Debian Quality Assurance

libsoup3 (3.6.5-9) [PTS] [DDPO]

OK: VCS matches the version in the archive

• Git: https://salsa.debian.org/gnome-team/libsoup3.git
• JSON
  Enter a full Vcs-* header, supported schemes are: Vcs-Bzr, Vcs-Cvs, Vcs-Darcs, Vcs-Git, Vcs-Hg, Vcs-Mtn, Vcs-Svn.
  For Vcs-Git append -b branch to select the branch name; append [subdir] if the debian/ directory is not in the repository root.
  The next upload will reset the information from the source package headers.
• Branch: debian/latest
• Path: debian/changelog
• Repo size: 12902400
• Browser: https://salsa.debian.org/gnome-team/libsoup3
• Last scan: 2026-02-13 00:39:04+00
• Next scan: 2026-02-18 22:57:00+00
• CI pipeline status: failed
• Debian changelog in Git:

  libsoup3 (3.6.5-9) unstable; urgency=high
  
    * SECURITY UPDATE: Out-of-bounds read
      - debian/patches/CVE-2026-0716-pre1.patch: websocket: do not
        accept messages frames after closing due to an error
      - debian/patches/CVE-2026-0716.patch: websocket: Fix out-of-bounds
        read in process_frame
        - CVE-2026-0716 (Closes: #1125156)
  
   -- Jeremy Bícha <jbicha@ubuntu.com>  Tue, 03 Feb 2026 17:00:07 -0500

• This branch is even with tag debian/3.6.5-9

Package: JSON [Main page]

---

Back to the Debian Project homepage.

---