dwww Home | Show directory contents | Find package

libsoup3 (3.4.4-5ubuntu0.7) noble-security; urgency=medium

  * SECURITY UPDATE: Carriage Return Line Feed Injection
    - debian/patches/CVE-2026-1467.patch: Do host validation when checking if
      a GUri is valid
    - debian/patches/CVE-2026-1536-pre1.patch: Reject duplicate host headers
    - debian/patches/CVE-2026-1536.patch: Always validate the headers value
      when coming from untrusted source
    - CVE-2026-1467
    - CVE-2026-1536
  * SECURITY UPDATE: Information Leak
    - debian/patches/CVE-2026-1539.patch: Also remove Proxy-Authorization
      header on cross origin redirect
    - CVE-2026-1539

 -- Bruce Cable <bruce.cable@canonical.com>  Mon, 02 Feb 2026 15:38:57 +1100

libsoup3 (3.4.4-5ubuntu0.6) noble-security; urgency=medium

  * SECURITY UPDATE: Use after free in HTTP/2 queues.
    - debian/patches/CVE-2025-12105.patch: Add SOUP_MESSAGE_FINISHED checks in
      libsoup/soup-session.c.
    - CVE-2025-12105

 -- Hlib Korzhynskyy <hlib.korzhynskyy@canonical.com>  Thu, 11 Dec 2025 17:37:16 -0330

libsoup3 (3.4.4-5ubuntu0.5) noble-security; urgency=medium

  * SECURITY UPDATE: Denial of service.
    - debian/patches/CVE-2025-32907-*.patch: Add i-- in
      libsoup/soup-message-headers.c. Add B_SANITIZE_OPTION to meson.build.
    - debian/patches/CVE-2025-4948.patch: Add ternary end - 2 - split check in
      libsoup/soup-multipart.c.
    - CVE-2025-32907
    - CVE-2025-4948
  * SECURITY UPDATE: Out of bounds read.
    - debian/patches/CVE-2025-4969.patch: Add extra if checks for start of line
      in libsoup/soup-multipart.c.
    - CVE-2025-4969
  * SECURITY UPDATE: Improper validation of cookie expiration.
    - debian/patches/CVE-2025-4945-*.patch: Add extra date checks in
      libsoup/soup-date-utils.c.
    - CVE-2025-4945

 -- Hlib Korzhynskyy <hlib.korzhynskyy@canonical.com>  Mon, 14 Jul 2025 16:35:26 -0230

libsoup3 (3.4.4-5ubuntu0.4) noble-security; urgency=medium

  * SECURITY UPDATE: Denial of service.
    - debian/patches/CVE-2025-32908-1.patch: Add NULL checks with returns for
      NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE in
      ./libsoup/server/http2/soup-server-message-io-http2.c.
    - debian/patches/CVE-2025-32908-2.patch: Improve NULL checks in
      ./libsoup/server/http2/soup-server-message-io-http2.c.
    - debian/patches/CVE-2025-4476.patch: Replace strcmp with g_strcmp0 in
      ./libsoup/auth/soup-auth-digest.c.
    - CVE-2025-32908
    - CVE-2025-4476

 -- Hlib Korzhynskyy <hlib.korzhynskyy@canonical.com>  Thu, 22 May 2025 15:14:07 -0230

libsoup3 (3.4.4-5ubuntu0.3) noble-security; urgency=medium

  * SECURITY UPDATE: Out of bound read.
    - debian/patches/CVE-2025-32906-*.patch: Add out of bound checks in
      soup_headers_parse_request in ./libsoup/soup-headers.c.
    - debian/patches/CVE-2025-32914.patch: Replace strstr operation with
      g_strstr_len in ./libsoup/soup-multipart.c.
    - CVE-2025-32906
    - CVE-2025-32914
  * SECURITY UPDATE: Null pointer dereference.
    - debian/patches/CVE-2025-32909.patch: Add resource size check in
      ./libsoup/content-sniffer/soup-content-sniffer.c.
    - debian/patches/CVE-2025-32910-32912-*.patch: Add checks for missing realm
      and nonce, and fix memory leak in ./libsoup/auth/soup-auth-digest.c.
    - debian/patches/CVE-2025-32912-*.patch: Add additional checks for nonce in
      ./libsoup/auth/soup-auth-digest.c.
    - CVE-2025-32909
    - CVE-2025-32910
    - CVE-2025-32912
  * SECURITY UPDATE: Memory corruption.
    - debian/patches/CVE-2025-32911-32913-*.patch: Add checks for empty
      filename in ./libsoup/soup-message-headers.c.
    - CVE-2025-32911
    - CVE-2025-32913
  * SECURITY UPDATE: Memory leak.
    - debian/patches/CVE-2025-46420.patch: Free allocated strings during
      iteration in ./libsoup/soup-headers.c.
    - CVE-2025-46420
  * SECURITY UPDATE: Information exposure through host impersonation.
    - debian/patches/CVE-2025-46421.patch: Strip credentials on cross-origin
      redirects in ./libsoup/soup-session.c.
    - CVE-2025-46421

 -- Hlib Korzhynskyy <hlib.korzhynskyy@canonical.com>  Wed, 30 Apr 2025 16:32:01 -0230

libsoup3 (3.4.4-5ubuntu0.2) noble-security; urgency=medium

  * SECURITY UPDATE: out-of-bounds read
    - debian/patches/CVE-2025-2784-1.patch: Fix potential overflow
    - debian/patches/CVE-2025-2784-2.patch: Add better coverage of
      skip_insignificant_space()
    - CVE-2025-2784
  * SECURITY UPDATE: out-of-bounds read
    - debian/patches/CVE-2025-32050.patch: Fix using int instead of
      size_t for strcspn return
    - CVE-2025-32050
  * SECURITY UPDATE: null pointer dereference
    - debian/patches/CVE-2025-32051-1.patch: Fix possible NULL deref in
      soup_uri_decode_data_uri
    - debian/patches/CVE-2025-32051-2.patch: Handle URIs with a path
      starting with //
    - CVE-2025-32051
  * SECURITY UPDATE: out-of-bounds read
    - debian/patches/CVE-2025-32052.patch: Fix heap buffer overflow in
      soup_content_sniffer_sniff
    - CVE-2025-32052
  * SECURITY UPDATE: out-of-bounds read
    - debian/patches/CVE-2025-32053.patch: Fix heap buffer overflow in
      sniff_feed_or_html()
    - CVE-2025-32053

 -- Fabian Toepfer <fabian.toepfer@canonical.com>  Wed, 09 Apr 2025 14:47:38 +0200

libsoup3 (3.4.4-5ubuntu0.1) noble-security; urgency=medium

  * SECURITY UPDATE: Request smuggling
    - debian/patches/CVE-2024-52530.patch: Strictly don't allow NUL 
      bytes in headers
    - CVE-2024-52530
  * SECURITY UPDATE: Buffer overflow
    - debian/patches/CVE-2024-52531-1.patch: Be more robust against 
      invalid input when parsing params
    - debian/patches/CVE-2024-52531-2.patch: Add test for passing 
      invalid UTF-8 to soup_header_parse_semi_param_list()
    - CVE-2024-52531
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2024-52532-1.patch: process the frame as soon
      as data is read
    - debian/patches/CVE-2024-52532-2.patch: disconnect error copy 
      after the test ends
    - CVE-2024-52532

 -- Bruce Cable <bruce.cable@canonical.com>  Mon, 18 Nov 2024 15:21:40 +1100

libsoup3 (3.4.4-5build2) noble; urgency=medium

  * No-change rebuild for CVE-2024-3094

 -- Steve Langasek <steve.langasek@ubuntu.com>  Sun, 31 Mar 2024 02:17:22 +0000

libsoup3 (3.4.4-5build1) noble; urgency=medium

  * No-change rebuild against libglib2.0-0t64

 -- Steve Langasek <steve.langasek@ubuntu.com>  Fri, 08 Mar 2024 05:29:46 +0000

libsoup3 (3.4.4-5) unstable; urgency=medium

  * Don't require libapache2-mod-php on i386 either

 -- Jeremy Bícha <jbicha@ubuntu.com>  Sun, 28 Jan 2024 20:05:48 -0500

libsoup3 (3.4.4-4) unstable; urgency=medium

  * Don't require php on i386: only used by tests

 -- Jeremy Bícha <jbicha@ubuntu.com>  Sun, 28 Jan 2024 08:50:22 -0500

libsoup3 (3.4.4-3) unstable; urgency=medium

  [ Simon McVittie ]
  * d/rules: Explicitly disable pkcs11_tests if built with nocheck,noinsttest.
    These require GNUTLS, which is omitted from the build dependencies
    if built with both of those profiles. Because we're using
    -Dauto_features=enabled, we need to override that for each feature that
    is not wanted.
    Note that both of those profiles need to be activated during
    bootstrapping: even if we are not going to run the test suite during
    the build, we need to compile it for the libsoup3.0-tests binary package,
    unless the noinsttest build profile was specified. (Closes: #1061133)

 -- Jeremy Bícha <jbicha@ubuntu.com>  Fri, 19 Jan 2024 09:06:45 -0500

libsoup3 (3.4.4-2) unstable; urgency=medium

  * Team upload
  * d/control: Stop generating from d/control.in
  * d/control: Explicitly build-depend on required GIR XML.
    Helps: #1030223
  * d/control: Add ${gir:Depends}, ${gir:Provides} to -dev package.
    Helps: #1030223
  * Remove version constraints unnecessary since Debian 11

 -- Simon McVittie <smcv@debian.org>  Fri, 17 Nov 2023 13:28:30 +0000

libsoup3 (3.4.4-1) unstable; urgency=medium

  * New upstream release
    - Fix regression seen in Ubuntu's s390s autopkgtest (LP: #2036444)

 -- Jeremy Bícha <jbicha@ubuntu.com>  Thu, 26 Oct 2023 20:24:22 -0400

libsoup3 (3.4.3-1) unstable; urgency=medium

  * New upstream release

 -- Jeremy Bícha <jbicha@ubuntu.com>  Fri, 15 Sep 2023 14:09:13 -0400

libsoup3 (3.4.2-4) unstable; urgency=medium

  * Revert "d/rules, d/meson/no-exe-wrapper.ini: Work around FTBFS on mips64el":
    The underlying issue was fixed in meson 1.2.1
  * Have -dev package depend on libsysprof-capture-4-dev instead of
    libsysprof-4-dev

 -- Jeremy Bícha <jbicha@ubuntu.com>  Thu, 10 Aug 2023 09:55:02 -0400

libsoup3 (3.4.2-3) unstable; urgency=medium

  * d/rules, d/meson/no-exe-wrapper.ini: Work around FTBFS on mips64el
    Mitigates: #1041499

 -- Jeremy Bícha <jbicha@ubuntu.com>  Fri, 04 Aug 2023 11:37:09 -0400

libsoup3 (3.4.2-2) unstable; urgency=medium

  * Release to unstable

 -- Jeremy Bícha <jbicha@ubuntu.com>  Sun, 23 Jul 2023 15:55:23 -0400

libsoup3 (3.4.2-1) experimental; urgency=medium

  * New upstream release
  * Update lintian override info format
  * Update standards version to 4.6.2, no changes needed

 -- Jeremy Bícha <jbicha@ubuntu.com>  Sun, 07 May 2023 10:46:02 -0400

libsoup3 (3.4.1-1) experimental; urgency=medium

  * New upstream release
  * Drop patch applied in new release

 -- Jeremy Bicha <jbicha@ubuntu.com>  Fri, 21 Apr 2023 10:56:33 +0200

libsoup3 (3.4.0-1) experimental; urgency=medium

  * New upstream release
  * Cherry-pick fix for build on various architectures

 -- Jeremy Bicha <jbicha@ubuntu.com>  Sun, 19 Mar 2023 18:12:58 -0400

libsoup3 (3.3.1-1) experimental; urgency=medium

  * New upstream release
  * debian/libsoup-3.0-0.symbols: Add new symbols

 -- Jeremy Bicha <jbicha@ubuntu.com>  Tue, 14 Feb 2023 11:35:19 -0500

libsoup3 (3.2.2-1) unstable; urgency=medium

  * New upstream release
  * Drop cherry-picked 32-bit patches: applied in new release

 -- Jeremy Bicha <jbicha@ubuntu.com>  Wed, 30 Nov 2022 15:11:19 -0500

libsoup3 (3.2.1-2) unstable; urgency=medium

  * Cherry-pick patches to fix 32-bit build

 -- Jeremy Bicha <jbicha@ubuntu.com>  Fri, 21 Oct 2022 14:09:33 -0400

libsoup3 (3.2.1-1) unstable; urgency=medium

  * New upstream release (LP: #1992503)

