libsoup2.4 2.74.2-3ubuntu0.1 source package in Ubuntu
Changelog
libsoup2.4 (2.74.2-3ubuntu0.1) jammy-security; urgency=medium
* SECURITY UPDATE: Request smuggling
- debian/patches/CVE-2024-52530.patch: Strictly don't allow NUL
bytes in headers
- CVE-2024-52530
* SECURITY UPDATE: Buffer overflow
- debian/patches/CVE-2024-52531-1.patch: Be more robust against
invalid input when parsing params
- debian/patches/CVE-2024-52531-2.patch: Add test for passing
invalid UTF-8 to soup_header_parse_semi_param_list()
- CVE-2024-52531
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2024-52532-1.patch: process the frame as soon
as data is read
- debian/patches/CVE-2024-52532-2.patch: disconnect error copy
after the test ends
- CVE-2024-52532
-- Bruce Cable <email address hidden> Tue, 19 Nov 2024 09:24:38 +1100
Upload details
- Uploaded by:
- Bruce Cable
- Uploaded to:
- Jammy
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- devel
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| libsoup2.4_2.74.2.orig.tar.xz | 1.4 MiB | f0a427656e5fe19e1df71c107e88dfa1b2e673c25c547b7823b6018b40d01159 |
| libsoup2.4_2.74.2-3ubuntu0.1.debian.tar.xz | 31.2 KiB | 448f7e20e211954295256767f67b0dcacc1dee9943a751a4288f2725188b19f1 |
| libsoup2.4_2.74.2-3ubuntu0.1.dsc | 3.2 KiB | d5abc897f8ad3f520b437d5a5541b504ac4741e4d51b1db78b6a82752a1d542d |
Available diffs
Binary packages built by this source
- gir1.2-soup-2.4: GObject introspection data for the libsoup HTTP library
This package contains introspection data for the libsoup HTTP library.
.
libsoup uses the Glib main loop and is designed to work well with GTK+
applications. This enables GNOME applications to access HTTP servers
on the network in a completely asynchronous fashion, very similar to
the GTK+ programming model (a synchronous operation mode is also
supported for those who want it).
.
It can be used by packages using the GIRepository format to generate
dynamic bindings.
- libsoup-gnome2.4-1: HTTP library implementation in C -- GNOME support library
It was originally part of a SOAP (Simple Object Access Protocol)
implementation called Soup, but the SOAP and non-SOAP parts have now been
split into separate packages.
.
libsoup uses the Glib main loop and is designed to work well with GTK+
applications. This enables GNOME applications to access HTTP servers
on the network in a completely asynchronous fashion, very similar to
the GTK+ programming model (a synchronous operation mode is also
supported for those who want it).
.
The GNOME support library is used for features which are important to
GNOME apps, but which require GNOME-specific libraries that non-GNOME
apps may not want to add dependencies on.
.
Features:
* Both asynchronous (GMainLoop and callback-based) and synchronous APIs
* Automatically caches connections
* SSL Support using GnuTLS
* Proxy support, including authentication and SSL tunneling
* Client support for Digest, NTLM, and Basic authentication
* Server support for Digest and Basic authentication
* Basic client-side SOAP and XML-RPC support
.
This package contains the GNOME support shared library.
- libsoup-gnome2.4-1-dbgsym: debug symbols for libsoup-gnome2.4-1
- libsoup-gnome2.4-dev: HTTP library implementation in C -- GNOME support development files
It was originally part of a SOAP (Simple Object Access Protocol)
implementation called Soup, but the SOAP and non-SOAP parts have now been
split into separate packages.
.
libsoup uses the Glib main loop and is designed to work well with GTK+
applications. This enables GNOME applications to access HTTP servers
on the network in a completely asynchronous fashion, very similar to
the Gtk+ programming model (a synchronous operation mode is also
supported for those who want it).
.
The GNOME support library is used for features which are important to
GNOME apps, but which require GNOME-specific libraries that non-GNOME
apps may not want to add dependencies on.
