@deepin-community/libsoup3 by deepin-community-ci-bot[bot]#12937
Assignees
Zeno-sole
Labels
Project:integrated集成管理相关
Milestone
v25-Release
@deepin-bot

Description

@deepin-bot
deepin-bot
bot
opened on Mar 20, 2026

Package information | 软件包信息

包名 版本
libsoup3 3.6.5-8

Package repository address | 软件包仓库地址

deb [trusted=yes] https://ci.deepin.com/repo/obs/deepin:/CI:/TestingIntegration:/test-integration-pr-3752:/community/testing/ ./

Changelog | 更新信息

libsoup3 (3.6.5-8) unstable; urgency=high

[ Bruce Cable ]

  • SECURITY UPDATE: Carriage Return Line Feed Injection
  • SECURITY UPDATE: Information Leak
    • debian/patches/CVE-2026-1539.patch: Also remove Proxy-Authorization
      header on cross origin redirect
    • CVE-2026-1539 (Closes: #1126628)

[ Jeremy Bícha ]

  • SECURITY UPDATE: HTTP Request smuggling vulnerability
    • debian/patches/CVE-2026-1760.patch: Close the connection after
      responding to a request containing Content-Length and Transfer-Encoding
  • SECURITY UPDATE: Stack-based buffer overflow vulnerability
    • debian/patches/CVE-2026-1761.patch: Make sure read length is smaller
      than buffer length when boundary is found
  • SECURITY UPDATE: HTTP Request smuggling vulnerability

Metadata

Metadata

Assignees

Labels

Project:integrated集成管理相关

Type

No type

Projects

集成管理

Status

已集成

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions