libsoup-2.4: fix CVE-2025-32911 - linux/poky.git - Mirror of git.yoctoproject.org/poky

diff options

author	Changqing Li <changqing.li@windriver.com>	2025-05-06 13:29:07 +0800
committer	Steve Sakoman <steve@sakoman.com>	2025-05-14 08:33:40 -0700
commit	95d7312e40d1cea34c4f43f55d1f6c91ab4c9ab7 (patch)
tree	7519cce7ac55ff4df3347ab0fc8daade8bb76b9a /meta/lib
parent	bf40f73e3bc967cc30141046426a377de0f807f9 (diff)
download	poky-95d7312e40d1cea34c4f43f55d1f6c91ab4c9ab7.tar.gz

libsoup-2.4: fix CVE-2025-32911

CVE-2025-32911: A use-after-free type vulnerability was found in libsoup, in the soup_message_headers_get_content_disposition() function. This flaw allows a malicious HTTP client to cause memory corruption in the libsoup server. Backport patches to fix it [1] https://nvd.nist.gov/vuln/detail/CVE-2025-32911 [2] https://gitlab.gnome.org/GNOME/libsoup/-/issues/433 (From OE-Core rev: 75f1c57a5171859d1bfc58d69b3923d017b14303) Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>

Diffstat (limited to 'meta/lib')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: