1
0
mirror of https://git.yoctoproject.org/poky synced 2026-07-15 15:37:03 +00:00

libsoup: fix for CVE-2026-2369

Pick patch from [1] also mentioned at Debian report in [2]

[1] https://gitlab.gnome.org/GNOME/libsoup/-/commit/af4bde990270b825b7d110a495cc65de9e2ec32f
[2] https://security-tracker.debian.org/tracker/CVE-2026-2369

Note: Issue introduced by the fix for CVE-2025-32052.

(From OE-Core rev: 6ca4635dfe2c7fb277af3409931c66f7863af890)

Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
This commit is contained in:
Hitendra Prajapati
2026-06-10 17:34:26 +05:30
committed by Paul Barker
parent 8820ef32b5
commit 61f170a32d
2 changed files with 33 additions and 0 deletions
@@ -0,0 +1,32 @@
From af4bde990270b825b7d110a495cc65de9e2ec32f Mon Sep 17 00:00:00 2001
From: Samuel Dainard <>
Date: Wed, 11 Feb 2026 10:19:04 -0600
Subject: [PATCH] sniffer: Handle potential underflow
Closes #498
CVE: CVE-2026-2369
Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/commit/af4bde990270b825b7d110a495cc65de9e2ec32f]
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
---
libsoup/content-sniffer/soup-content-sniffer.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/libsoup/content-sniffer/soup-content-sniffer.c b/libsoup/content-sniffer/soup-content-sniffer.c
index a5e18d5..594d0bb 100644
--- a/libsoup/content-sniffer/soup-content-sniffer.c
+++ b/libsoup/content-sniffer/soup-content-sniffer.c
@@ -524,6 +524,10 @@ sniff_unknown (SoupContentSniffer *sniffer, GBytes *buffer,
if (!sniff_scriptable && type_row->scriptable)
continue;
+ /* Ensure we have data to sniff - prevents underflow in resource_length - 1 */
+ if (resource_length == 0)
+ continue;
+
if (type_row->has_ws) {
guint index_stream = 0;
guint index_pattern = 0;
--
2.50.1
@@ -52,6 +52,7 @@ SRC_URI = "${GNOME_MIRROR}/libsoup/${SHRT_VER}/libsoup-${PV}.tar.xz \
file://CVE-2025-32049-3.patch \
file://CVE-2025-32049-4.patch \
file://CVE-2025-11021.patch \
file://CVE-2026-2369.patch \
"
SRC_URI[sha256sum] = "291c67725f36ed90ea43efff25064b69c5a2d1981488477c05c481a3b4b0c5aa"