 -- Jeremy Bicha <jbicha@ubuntu.com>  Tue, 11 Oct 2022 15:19:46 -0400

libsoup3 (3.2.0-1) unstable; urgency=medium

  * New upstream release

 -- Jeremy Bicha <jbicha@ubuntu.com>  Wed, 14 Sep 2022 16:04:35 -0400

libsoup3 (3.1.4-1) unstable; urgency=medium

  [ Jeremy Bicha ]
  * New upstream release

  [ Eric Long ]
  * Add patch to fix build test timeout on riscv64 (Closes: #1018709)

 -- Jeremy Bicha <jbicha@ubuntu.com>  Fri, 02 Sep 2022 16:23:08 -0400

libsoup3 (3.1.3-2) unstable; urgency=medium

  [ Samuel Thibault ]
  * Fix unsatisfiable dependency on non-Linux (Closes: #1017758)

 -- Jeremy Bicha <jbicha@ubuntu.com>  Sun, 21 Aug 2022 16:23:16 -0400

libsoup3 (3.1.3-1) unstable; urgency=medium

  * Team upload
  * New upstream release

 -- Jesús Soto <jesus.soto@canonical.com>  Tue, 16 Aug 2022 14:23:55 -0500

libsoup3 (3.1.1-1) unstable; urgency=medium

  * New upstream release
  * Refresh patch
  * Build-Depend on gi-docgen instead of gtk-doc-tools
  * debian/libsoup-3.0-0.symbols: Add new symbols

 -- Jeremy Bicha <jbicha@ubuntu.com>  Wed, 03 Aug 2022 08:20:06 -0400

libsoup3 (3.0.7-1) unstable; urgency=medium

  * New upstream release (LP: #1980400)
  * debian/libsoup-3.0-0.symbols: Drop 2 unused symbols no longer exported

 -- Jeremy Bicha <jbicha@ubuntu.com>  Thu, 30 Jun 2022 15:10:11 -0400

libsoup3 (3.0.6-1) unstable; urgency=medium

  * New upstream release
  * debian/control.in: Bump minimum meson to 0.54

 -- Jeremy Bicha <jbicha@ubuntu.com>  Thu, 31 Mar 2022 16:47:01 -0400

libsoup3 (3.0.5-1) unstable; urgency=medium

  * New upstream release
  * Drop test patches applied in new release

 -- Jeremy Bicha <jbicha@ubuntu.com>  Fri, 18 Mar 2022 14:47:42 -0400

libsoup3 (3.0.4-4) unstable; urgency=medium

  * Team upload
  * d/rules: Increase test timeouts.
    http2-body-stream-test timed out on mipsel and riscv64 machines.
    Ideally we should extend the timeout for particularly slow tests
    upstream, but for now, just apply a multiplier so we can see how long
    they take in practice.
  * d/patches: Add more debug-logging for starting/stopping Apache.
    This will hopefully help to debug intermittent test failures in which
    Apache fails to bind to a port that is already in use.

 -- Simon McVittie <smcv@debian.org>  Wed, 16 Mar 2022 12:21:59 +0000

libsoup3 (3.0.4-3) unstable; urgency=medium

  * Team upload

  [ Jeremy Bicha ]
  * debian/control.in: Have libsoup-3.0-dev depend on libsysprof-4-dev
    per its pkgconfig file

  [ Simon McVittie ]
  * d/p/tests-Install-http2-server.py.patch,
    d/p/tests-Install-missing-test-cert-and-key-for-installed-tes.patch:
    Add patches to install http2-server.py and some test TLS certificates,
    fixing an autopkgtest
  * d/patches: Remove workarounds for libsoup#175.
    A better workaround for glib#2563 was merged upstream before 3.0.4.
  * d/control.in: installed-tests depend on python3 and python3-quart
  * d/control.in: Fix Vcs-Git, Vcs-Browser for this source package name
  * Upload to unstable.
    Please coordinate with the GNOME team before transitioning other
    packages to use this version of libsoup: it is important that we avoid
    trying to load libsoup 2 and libsoup 3 into the same process space.

 -- Simon McVittie <smcv@debian.org>  Tue, 15 Mar 2022 13:09:07 +0000

libsoup3 (3.0.4-2) experimental; urgency=medium

  * debian/* Fix several libsoup-3.0 missing hyphens. Thanks Alberto Garcia.

