Your message dated Tue, 03 Feb 2026 22:04:20 +0000
with message-id <[email protected]>
and subject line Bug#1126627: fixed in libsoup3 3.6.5-8
has caused the Debian Bug report #1126627,
regarding libsoup3: CVE-2026-1536
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1126627: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126627
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: libsoup3
Version: 3.6.5-3
Severity: important
Tags: security upstream
Forwarded: https://gitlab.gnome.org/GNOME/libsoup/-/issues/486
X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>
Hi,
The following vulnerability was published for libsoup3.
CVE-2026-1536[0]:
| A flaw was found in libsoup. An attacker who can control the input
| for the Content-Disposition header can inject CRLF (Carriage Return
| Line Feed) sequences into the header value. These sequences are then
| interpreted verbatim when the HTTP request or response is
| constructed, allowing arbitrary HTTP headers to be injected. This
| vulnerability can lead to HTTP header injection or HTTP response
| splitting without requiring authentication or user interaction.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2026-1536
https://www.cve.org/CVERecord?id=CVE-2026-1536
[1] https://gitlab.gnome.org/GNOME/libsoup/-/issues/486
[2]
https://gitlab.gnome.org/GNOME/libsoup/-/commit/5c1a2e9c06a834eb715f60265a877f5b882cc1b1
Please adjust the affected versions in the BTS as needed.
Regards,
Salvtore
--- End Message ---
--- Begin Message ---
Source: libsoup3
Source-Version: 3.6.5-8
Done: Jeremy Bícha <[email protected]>
We believe that the bug you reported is fixed in the latest version of
libsoup3, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Jeremy Bícha <[email protected]> (supplier of updated libsoup3 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 03 Feb 2026 16:42:19 -0500
Source: libsoup3
Built-For-Profiles: noudeb
Architecture: source
Version: 3.6.5-8
Distribution: unstable
Urgency: high
Maintainer: Debian GNOME Maintainers
<[email protected]>
Changed-By: Jeremy Bícha <[email protected]>
Closes: 1126548 1126627 1126628 1126876 1126877
Changes:
libsoup3 (3.6.5-8) unstable; urgency=high
.
[ Bruce Cable ]
* SECURITY UPDATE: Carriage Return Line Feed Injection
- debian/patches/CVE-2026-1467.patch: Do host validation when checking if
a GUri is valid
- CVE-2026-1467 (Closes: #1126548)
- debian/patches/CVE-2026-1536.patch: Always validate the headers value
when coming from untrusted source
- CVE-2026-1536 (Closes: #1126627)
* SECURITY UPDATE: Information Leak
- debian/patches/CVE-2026-1539.patch: Also remove Proxy-Authorization
header on cross origin redirect
- CVE-2026-1539 (Closes: #1126628)
.
[ Jeremy Bícha ]
* SECURITY UPDATE: HTTP Request smuggling vulnerability
- debian/patches/CVE-2026-1760.patch: Close the connection after
responding to a request containing Content-Length and Transfer-Encoding
- CVE-2026-1760 (Closes: #1126876)
* SECURITY UPDATE: Stack-based buffer overflow vulnerability
- debian/patches/CVE-2026-1761.patch: Make sure read length is smaller
than buffer length when boundary is found
- CVE-2026-1761 (Closes: #1126877)
* SECURITY UPDATE: HTTP Request smuggling vulnerability
- debian/patches/CVE-2026-1801-pre1.patch: Correct chunked trailers
end detection
- debian/patches/CVE-2026-1801.patch: Use CRLF as line boundary
when parsing chunked encoding data
- CVE-2026-1801
Checksums-Sha1:
c16b69f40bb9e4a53079c99395cfdf9cfcf3d424 2957 libsoup3_3.6.5-8.dsc
18dba61d2e09139b18e5108922f89386d68b5917 56460 libsoup3_3.6.5-8.debian.tar.xz
d9e620abedc6547d43698e51e6bea038dcd2b3df 13405
libsoup3_3.6.5-8_source.buildinfo
Checksums-Sha256:
0f3f5e7a68a3bcd4c680dc6b5ef715e8e9e935df435b7b0c39fbd2b57503e105 2957
libsoup3_3.6.5-8.dsc
4d3d9488ca90dd75f6fce1003d6139d8f54a76c8ea39a2642200e7bf195f6299 56460
libsoup3_3.6.5-8.debian.tar.xz
113bf93cf1f30f485b1ea3afb91860b8a6b6bcefa8c89964a5a55877c051512a 13405
libsoup3_3.6.5-8_source.buildinfo
Files:
698a7cb387570744a87f7a5b0d6c8ba1 2957 devel optional libsoup3_3.6.5-8.dsc
539863e83b083171d659a6b5771074b2 56460 devel optional
libsoup3_3.6.5-8.debian.tar.xz
bc486a607d360aa33fc8112cb038c5d7 13405 devel optional
libsoup3_3.6.5-8_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEETQvhLw5HdtiqzpaW5mx3Wuv+bH0FAmmCa/oACgkQ5mx3Wuv+
bH1YchAAy2e/+y2+EhJRfiQH6mwNXtqhQEZNvshtMwLRh3gsPWtQfoMw2rVyWe+Y
RZiSbhKwy1yORdiDoJqmY/3c8HsstBPTfL1ls7OVSeqpraJokHnNS5Xe3USC4v7s
lS3OH3t1gtXVQkL/CtLGLDK4gRI8qw5Vc90LaDkrE7zz/rMvOI60m9XKrfqdJbNQ
UEgUIKOykzFhP+Klox40bb4ojTOdhqO3qUekBMoFIQy7PbU8R8w4OucgUeiG3Oqg
mmxwj9t/cfYH+cH5dViPSJlGeBLUPeA/bbzBDIDOPKHn0LWc2Ra2efWkzmJEiG2y
BuMf+a8JDcKpTz+nazezyYE745297KyoAjnhKBRT4g+O51j/EWDINUBS36vKTfse
1pvQrMODOaIlaWAYNy1K0OAPQBZ6a8z05gEtT1Hnw4+VqMwIeCoW+9MMnTYKKY5J
/IWiUi+pdwswCPvxKDuyVBq2LE56ICzlxsCMepWZAoW/WHOjL7a4MnozehvriCnr
oiKtPvVxdr5uqsd4/soRjsg/V2Qq5wrg0FLhQZbBQI2MBbkTCpz37MSNbh4oSxdQ
vdzBE1nedX+CCAIVy0ikZceNfOWtsRnbgVBKC5vQs48GoayFui/jL9TVAtgLZzFv
VeEZkPNiWuERCsVJINcDDDgbah794HjxqsiVj1TKDor/QMpIRm8=
=VaQD
-----END PGP SIGNATURE-----
pgp9ofY3eeVXb.pgp
Description: PGP signature
--- End Message ---
