Debian Patches
Status for libsoup3/3.2.3-0+deb12u2
| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| skip-tls_interaction-test.patch | skip tls_interaction test This test is too unreliable on Debian architectures and this package is too critical to not get timely updates [smcv: Allow running it anyway, by setting an environment variable] |
Jeremy Bicha <jbicha@ubuntu.com> | yes | upstream | 2018-10-08 | |
| Record-Apache-error-log-for-unit-tests-and-show-it-during.patch | Record Apache error log for unit tests and show it during teardown This helps to diagnose problems with the Apache-based tests. |
Simon McVittie <smcv@debian.org> | no | 2021-12-27 | ||
| test-utils-Add-more-debug-for-starting-stopping-Apache.patch | test-utils: Add more debug for starting/stopping Apache | Simon McVittie <smcv@debian.org> | no | 2022-03-16 | ||
| tests-extend-timeout-for-http2-body-stream-test.patch | tests: extend timeout for http2-body-stream-test https://bugs.debian.org/1018709 |
Eric Long <i@hack3r.moe> | no | 2022-08-29 | ||
| connection-manager-don-t-crash-if-connection-outlives-its.patch | connection-manager: don't crash if connection outlives its manager I have no clue whether SoupConnections are expected to outlive SoupConnectionManager or not, but it's happening, and it doesn't seem too surprising; after all, SoupConnection is a GObject, and things can keep references to it. Guard against this by disconnecting from the signals of each SoupConnection when destroying the SoupConnectionManager. Probably fixes #361 |
Michael Catanzaro <mcatanzaro@redhat.com> | yes | debian upstream | upstream, 3.4.3, commit:31d415ca44349fe8c4d2e0b2fb56f84501ec9524 | 2023-08-21 |
| connection-auth-don-t-crash-if-connection-outlives-the-au.patch | connection-auth: don't crash if connection outlives the auth Currently we crash if the SoupConnection lives longer than the SoupConnectionAuth. I'm unsure whether this is intended to happen, but since it does happen, we should probably disconnect from the SoupConnection's signal rather than crash when it does. Probably fixes #348 |
Michael Catanzaro <mcatanzaro@redhat.com> | yes | upstream | upstream, 3.4.3, commit:c978ab757ab62b295e65936858758fdf7e67b6bc | 2023-08-21 |
| headers-Strictly-don-t-allow-NUL-bytes.patch | headers: Strictly don't allow NUL bytes In the past (2015) this was allowed for some problematic sites. However Chromium also does not allow NUL bytes in either header names or values these days. So this should no longer be a problem. |
Patrick Griffis <pgriffis@igalia.com> | yes | debian upstream | 2024-07-08 | |
| tests-Add-test-for-passing-invalid-UTF-8-to-soup_header_p.patch | tests: Add test for passing invalid UTF-8 to soup_header_parse_semi_param_list() Related to CVE-2024-52531 |
Patrick Griffis <pgriffis@igalia.com> | no | debian | upstream, 3.6.1, commit:825fda3425546847b42ad5270544e9388ff349fe | 2024-08-27 |
| server-Add-note-about-recommended-usage.patch | server: Add note about recommended usage. | Patrick Griffis <pgriffis@igalia.com> | no | upstream, 3.6.1, commit:2a9d8ecc45bb814f6a81b1241e6c0c55d632aa28 | 2024-09-11 | |
| sniffer-Fix-potential-overflow.patch | sniffer: Fix potential overflow | Patrick Griffis <pgriffis@igalia.com> | yes | upstream | upstream, 3.6.5, commit:242a10fbb12dbdc12d254bd8fc8669a0ac055304 | 2025-02-05 |
| sniffer-Add-better-coverage-of-skip_insignificant_space.patch | sniffer: Add better coverage of skip_insignificant_space() | Patrick Griffis <pgriffis@igalia.com> | yes | upstream | upstream, 3.6.5, commit:c415ad0b6771992e66c70edf373566c6e247089d | 2025-02-18 |
