Alibaba Cloud Linux 2.1903 Security Advisory: ALINUX2-SA-2024:0046
Issued: 2024-12-03
Updated: 2024-12-03
Summary
libsoup security update
Severity
Important
Description
Package updates are available for Alibaba Cloud Linux 2.1903 that fix the following vulnerabilities:
CVE-2024-52530:
GNOME libsoup before 3.6.0 allows HTTP request smuggling in some configurations because '\0' characters at the end of header names are ignored, i.e., a "Transfer-Encoding\0: chunked" header is treated the same as a "Transfer-Encoding: chunked" header.
References
Updated Packages
- aarch64
- libsoup-2.62.2-3.1.al7.aarch64.rpm → (download)
- libsoup-debuginfo-2.62.2-3.1.al7.aarch64.rpm → (download)
- libsoup-devel-2.62.2-3.1.al7.aarch64.rpm → (download)
- i686
- libsoup-2.62.2-3.1.al7.i686.rpm → (download)
- libsoup-debuginfo-2.62.2-3.1.al7.i686.rpm → (download)
- libsoup-devel-2.62.2-3.1.al7.i686.rpm → (download)
- src
- libsoup-2.62.2-3.1.al7.src.rpm → (download)
- x86_64
- libsoup-2.62.2-3.1.al7.x86_64.rpm → (download)
- libsoup-debuginfo-2.62.2-3.1.al7.x86_64.rpm → (download)
- libsoup-devel-2.62.2-3.1.al7.x86_64.rpm → (download)