 -- Jeremy Bicha <jeremy.bicha@canonical.com>  Thu, 24 Feb 2022 11:25:39 -0500

libsoup3 (3.0.4-1) experimental; urgency=medium

  * New upstream release (Closes: #1006006)
  * Rename packages for new major release with new namespace
  * debian/libsoup-3.0-0.symbols: Update
  * debian/control.in: Bump minimum meson to 0.53 & libglib2.0-dev to 2.69
  * debian/control.in: Build-Depend on libnghttp2-dev
  * debian/control.in: Build-Depend on libsysprof-capture-4-dev
  * debian/control.in: Build-Depend on winbind for NTLM support
  * debian/control.in: Build-Depend on libgnutls28-dev & python3-quart
    for build tests
  * debian/control.in: Drop obsolete libxml2 & php-xmlrpc dependencies
  * debian/rules: Update build flags for new version
  * debian/rules: Disable autobahn tests
  * Update patches

 -- Jeremy Bicha <jeremy.bicha@canonical.com>  Fri, 18 Feb 2022 14:56:10 -0500

libsoup2.4 (2.74.2-3) unstable; urgency=medium

  * Team upload
  * Source-only upload to allow testing migration
  * Move to debhelper compat level 13
  * Standards-Version: 4.6.0 (no changes required)
  * Override Lintian errors for RUNPATH in installed-tests.
    These have a private shared library for common code.
  * Override overzealous Lintian hint for documentation outside /usr/share/doc
  * d/p/tests-add-soup_test_build_filename_abs.patch,
    d/p/test-utils-Log-Apache-arguments.patch,
    d/p/test-utils-Save-Apache-server-root-during-initialization.patch:
    Add patches to fix unit test teardown for XMLRPC tests
  * Adjust PHP dependencies.
    php currently has a complicated version number as a result of a
    transition to PHP 8 that was started and then rolled back.
  * d/p/Record-Apache-error-log-for-unit-tests-and-show-it-during.patch:
    Add patch to display Apache error log in test diagnostics
  * d/p/Mark-XMLRPC-tests-as-flaky.patch:
    Add patch to treat tests based on php-xmlrpc as unreliable

 -- Simon McVittie <smcv@debian.org>  Mon, 27 Dec 2021 20:33:29 +0000

libsoup2.4 (2.74.2-2) unstable; urgency=medium

  * Add libsoup2.4-common package for translations

 -- Jeremy Bicha <jbicha@debian.org>  Sun, 28 Nov 2021 16:04:43 -0500

libsoup2.4 (2.74.2-1) unstable; urgency=medium

  * New upstream release
  * Update debian/copyright

 -- Jeremy Bicha <jbicha@debian.org>  Sun, 28 Nov 2021 15:57:59 -0500

libsoup2.4 (2.74.1-1) unstable; urgency=medium

  * New upstream release
  * debian/control.in: Allow building against php8
  * debian/control.in: Add php8 as an alternate dependency to php-xmlrpc

 -- Jeremy Bicha <jbicha@debian.org>  Sun, 24 Oct 2021 20:43:30 -0400

libsoup2.4 (2.74.0-3) unstable; urgency=medium

  * Drop vala patch since vala 0.54 is in Debian (Closes: #997243)

 -- Jeremy Bicha <jbicha@debian.org>  Sat, 23 Oct 2021 15:38:01 -0400

libsoup2.4 (2.74.0-2) unstable; urgency=medium

  * Add patch to revert commit applied for use with vala 0.53.1

 -- Jeremy Bicha <jbicha@debian.org>  Tue, 31 Aug 2021 19:13:26 -0400

libsoup2.4 (2.74.0-1) unstable; urgency=medium

  * New upstream release
  * Drop three patches applied in new release
  * Don't let debhelper 13.4+ make all the installed-tests executable

 -- Jeremy Bicha <jbicha@debian.org>  Thu, 26 Aug 2021 20:45:31 -0400

libsoup2.4 (2.72.0-4) unstable; urgency=medium

  * Team upload
  * Upload to unstable, to unblock upload of GLib 2.68.x

 -- Simon McVittie <smcv@debian.org>  Sun, 15 Aug 2021 14:06:06 +0100

libsoup2.4 (2.72.0-3) experimental; urgency=medium

  * d/p/tests-connection-test-Update-expected-events-for-GLib-2.6.patch. Fix
    test compatibility with glib 2.67.0

