Описание
ELSA-2025-0838: libsoup security update (IMPORTANT)
[2.62.3-7]
- Backport upstream patch for CVE-2024-52531 - buffer overflow via UTF-8 conversion in soup_header_parse_param_list_strict Resolves: RHEL-76376
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
libsoup
2.62.3-7.el8_10
libsoup-devel
2.62.3-7.el8_10
Oracle Linux x86_64
libsoup
2.62.3-7.el8_10
libsoup-devel
2.62.3-7.el8_10
Связанные CVE
Связанные уязвимости
GNOME libsoup before 3.6.1 allows a buffer overflow in applications that perform conversion to UTF-8 in soup_header_parse_param_list_strict. There is a plausible way to reach this remotely via soup_message_headers_get_content_type (e.g., an application may want to retrieve the content type of a request or response).
GNOME libsoup before 3.6.1 allows a buffer overflow in applications that perform conversion to UTF-8 in soup_header_parse_param_list_strict. There is a plausible way to reach this remotely via soup_message_headers_get_content_type (e.g., an application may want to retrieve the content type of a request or response).
GNOME libsoup before 3.6.1 allows a buffer overflow in applications that perform conversion to UTF-8 in soup_header_parse_param_list_strict. There is a plausible way to reach this remotely via soup_message_headers_get_content_type (e.g., an application may want to retrieve the content type of a request or response).
GNOME libsoup before 3.6.1 allows a buffer overflow in applications th ...