libsoup-2.62.3-7.el8_10

エラータID: AXSA:2025-9617:02

Release date: 
Monday, February 3, 2025 - 10:51
Subject: 
libsoup-2.62.3-7.el8_10
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
High
Description: 

The libsoup packages provide an HTTP client and server library for GNOME.

Security Fix(es):

* libsoup: buffer overflow via UTF-8 conversion in soup_header_parse_param_list_strict (CVE-2024-52531)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2024-52531
GNOME libsoup before 3.6.1 allows a buffer overflow in applications that perform conversion to UTF-8 in soup_header_parse_param_list_strict. Input received over the network cannot trigger this.

Solution: 

Update packages.

CVEs: 
CVE-2024-52531
GNOME libsoup before 3.6.1 allows a buffer overflow in applications that perform conversion to UTF-8 in soup_header_parse_param_list_strict. Input received over the network cannot trigger this.
Additional Info: 

N/A

Download: 

SRPMS
  1. libsoup-2.62.3-7.el8_10.src.rpm
    MD5: 08c6d2420682385083b7bbd1c43eecfe
    SHA-256: 06c55e8030ab16d3444577784d6df89f6862bf73cfd09ef38a48f740fbaa0c4e
    Size: 1.82 MB

Asianux Server 8 for x86_64
  1. libsoup-2.62.3-7.el8_10.i686.rpm
    MD5: 1cbac7fe95b8c7ab5be97b9cae10dcd9
    SHA-256: c0297ad0e8c83c2d736ac13b88a03b7e4a3c19af70d22322f0f864d2e578de31
    Size: 430.21 kB
  2. libsoup-2.62.3-7.el8_10.x86_64.rpm
    MD5: 69442c42beecdc6e30c2fb90b84a761f
    SHA-256: 76321632496a407b0618ede461d622b8dd65d4711dd200dee8ec96cb7d512371
    Size: 424.80 kB
  3. libsoup-devel-2.62.3-7.el8_10.i686.rpm
    MD5: 48c8ba8001fa74edde6d6a0dbb4d8fa8
    SHA-256: bf819d6349ba8cd06cbd4378cedfbfe948fd1b57e80634b40bec50b94ce8d387
    Size: 319.12 kB
  4. libsoup-devel-2.62.3-7.el8_10.x86_64.rpm
    MD5: 38d8d30feef84555faeeb3cb5c3276ce
    SHA-256: bcde79b29ef940c8020ecc53ead86df75782d489ecbd2cf43dd6e47316a60db6
    Size: 319.09 kB