Bug 2359368
| Summary: | CVE-2025-32913 libsoup: NULL pointer dereference in soup_message_headers_get_content_disposition when "filename" parameter is present, but has no value in Content-Disposition header [fedora-all] | ||
|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Patrick Del Bello <pdelbell> |
| Component: | libsoup | Assignee: | Gwyn Ciesla <gwync> |
| Status: | NEW --- | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | 41 | CC: | danw, gnome-sig, mclasen, mcrha, rhughes, rstrode, tpopela |
| Target Milestone: | --- | Keywords: | Security, SecurityTracking |
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | {"flaws": ["d2674b69-2562-47b3-a450-e3470ce1a9dc"]} | ||
| Fixed In Version: | Doc Type: | --- | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 2359357 | ||
|
Description
Patrick Del Bello
2025-04-14 02:14:44 UTC
This package has changed maintainer in Fedora. Reassigning to the new maintainer of this component. This package has changed maintainer in Fedora. Reassigning to the new maintainer of this component. Gwyn, you are probably aware, there [1] is some effort to make it easier for the libsoup2, adding patches to the libsoup-2-74 branch [2], from where the distros can pick them. I learnt about it only recently. [1] https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/449 [2] https://gitlab.gnome.org/GNOME/libsoup/-/commits/libsoup-2-74 I was not, thank you! |