diff --git a/0008-bugfix-for-CVE-2025-32050.patch b/0008-bugfix-for-CVE-2025-32050.patch new file mode 100644 index 0000000000000000000000000000000000000000..e189bb65d9a0b5a16f726f736710701f685d19b2 --- /dev/null +++ b/0008-bugfix-for-CVE-2025-32050.patch @@ -0,0 +1,25 @@ +From 9bb0a55de55c6940ced811a64fbca82fe93a9323 Mon Sep 17 00:00:00 2001 +From: Patrick Griffis +Date: Mon, 28 Oct 2024 12:29:48 -0500 +Subject: [PATCH] Fix using int instead of size_t for strcspn return + +--- + libsoup/soup-headers.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/libsoup/soup-headers.c b/libsoup/soup-headers.c +index 613e1905..a5f7a7f6 100644 +--- a/libsoup/soup-headers.c ++++ b/libsoup/soup-headers.c +@@ -907,7 +907,7 @@ append_param_quoted (GString *string, + const char *name, + const char *value) + { +- int len; ++ gsize len; + + g_string_append (string, name); + g_string_append (string, "=\""); +-- +GitLab + diff --git a/libsoup.spec b/libsoup.spec index f0ccb3f427d3517058a001d607371f960455ab85..2898aeb84a36b3fa98fc453f08fc286066c61db9 100644 --- a/libsoup.spec +++ b/libsoup.spec @@ -1,4 +1,4 @@ -%define anolis_release 7 +%define anolis_release 8 %define glib2_version 2.58 %{!?with_docs: %global with_docs 1} @@ -19,6 +19,7 @@ Patch4: 0004-bugfix-for-CVE-2025-32910.patch Patch5: 0005-bugfix-for-CVE-2025-32912.patch Patch6: 0006-bugfix-for-CVE-2025-32912.patch Patch7: 0007-bugfix-for-CVE-2025-32912.patch +Patch8: 0008-bugfix-for-CVE-2025-32050.patch BuildRequires: gettext BuildRequires: glib-networking @@ -128,6 +129,9 @@ This package contains developer documentation for %{name}. %endif %changelog +* Mon Jun 09 2025 tomcruiseqi <10762123+tomcruiseqi@user.noreply.gitee.com> - 2.74.3-8 +- fix CVE-2025-32050 + * Mon Jun 09 2025 tomcruiseqi <10762123+tomcruiseqi@user.noreply.gitee.com> - 2.74.3-7 - fix CVE-2025-32912