Your message dated Tue, 03 Feb 2026 22:18:49 +0000
with message-id <[email protected]>
and subject line Bug#1126627: fixed in libsoup3 3.6.5-9
has caused the Debian Bug report #1126627,
regarding libsoup3: CVE-2026-1536
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1126627: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1126627
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: libsoup3
Version: 3.6.5-3
Severity: important
Tags: security upstream
Forwarded: https://gitlab.gnome.org/GNOME/libsoup/-/issues/486
X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>
Hi,
The following vulnerability was published for libsoup3.
CVE-2026-1536[0]:
| A flaw was found in libsoup. An attacker who can control the input
| for the Content-Disposition header can inject CRLF (Carriage Return
| Line Feed) sequences into the header value. These sequences are then
| interpreted verbatim when the HTTP request or response is
| constructed, allowing arbitrary HTTP headers to be injected. This
| vulnerability can lead to HTTP header injection or HTTP response
| splitting without requiring authentication or user interaction.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2026-1536
https://www.cve.org/CVERecord?id=CVE-2026-1536
[1] https://gitlab.gnome.org/GNOME/libsoup/-/issues/486
[2]
https://gitlab.gnome.org/GNOME/libsoup/-/commit/5c1a2e9c06a834eb715f60265a877f5b882cc1b1
Please adjust the affected versions in the BTS as needed.
Regards,
Salvtore
--- End Message ---
--- Begin Message ---
Source: libsoup3
Source-Version: 3.6.5-9
Done: Jeremy Bícha <[email protected]>
We believe that the bug you reported is fixed in the latest version of
libsoup3, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Jeremy Bícha <[email protected]> (supplier of updated libsoup3 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 03 Feb 2026 17:00:07 -0500
Source: libsoup3
Built-For-Profiles: noudeb
Architecture: source
Version: 3.6.5-9
Distribution: unstable
Urgency: high
Maintainer: Debian GNOME Maintainers
<[email protected]>
Changed-By: Jeremy Bícha <[email protected]>
Closes: 1125156 1126548 1126627 1126628 1126876 1126877
Changes:
libsoup3 (3.6.5-9) unstable; urgency=high
.
* SECURITY UPDATE: Out-of-bounds read
- debian/patches/CVE-2026-0716-pre1.patch: websocket: do not
accept messages frames after closing due to an error
- debian/patches/CVE-2026-0716.patch: websocket: Fix out-of-bounds
read in process_frame
- CVE-2026-0716 (Closes: #1125156)
.
libsoup3 (3.6.5-8) unstable; urgency=high
.
[ Bruce Cable ]
* SECURITY UPDATE: Carriage Return Line Feed Injection
- debian/patches/CVE-2026-1467.patch: Do host validation when checking if
a GUri is valid
- CVE-2026-1467 (Closes: #1126548)
- debian/patches/CVE-2026-1536.patch: Always validate the headers value
when coming from untrusted source
- CVE-2026-1536 (Closes: #1126627)
* SECURITY UPDATE: Information Leak
- debian/patches/CVE-2026-1539.patch: Also remove Proxy-Authorization
header on cross origin redirect
- CVE-2026-1539 (Closes: #1126628)
.
[ Jeremy Bícha ]
* SECURITY UPDATE: HTTP Request smuggling vulnerability
- debian/patches/CVE-2026-1760.patch: Close the connection after
responding to a request containing Content-Length and Transfer-Encoding
- CVE-2026-1760 (Closes: #1126876)
* SECURITY UPDATE: Stack-based buffer overflow vulnerability
- debian/patches/CVE-2026-1761.patch: Make sure read length is smaller
than buffer length when boundary is found
- CVE-2026-1761 (Closes: #1126877)
* SECURITY UPDATE: HTTP Request smuggling vulnerability
- debian/patches/CVE-2026-1801-pre1.patch: Correct chunked trailers
end detection
- debian/patches/CVE-2026-1801.patch: Use CRLF as line boundary
when parsing chunked encoding data
- CVE-2026-1801
Checksums-Sha1:
000e3c5d998e773d3d213217b530dfad1c2d5d8b 2957 libsoup3_3.6.5-9.dsc
911cb0c25e5af01c8a5fab6abb46bcd46f8c5c28 57820 libsoup3_3.6.5-9.debian.tar.xz
1a4d99d3ffdd4bf12d4a04f41cfca0a1a4be2a26 13405
libsoup3_3.6.5-9_source.buildinfo
Checksums-Sha256:
b6a1d8ec6732433f5b0085cbae89c1d130fc9ebf1cda86bf22fdd5b9b9bb71a7 2957
libsoup3_3.6.5-9.dsc
b48ca579f7adf6bddb3fba64b45d0556494219915fe1cd45db71739604351545 57820
libsoup3_3.6.5-9.debian.tar.xz
dd851d02c010471887c285e674f376a36ceb33fe90fd17909b7ad4b249bbb75d 13405
libsoup3_3.6.5-9_source.buildinfo
Files:
821a0daa19aedab5053afd64cc63bb96 2957 devel optional libsoup3_3.6.5-9.dsc
34e2cdda7235b426dea0256f556a0295 57820 devel optional
libsoup3_3.6.5-9.debian.tar.xz
95a650d627317600ccb4300c288a1f78 13405 devel optional
libsoup3_3.6.5-9_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEETQvhLw5HdtiqzpaW5mx3Wuv+bH0FAmmCcSsACgkQ5mx3Wuv+
bH1WIg/8DeKPITBpRvukE+VXBTzKa9VDXS8iDWgS7/606XV36gQygEJRwYUigKg9
EPdMcpURvSANmtcgHEnIBAJ08kLmdpwQ2rhTAZ9dGGgzzYnhMkjA+pd22RjiBklF
XokvRtjN873oY+R0TedMi3UaGT958ZjUcyQmzkTcF/+BSyqrR3eKjeSy6AwfbLX9
6EGgiT9x2RYdOypDCTJ72+VvSETqGVH0KjzwbJkKt0zZ44nhgfSrad8kPc1sCMoY
XzyDeHbyQdsZ/GIoHyfm0+Dt5pCIWUUKWp3ia3JZuBWY7MaFhvcAjea3qG1Yz44O
/usY93sC6+qHmokUbCfwddlgReIWyTNnOb6DOjYiGwPKS0sRhZNonsFF2y0IsWQ2
zTBmvYipxgSu1GBXqy5UJc921zqzx4bu27SMcWXPIfcOsUjLkmF+AlF45JhqNDJs
Cl9ljVG01LPWHPickudPrqbQIEeeWpFMGrNKIDEhsKBR4mDaldMoLf8Owc36BmAP
cKrluvbJD2EzAeZjnRle6gTHtennKVNPWCbBTC8ma/iyo5Nw8inCaw1CU+GFKWwv
Rn21WOY1J3EO3l4sd3WUpCbP290U/Tlgn8yJoaI/c1GLsGTG6ma6Ycar7t1n8Vtv
UnQEppYDU4Ffwq4Vkhpmck9zcVmW1TopTclCcuvDvy4ADLHLHQg=
=y6Re
-----END PGP SIGNATURE-----
pgp0bCki6SWZx.pgp
Description: PGP signature
--- End Message ---
