-
libsoup (2.2.93-0ubuntu1.2) dapper-security; urgency=low
* SECURITY UPDATE: possible arbitrary code execution when processing large
Base64 strings
- debian/patches/91_security_CVE-2009-0585.patch: update libsoup/soup-misc.c
to properly verify the string length and set the length of the output
buffer.
- CVE-2009-0585
-- Marc Deslauriers <email address hidden> Thu, 12 Mar 2009 23:31:05 -0400
-
libsoup (2.2.93-0ubuntu1.1) dapper-security; urgency=low
* SECURITY UPDATE: remote denial-of-service via GET request
* Added 'debian/patches/90_get_crash.patch': extracted from Debian
* References
CVE-2006-5876
-- Kees Cook <email address hidden> Tue, 23 Jan 2007 11:34:59 -0800
-
libsoup (2.2.93-0ubuntu1) dapper-updates; urgency=low
* New upstream version:
- Fixed outgoing data corruption caused when SoupServer
started writing out a response a second time after already
having started once. [334469]. Also fixed 342640 and another
bug caused by the workaround for 334469 in 2.2.92.
- Fixed a deadlock when changing a session's proxy URI.
- Fixed https-via-proxies in the synchronous case.
- Fixed a crash in evolution-exchange
- Fixed simple-proxy to not crash at startup. Oops.
-- Sebastien Bacher <email address hidden> Wed, 14 Jun 2006 17:03:10 +0200
-
libsoup (2.2.92-0ubuntu1) dapper; urgency=low
* New upstream version:
- Fixed server-side digest auth to return a valid "algorithm"
value and client-side to not crash if it sees an invalid one
- Fixed the Request-Line parsing code to not hardcode a
maximum URI length (to allow very long DAAP requests from
iTunes in Rhythmbox).
- Fixed some warnings (signed/unsigned mismatch).
-- Sebastien Bacher <email address hidden> Tue, 11 Apr 2006 19:17:48 +0200
-
libsoup (2.2.91-1ubuntu1) dapper; urgency=low
* Sync with Debian
* debian/patches/02_xmlrpc_pointer.patch,
debian/patches/03_xmlrpc_array.patch:
- patches for the xmlrpc code
-- Sebastien Bacher <email address hidden> Sat, 11 Mar 2006 15:53:09 +0100
-
libsoup (2.2.7-0ubuntu2) dapper; urgency=low
* debian/control:
- Build-Depends,Depends on gnutls instead of gnutls11
-- Sebastien Bacher <email address hidden> Thu, 23 Feb 2006 16:04:12 +0100
-
libsoup (2.2.7-0ubuntu1) dapper; urgency=low
* Sync with Debian.
* New upstream version:
- Fixed a crash when using NTLM connections
- Fixed a bug that could cause soup to suck up all available CPU when
a connection to a SoupServer was dropped by the other side
- Fixed the creation of struct elements in XMLRPC messages
- Plugged a small memory leak in SoupSocket
- Fixed two compile problems, a gccism and a strict-aliasing warning
from gcc 4.1.
* debian/patches/02_xmlrpc_pointer.patch,
debian/patches/03_xmlrpc_array.patch:
- patches for xml-rpc.
-- Sebastien Bacher <email address hidden> Thu, 17 Nov 2005 18:15:59 +0100