UbuntuUpdates.org

Package "libsoup2.4"

Name: libsoup2.4

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • GObject introspection data for the libsoup HTTP library
  • HTTP library implementation in C -- Shared library
  • HTTP library implementation in C -- GNOME support library
  • HTTP library implementation in C -- GNOME support development files

Latest version: 2.74.3-10.1ubuntu4.1
Release: questing (25.10)
Level: security
Repository: main

Links



Other versions of "libsoup2.4" in Questing

Repository Area Version
base main 2.74.3-10.1ubuntu4
base universe 2.74.3-10.1ubuntu4
security universe 2.74.3-10.1ubuntu4.1
updates main 2.74.3-10.1ubuntu4.1
updates universe 2.74.3-10.1ubuntu4.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2.74.3-10.1ubuntu4.1 2026-07-09 15:08:21 UTC

  libsoup2.4 (2.74.3-10.1ubuntu4.1) questing-security; urgency=medium

  * SECURITY UPDATE: Integer underflow leading to buffer overread.
    - debian/patches/CVE-2026-2369.patch: Handle potential underflow in
      libsoup/soup-content-sniffer.c.
    - CVE-2026-2369
  * SECURITY UPDATE: Cleartext transmission of sensitive information.
    - debian/patches/CVE-2026-5119.patch: Do not send cookies to a HTTP
      proxy for a HTTPS request in libsoup/soup-cookie-jar.c, tests/proxy-
      test.c.
    - CVE-2026-5119

 -- Shafayat Hossain Majumder <email address hidden> Tue, 07 Jul 2026 08:48:33 -0400

CVE-2026-2369 A flaw was found in libsoup. An integer underflow vulnerability occurs when processing content with a zero-length resource, leading to a buffer overr
CVE-2026-5119 A flaw was found in libsoup. When establishing HTTPS tunnels through a configured HTTP proxy, sensitive session cookies are transmitted in cleartext



About   -   Send Feedback to @ubuntu_updates