| content-sniffer-Handle-sniffing-resource-shorter-than-4-b.patch | content-sniffer: Handle sniffing resource shorter than 4 bytes | Patrick Griffis <pgriffis@igalia.com> | yes | upstream | upstream, 3.6.2, commit:ba4c3a6f988beff59e45801ab36067293d24ce92 | 2025-01-08 |
| auth-digest-Handle-missing-realm-in-authenticate-header.patch | auth-digest: Handle missing realm in authenticate header | Patrick Griffis <pgriffis@igalia.com> | yes | upstream | upstream, 3.6.2, commit:e40df6d48a1cbab56f5d15016cc861a503423cfe | 2024-12-08 |
| auth-digest-Handle-missing-nonce.patch | auth-digest: Handle missing nonce | Patrick Griffis <pgriffis@igalia.com> | yes | upstream | upstream, 3.6.2, commit:405a8a34597a44bd58c4759e7d5e23f02c3b556a | 2024-12-26 |
| auth-digest-Fix-leak.patch | auth-digest: Fix leak | Patrick Griffis <pgriffis@igalia.com> | yes | upstream | upstream, 3.6.2, commit:ea16eeacb052e423eb5c3b0b705e5eab34b13832 | 2024-12-27 |
| soup_message_headers_get_content_disposition-Fix-NULL-der.patch | soup_message_headers_get_content_disposition: Fix NULL deref | Patrick Griffis <pgriffis@igalia.com> | yes | upstream | upstream, 3.6.2, commit:7b4ef0e004ece3a308ccfaa714c284f4c96ade34 | 2024-12-27 |
| soup_message_headers_get_content_disposition-strdup-trunc.patch | soup_message_headers_get_content_disposition: strdup truncated filenames This table frees the strings it contains. |
Patrick Griffis <pgriffis@igalia.com> | yes | upstream | upstream, 3.6.2, commit:f4a761fb66512fff59798765e8ac5b9e57dceef0 | 2024-12-27 |
| soup_header_parse_quality_list-Fix-leak.patch | soup_header_parse_quality_list: Fix leak When iterating over the parsed list we now steal the allocated strings that we want and then free_full the list which may contain remaining strings. |
Patrick Griffis <pgriffis@igalia.com> | yes | upstream | upstream, 3.6.2, commit:c9083869ec2a3037e6df4bd86b45c419ba295f8e | 2024-12-26 |
| auth-digest-Handle-missing-nonce-1.patch | auth-digest: Handle missing nonce | Patrick Griffis <pgriffis@igalia.com> | yes | upstream | upstream, 3.6.5, commit:cd077513f267e43ce4b659eb18a1734d8a369992 | 2025-02-05 |
| digest-auth-Handle-NULL-nonce.patch | digest-auth: Handle NULL nonce `contains` only handles a missing nonce, `lookup` handles both missing and empty. |
Patrick Griffis <pgriffis@igalia.com> | yes | upstream | upstream, 3.6.5, commit:910ebdcd3dd82386717a201c13c834f3a63eed7f | 2025-02-08 |
| headers-Handle-parsing-edge-case.patch | headers: Handle parsing edge case This version number is specifically crafted to pass sanity checks allowing it to go one byte out of bounds. |
Patrick Griffis <pgriffis@igalia.com> | yes | upstream | upstream, 3.6.5, commit:1f509f31b6f8420a3661c3f990424ab7b9164931 | 2025-02-11 |
| headers-Handle-parsing-only-newlines.patch | headers: Handle parsing only newlines | Patrick Griffis <pgriffis@igalia.com> | yes | upstream | upstream, 3.6.5, commit:1f509f31b6f8420a3661c3f990424ab7b9164931 | 2025-02-12 |
| session-Strip-authentication-credentails-on-cross-origin-.patch | session: Strip authentication credentails on cross-origin redirect This should match the behavior of Firefox and Safari but not of Chromium. |
Patrick Griffis <pgriffis@igalia.com> | yes | upstream | upstream, 3.6.5, commit:3e5c26415811f19e7737238bb23305ffaf96f66b | 2025-02-05 |
| tests-Gracefully-skip-test-if-a-large-memory-allocation-f.patch | tests: Gracefully skip test if a large memory allocation fails On resource-constrained 32-bit machines, it might not be possible to allocate 1G of buffer space. Catch this and skip the test that uses very large buffers, instead of having it fail. |
Simon McVittie <smcv@debian.org> | yes | 2025-08-25 |
All known versions for source package 'libsoup3'
- 3.6.5-4 (forky, sid)
- 3.6.5-3 (trixie)
- 3.2.3-0+deb12u2 (bookworm)