libsoup-2.62.2-2.0.1.0.3.el7.AXS7

エラータID: AXSA:2025-9919:04

Release date: 
Monday, May 12, 2025 - 15:22
Subject: 
libsoup-2.62.2-2.0.1.0.3.el7.AXS7
Affected Channels: 
Asianux Server 7 for x86_64
Severity: 
High
Description: 

Libsoup is an HTTP library implementation in C. It was originally part
of a SOAP (Simple Object Access Protocol) implementation called Soup, but
the SOAP and non-SOAP parts have now been split into separate packages.

libsoup uses the Glib main loop and is designed to work well with GTK
applications. This enables GNOME applications to access HTTP servers
on the network in a completely asynchronous fashion, very similar to
the Gtk+ programming model (a synchronous operation mode is also
supported for those who want it).

Security Fix(es):

* CVE-2024-52531: fix buffer overflow caused by conversion to UTF-8

CVE(s):
CVE-2024-52531
GNOME libsoup before 3.6.1 allows a buffer overflow in applications that perform conversion to UTF-8 in soup_header_parse_param_list_strict. There is a plausible way to reach this remotely via soup_message_headers_get_content_type (e.g., an application may want to retrieve the content type of a request or response).

Solution: 

Update packages.

CVEs: 
CVE-2024-52531
GNOME libsoup before 3.6.1 allows a buffer overflow in applications that perform conversion to UTF-8 in soup_header_parse_param_list_strict. There is a plausible way to reach this remotely via soup_message_headers_get_content_type (e.g., an application may want to retrieve the content type of a request or response).
Additional Info: 

N/A

Download: 

Asianux Server 7 for x86_64
  1. libsoup-2.62.2-2.0.1.0.3.el7.AXS7.i686.rpm
    MD5: 0ac40a8ef43131d49f6a681ec338e738
    SHA-256: c1398a04c919b517d9aed94c60e46c918eee3c098381596d7e97c432b13628d1
    Size: 395.60 kB
  2. libsoup-2.62.2-2.0.1.0.3.el7.AXS7.x86_64.rpm
    MD5: 5c3d3c102fa2ba821d0ac3bf07cdb4d4
    SHA-256: 8be562dd389200cdb54c1e15c7ac6d831933d2b20c2e83b319946c07a01d9040
    Size: 411.14 kB
  3. libsoup-devel-2.62.2-2.0.1.0.3.el7.AXS7.i686.rpm
    MD5: 939ae2d513bb65171c892ecdb046a0a4
    SHA-256: 19584a6ad61b4c698fa5d6e61de1ec906c640ad35fdebea2770e840922a8b71f
    Size: 310.07 kB
  4. libsoup-devel-2.62.2-2.0.1.0.3.el7.AXS7.x86_64.rpm
    MD5: 3cf6add730117257a7c70e1aa6fc6bfa
    SHA-256: f6c480f479adc9a1aa40ccd19f0ccde9e402d2f099592192940836ad217d23d4
    Size: 310.04 kB