libsoup2.4 (2.66.1-1ubuntu0.1) disco-security; urgency=medium * SECURITY UPDATE: heap over-read in soup_ntlm_parse_challenge() - debian/patches/CVE-2019-17266.patch: avoid a potential heap buffer overflow in v2 authentication in libsoup/soup-auth-ntlm.c. - CVE-2019-17266 -- Marc Deslauriers <email address hidden> Wed, 09 Oct 2019 10:34:56 -0400