 -- Iain Lane <laney@debian.org>  Thu, 04 Mar 2021 22:05:29 +0000

libsoup2.4 (2.72.0-2) unstable; urgency=medium

  * Team upload
  * d/p/gitlab_tests_fix.patch:
    Update patch metadata to reflect it being applied upstream
  * Amend 2.71.1-1 changelog entry to reflect that patch fixing tests when
    run against glib-networking >= 2.65.90 (see #970935)
  * d/p/tests-ensure-we-use-an-absolute-path-for-apache-server-ro.patch:
    Add patch from upstream to fix Apache startup in some circumstances.
    This might make d/p/tests-Skip-tests-if-unable-to-start-Apache.patch
    unnecessary, but that patch was for an intermittent failure, so let's
    get more test results before removing it.
  * Release to unstable

 -- Simon McVittie <smcv@debian.org>  Sun, 27 Sep 2020 16:46:52 +0100

libsoup2.4 (2.72.0-1) experimental; urgency=medium

  * New upstream release

 -- Sebastien Bacher <seb128@ubuntu.com>  Tue, 15 Sep 2020 13:59:03 +0200

libsoup2.4 (2.71.1-1) experimental; urgency=medium

  * New upstream release
  * debian/patches/gitlab_tests_fix.patch:
    - backport an upstream proposed change to fix the tests
      (Closes: #970935)

 -- Sebastien Bacher <seb128@ubuntu.com>  Thu, 10 Sep 2020 10:27:08 +0200

libsoup2.4 (2.71.0-1) experimental; urgency=medium

  [ Simon McVittie ]
  * d/shlibs.local: Generate lockstep dependencies between binary packages.
    Upstream developers are not going to support mixing binary packages
    of different versions from the same source package, and neither should
    we; they all migrate to testing as a unit anyway.
  * Don't override libexecdir to libexec.
    This is the default now.

  [ Sebastien Bacher ]
  * New upstream release
  * debian/libsoup2.4-1.symbols:
    - refreshed the list of sumbols for the new version
  * d/p/test-utils-Clarify-meaning-of-an-environment-variable.patch:
    - removed, the fix is included in the new version

 -- Sebastien Bacher <seb128@ubuntu.com>  Wed, 19 Aug 2020 13:58:53 +0200

libsoup2.4 (2.70.0-1) unstable; urgency=medium

  * Team upload
  * New upstream stable release
  * Merge packaging changes from unstable
  * d/p/test-utils-Clarify-meaning-of-an-environment-variable.patch,
    d/p/tests-Skip-tests-if-unable-to-start-Apache.patch:
    Work around intermittent failure to start Apache for unit tests
  * Upload 2.70.x branch to unstable

 -- Simon McVittie <smcv@debian.org>  Wed, 11 Mar 2020 09:43:38 +0000

libsoup2.4 (2.68.4-1) unstable; urgency=medium

  * Team upload

  [ Sebastien Bacher ]
  * debian/test/build:
    - Use the correct compiler for proposed autopkgtest cross-testing
      support

  [ Simon McVittie ]
  * New upstream release
    - Require GLib 2.58, for g_canonicalize_filename()
  * Correct list of patches in previous changelog entry.
    d/p/tests-Disable-parallelism-for-XMLRPC-server-tests.patch
    turned out to be unnecessary and was dropped before upload.
  * d/p/xmlrpc-tests-Cope-with-GLib-2.62-TAP-output.patch,
    d/p/tests-Disable-parallelism-for-installed-tests-too.patch:
    Drop, applied upstream
  * Switch packaging branch to debian/unstable, upstream/2.68.x.
    Versions 2.69.x are already in debian/master and upstream/latest.
  * d/watch: Only watch for stable releases
  * d/p/skip-tls_interaction-test.patch, d/tests:
    Don't skip this test (suspected to be flaky) if an environment variable
    is set. Run it as an autopkgtest marked as flaky, to get an idea of
    how often it fails.
  * Standards-Version: 4.5.0
  * Replace non-standard pkg.libsoup2.4.noinsttests build-profile with
    noinsttest
  * libsoup2.4-1.docs: Normalize order of lines
  * Normalize order of (build-)dependencies (wrap-and-sort -a)
  * Wrap long lines in changelog entries: 2.62.2-2
  * Set field Upstream-Name in debian/copyright
  * Set upstream metadata fields: Bug-Database, Bug-Submit, Repository,
    Repository-Browse