.
Features:
* Both asynchronous (GMainLoop and callback-based) and synchronous APIs
* Automatically caches connections
* SSL Support using GnuTLS
* Proxy support, including authentication and SSL tunneling
* Client support for Digest, NTLM, and Basic authentication
* Server support for Digest and Basic authentication
* Basic client-side SOAP and XML-RPC support
.
This package contains the development files for the GNOME support.
- libsoup2.4-1: HTTP library implementation in C -- Shared library
It was originally part of a SOAP (Simple Object Access Protocol)
implementation called Soup, but the SOAP and non-SOAP parts have now been
split into separate packages.
.
libsoup uses the Glib main loop and is designed to work well with GTK+
applications. This enables GNOME applications to access HTTP servers
on the network in a completely asynchronous fashion, very similar to
the GTK+ programming model (a synchronous operation mode is also
supported for those who want it).
.
Features:
* Both asynchronous (GMainLoop and callback-based) and synchronous APIs
* Automatically caches connections
* SSL Support using GnuTLS
* Proxy support, including authentication and SSL tunneling
* Client support for Digest, NTLM, and Basic authentication
* Server support for Digest and Basic authentication
* Basic client-side SOAP and XML-RPC support
.
This package contains the shared library.
- libsoup2.4-1-dbgsym: debug symbols for libsoup2.4-1
- libsoup2.4-common: HTTP library implementation in C -- Common files
It was originally part of a SOAP (Simple Object Access Protocol)
implementation called Soup, but the SOAP and non-SOAP parts have now been
split into separate packages.
.
This package contains architecture-independent files such as translations.
- libsoup2.4-dev: HTTP library implementation in C -- Development files
It was originally part of a SOAP (Simple Object Access Protocol)
implementation called Soup, but the SOAP and non-SOAP parts have now been
split into separate packages.
.
libsoup uses the Glib main loop and is designed to work well with GTK+
applications. This enables GNOME applications to access HTTP servers
on the network in a completely asynchronous fashion, very similar to
the GTK+ programming model (a synchronous operation mode is also
supported for those who want it).
.
Features:
* Both asynchronous (GMainLoop and callback-based) and synchronous APIs
* Automatically caches connections
* SSL Support using GnuTLS
* Proxy support, including authentication and SSL tunneling
* Client support for Digest, NTLM, and Basic authentication
* Server support for Digest and Basic authentication
* Basic client-side SOAP and XML-RPC support
.
This package contains the development files.
- libsoup2.4-doc: HTTP library implementation in C -- API Reference
It was originally part of a SOAP (Simple Object Access Protocol)
implementation called Soup, but the SOAP and non-SOAP parts have now been
split into separate packages.
.
libsoup uses the Glib main loop and is designed to work well with GTK+
applications. This enables GNOME applications to access HTTP servers
on the network in a completely asynchronous fashion, very similar to
the GTK+ programming model (a synchronous operation mode is also
supported for those who want it).
.
Features:
* Both asynchronous (GMainLoop and callback-based) and synchronous APIs
* Automatically caches connections
* SSL Support using GnuTLS
* Proxy support, including authentication and SSL tunneling
* Client support for Digest, NTLM, and Basic authentication
* Server support for Digest and Basic authentication
* Basic client-side SOAP and XML-RPC support
.
This package contains the documentation.
- libsoup2.4-tests: HTTP library implementation in C -- installed tests
libsoup uses the Glib main loop and is designed to work well with GTK+
applications. This enables GNOME applications to access HTTP servers
on the network in a completely asynchronous fashion, very similar to
the GTK+ programming model (a synchronous operation mode is also
supported for those who want it).
.
This package contains automated tests, mostly for use via autopkgtest.
They can most easily be invoked via the gnome-desktop-testing- runner
tool in the gnome-desktop-testing package.
- libsoup2.4-tests-dbgsym: debug symbols for libsoup2.4-tests
