This bug was fixed in the package libsoup2.4 - 2.74.3-7ubuntu0.4
---------------
libsoup2.4 (2.74.3-7ubuntu0.4) oracular-security; urgency=medium
* SECURITY REGRESSION: Incomplete fix for CVE-2025-32912 (LP: #2110056)
- debian/patches/CVE-2025-32912-fix1.patch: Replace g_hash_table_contains
with g_hash_table_lookup in ./libsoup/soup-auth-digest.c.
- CVE-2025-32912
-- Hlib Korzhynskyy <[email protected]> Tue, 06 May 2025
14:47:31 -0230
** Changed in: libsoup2.4 (Ubuntu)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2110056
Title:
Incomplete fix for CVE-2025-32912
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libsoup2.4/+bug/2110056/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