  [ Andreas Henriksson ]
  * Make libnss-myhostname (build-)dep only apply on linux (Closes: #947943)

 -- Simon McVittie <smcv@debian.org>  Sat, 29 Feb 2020 21:07:01 +0000

libsoup2.4 (2.69.90-1) experimental; urgency=medium

  [ Sebastien Bacher ]
  * debian/test/build:
    - Use the correct compiler for proposed autopkgtest cross-testing
      support

  [ Simon McVittie ]
  * New upstream release
    - Allow introspection in cross builds
    - Fixes to testing infrastructure
    - Require GLib 2.58, for g_canonicalize_filename()
  * Correct list of patches in previous changelog entry.
    d/p/tests-Disable-parallelism-for-XMLRPC-server-tests.patch
    turned out to be unnecessary and was dropped before upload.
  * d/p/xmlrpc-tests-Cope-with-GLib-2.62-TAP-output.patch,
    d/p/tests-Disable-parallelism-for-installed-tests-too.patch:
    Drop, applied upstream

  [ Iain Lane ]
  * New upstream release:
    - Add new API to expose support for same-site cookies
    - Deprecate soup_date_to_timeval()
    - Fix TRACE method not being considered safe and idempotent internally
    - WebSockets: do not start the input source when IO is closing
  * Add new symbols for 2.69.90

  [ Andreas Henriksson ]
  * Make libnss-myhostname (build-)dep only apply on linux (Closes: #947943)

 -- Iain Lane <laney@debian.org>  Wed, 19 Feb 2020 14:04:37 +0000

libsoup2.4 (2.68.2-2) experimental; urgency=medium

  * Team upload
  * Upload to experimental for NEW processing
  * Install automated tests in a new libsoup2.4-tests binary package
  * d/tests/installed-tests: Run those tests
  * d/p/tests-Disable-parallelism-for-installed-tests-too.patch:
    Avoid running tests in parallel if they need a specific port number

 -- Simon McVittie <smcv@debian.org>  Wed, 09 Oct 2019 14:50:18 +0100

libsoup2.4 (2.68.2-1) unstable; urgency=medium

  * Team upload
  * d/gbp.conf: Switch branch to debian/unstable.
    We should upload the fix for CVE-2019-17266 to unstable, but
    the debian/master branch already has a version waiting for NEW
    processing.
  * New upstream release (CVE-2019-17266) (Closes: #941912)
  * libsoup-gnome2.4-dev: Explicitly depend on gir1.2-soup-2.4.
    According to the GIR mini-policy, this is required because
    gir1.2-soup-2.4 contains SoupGNOME-2.4.typelib, corresponding to
    SoupGNOME-2.4.gir in libsoup-gnome2.4-dev. This dependency is not in
    fact strictly necessary, because libsoup-gnome2.4-dev depends on
    libsoup2.4-dev which in turn depends on gir1.2-soup-2.4, but Lintian
    doesn't look at recursive dependencies.
  * libsoup2.4-doc.links: Create symlinks to documentation in /usr/share/doc.
    The actual documentation files remain in /usr/share/gtk-doc/html,
    because they are technically a programmatic interface: other libraries
    that depend on libsoup2.4 and use gtk-doc will use that path to fix
    cross-references in their own documentation.
    There are symlinks in both /u/s/d/libsoup2.4-dev (the "main package"
    in Policy §12.3), and /u/s/d/libsoup2.4-doc (the traditional location
    for documentation).
  * libsoup2.4-doc: Add Recommends: libglib2.0-doc, for the cross-references.
    The libsoup2.4 documentation contains many cross-references to GLib,
    GObject and GIO documentation. Add symlinks in /usr/share/doc so that
    those cross-references can be followed, even in browsers that treat
    symlinks like directories for the purposes of resolving relative paths.
  * d/libsoup2.4-doc.doc-base: Use the symlinks in /usr/share/doc.
    This is functionally equivalent to what we already had, but silences
    a Lintian error.
  * Standards-Version: 4.4.1 (no changes required)
  * d/copyright: Update
  * d/p/xmlrpc-tests-Cope-with-GLib-2.62-TAP-output.patch:
    Add proposed patch to fix test failures with GLib 2.62
  * Explicitly build-depend on libapache2-mod-php, PHP 7 and Python 3.
    The script that checks for the required PHP version is written in
    Python 3 and specifically looks for a php7* module. It seems that in
    practice the dependency resolver used on unstable buildds will always
    select libapache2-mod-php anyway, but the resolver used on
    experimental buildds can select the -cgi or -fpm implementations,
    which are not detected, resulting in the necessary files for some of
    the installed-tests not being installed.
  * Add lintian overrides for the binary package names not precisely
    matching the SONAMEs.
    They're close enough to achieve the goal of the mechanically-generated
    naming convention, and changing them now (other than at the time of an
    upstream SONAME bump) seems like more disruption than it's worth.

