Описание
ELSA-2025-0791: libsoup security update (IMPORTANT)
[2.72.0-8.3]
- Backport upstream patch for CVE-2024-52531 - buffer overflow via UTF-8 conversion in soup_header_parse_param_list_strict Resolves: RHEL-76381
Обновленные пакеты
Oracle Linux 9
Oracle Linux aarch64
libsoup
2.72.0-8.el9_5.3
libsoup-devel
2.72.0-8.el9_5.3
Oracle Linux x86_64
libsoup
2.72.0-8.el9_5.3
libsoup-devel
2.72.0-8.el9_5.3
Связанные CVE
Связанные уязвимости
GNOME libsoup before 3.6.1 allows a buffer overflow in applications that perform conversion to UTF-8 in soup_header_parse_param_list_strict. There is a plausible way to reach this remotely via soup_message_headers_get_content_type (e.g., an application may want to retrieve the content type of a request or response).
GNOME libsoup before 3.6.1 allows a buffer overflow in applications that perform conversion to UTF-8 in soup_header_parse_param_list_strict. There is a plausible way to reach this remotely via soup_message_headers_get_content_type (e.g., an application may want to retrieve the content type of a request or response).
GNOME libsoup before 3.6.1 allows a buffer overflow in applications that perform conversion to UTF-8 in soup_header_parse_param_list_strict. There is a plausible way to reach this remotely via soup_message_headers_get_content_type (e.g., an application may want to retrieve the content type of a request or response).
GNOME libsoup before 3.6.1 allows a buffer overflow in applications th ...