 -- Simon McVittie <smcv@debian.org>  Wed, 09 Oct 2019 12:23:19 +0100

libsoup2.4 (2.68.1-2) unstable; urgency=medium

  * Build-Depend on debhelper-compat 12 and drop debian/compat
  * Bump Standards-Version to 4.4.0
  * Drop obsolete dh_strip dbgsym migration rule

 -- Jeremy Bicha <jbicha@debian.org>  Sat, 28 Sep 2019 09:55:29 -0400

libsoup2.4 (2.68.1-1) experimental; urgency=medium

  [ Philip Chimento ]
  * debian/control.in: Add build dependency on libnss-myhostname, this
    should provide a way to resolve *.localhost which the HSTS tests depend
    on.
  * debian/patches/disable_buggy_test.patch: Dropped, the test passes now.

  [ Sebastien Bacher ]
  * New upstream release

 -- Sebastien Bacher <seb128@ubuntu.com>  Mon, 16 Sep 2019 15:18:07 +0200

libsoup2.4 (2.68.0-1) experimental; urgency=medium

  [ Simon McVittie ]
  * Add a superficial autopkgtest for the -dev packages.
    This will detect bugs like #935944 in future.
  * libsoup2.4-dev: Add missing dependency on libbrotli-dev
    (Closes: #935944)

  [ Sebastien Bacher ]
  * New upstream release
  * debian/control.in:
    - libsoup2.4-dev depends also on zlib1g-dev now
  * debian/patches/disable_buggy_test.patch:
    - disabled some buggy tests following upstream's recommendation, at
      least until the next version where they plan to rework or drop those

 -- Sebastien Bacher <seb128@ubuntu.com>  Wed, 11 Sep 2019 15:09:30 +0200

libsoup2.4 (2.67.92-2) experimental; urgency=medium

  * debian/rules:
    - set the feature arguments to 'enabled'

 -- Sebastien Bacher <seb128@debian.org>  Wed, 21 Aug 2019 15:46:10 +0200

libsoup2.4 (2.67.92-1) experimental; urgency=medium

  * New upstream release

 -- Sebastien Bacher <seb128@ubuntu.com>  Wed, 21 Aug 2019 13:57:06 +0200

libsoup2.4 (2.67.91-2) experimental; urgency=medium

  * debian/libsoup2.4-1.symbols:
    - updated for the new version

 -- Sebastien Bacher <seb128@ubuntu.com>  Tue, 20 Aug 2019 15:53:24 +0200

libsoup2.4 (2.67.91-1) experimental; urgency=medium

  * New upstream release

 -- Sebastien Bacher <seb128@ubuntu.com>  Tue, 20 Aug 2019 09:19:30 +0200

libsoup2.4 (2.67.3-1) experimental; urgency=medium

  * debian/watch: Find unstable versions
  * New upstream release
  * debian/rules: Explicilty enable the new brotli support
  * debian/rules: 'doc' is renamed to 'gtk_doc' in meson_options.txt
  * debian/libsoup2.4-1.symbols: Add new symbols introduced w/this release

 -- Iain Lane <iain.lane@canonical.com>  Fri, 19 Jul 2019 11:00:24 +0100

# Older entries have been removed from this changelog.
# To read the complete changelog use `apt changelog libsoup-3.0-0`.

Generated by dwww version 1.16 on Sun Jul 12 07:15:56 CEST 2026.