libsoup3 (3.4.4-5ubuntu0.7) noble-security; urgency=medium
* SECURITY UPDATE: Carriage Return Line Feed Injection
- debian/patches/CVE-2026-1467.patch: Do host validation when checking if
a GUri is valid
- debian/patches/CVE-2026-1536-pre1.patch: Reject duplicate host headers
- debian/patches/CVE-2026-1536.patch: Always validate the headers value
when coming from untrusted source
- CVE-2026-1467
- CVE-2026-1536
* SECURITY UPDATE: Information Leak
- debian/patches/CVE-2026-1539.patch: Also remove Proxy-Authorization
header on cross origin redirect
- CVE-2026-1539
-- Bruce Cable <bruce.cable@canonical.com> Mon, 02 Feb 2026 15:38:57 +1100
libsoup3 (3.4.4-5ubuntu0.6) noble-security; urgency=medium
* SECURITY UPDATE: Use after free in HTTP/2 queues.
- debian/patches/CVE-2025-12105.patch: Add SOUP_MESSAGE_FINISHED checks in
libsoup/soup-session.c.
- CVE-2025-12105
-- Hlib Korzhynskyy <hlib.korzhynskyy@canonical.com> Thu, 11 Dec 2025 17:37:16 -0330
libsoup3 (3.4.4-5ubuntu0.5) noble-security; urgency=medium
* SECURITY UPDATE: Denial of service.
- debian/patches/CVE-2025-32907-*.patch: Add i-- in
libsoup/soup-message-headers.c. Add B_SANITIZE_OPTION to meson.build.
- debian/patches/CVE-2025-4948.patch: Add ternary end - 2 - split check in
libsoup/soup-multipart.c.
- CVE-2025-32907
- CVE-2025-4948
* SECURITY UPDATE: Out of bounds read.
- debian/patches/CVE-2025-4969.patch: Add extra if checks for start of line
in libsoup/soup-multipart.c.
- CVE-2025-4969
* SECURITY UPDATE: Improper validation of cookie expiration.
- debian/patches/CVE-2025-4945-*.patch: Add extra date checks in
libsoup/soup-date-utils.c.
- CVE-2025-4945
-- Hlib Korzhynskyy <hlib.korzhynskyy@canonical.com> Mon, 14 Jul 2025 16:35:26 -0230
libsoup3 (3.4.4-5ubuntu0.4) noble-security; urgency=medium
* SECURITY UPDATE: Denial of service.
- debian/patches/CVE-2025-32908-1.patch: Add NULL checks with returns for
NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE in
./libsoup/server/http2/soup-server-message-io-http2.c.
- debian/patches/CVE-2025-32908-2.patch: Improve NULL checks in
./libsoup/server/http2/soup-server-message-io-http2.c.
- debian/patches/CVE-2025-4476.patch: Replace strcmp with g_strcmp0 in
./libsoup/auth/soup-auth-digest.c.
- CVE-2025-32908
- CVE-2025-4476
-- Hlib Korzhynskyy <hlib.korzhynskyy@canonical.com> Thu, 22 May 2025 15:14:07 -0230
libsoup3 (3.4.4-5ubuntu0.3) noble-security; urgency=medium
* SECURITY UPDATE: Out of bound read.
- debian/patches/CVE-2025-32906-*.patch: Add out of bound checks in
soup_headers_parse_request in ./libsoup/soup-headers.c.
- debian/patches/CVE-2025-32914.patch: Replace strstr operation with
g_strstr_len in ./libsoup/soup-multipart.c.
- CVE-2025-32906
- CVE-2025-32914
* SECURITY UPDATE: Null pointer dereference.
- debian/patches/CVE-2025-32909.patch: Add resource size check in
./libsoup/content-sniffer/soup-content-sniffer.c.
- debian/patches/CVE-2025-32910-32912-*.patch: Add checks for missing realm
and nonce, and fix memory leak in ./libsoup/auth/soup-auth-digest.c.
- debian/patches/CVE-2025-32912-*.patch: Add additional checks for nonce in
./libsoup/auth/soup-auth-digest.c.
- CVE-2025-32909
- CVE-2025-32910
- CVE-2025-32912
* SECURITY UPDATE: Memory corruption.
- debian/patches/CVE-2025-32911-32913-*.patch: Add checks for empty
filename in ./libsoup/soup-message-headers.c.
- CVE-2025-32911
- CVE-2025-32913
* SECURITY UPDATE: Memory leak.
- debian/patches/CVE-2025-46420.patch: Free allocated strings during
iteration in ./libsoup/soup-headers.c.
- CVE-2025-46420
* SECURITY UPDATE: Information exposure through host impersonation.
- debian/patches/CVE-2025-46421.patch: Strip credentials on cross-origin
redirects in ./libsoup/soup-session.c.
- CVE-2025-46421
-- Hlib Korzhynskyy <hlib.korzhynskyy@canonical.com> Wed, 30 Apr 2025 16:32:01 -0230
libsoup3 (3.4.4-5ubuntu0.2) noble-security; urgency=medium
* SECURITY UPDATE: out-of-bounds read
- debian/patches/CVE-2025-2784-1.patch: Fix potential overflow
- debian/patches/CVE-2025-2784-2.patch: Add better coverage of
skip_insignificant_space()
- CVE-2025-2784
* SECURITY UPDATE: out-of-bounds read
- debian/patches/CVE-2025-32050.patch: Fix using int instead of
size_t for strcspn return
- CVE-2025-32050
* SECURITY UPDATE: null pointer dereference
- debian/patches/CVE-2025-32051-1.patch: Fix possible NULL deref in
soup_uri_decode_data_uri
- debian/patches/CVE-2025-32051-2.patch: Handle URIs with a path
starting with //
- CVE-2025-32051
* SECURITY UPDATE: out-of-bounds read
- debian/patches/CVE-2025-32052.patch: Fix heap buffer overflow in
soup_content_sniffer_sniff
- CVE-2025-32052
* SECURITY UPDATE: out-of-bounds read
- debian/patches/CVE-2025-32053.patch: Fix heap buffer overflow in
sniff_feed_or_html()
- CVE-2025-32053
-- Fabian Toepfer <fabian.toepfer@canonical.com> Wed, 09 Apr 2025 14:47:38 +0200
libsoup3 (3.4.4-5ubuntu0.1) noble-security; urgency=medium
* SECURITY UPDATE: Request smuggling
- debian/patches/CVE-2024-52530.patch: Strictly don't allow NUL
bytes in headers
- CVE-2024-52530
* SECURITY UPDATE: Buffer overflow
- debian/patches/CVE-2024-52531-1.patch: Be more robust against
invalid input when parsing params
- debian/patches/CVE-2024-52531-2.patch: Add test for passing
invalid UTF-8 to soup_header_parse_semi_param_list()
- CVE-2024-52531
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2024-52532-1.patch: process the frame as soon
as data is read
- debian/patches/CVE-2024-52532-2.patch: disconnect error copy
after the test ends
- CVE-2024-52532
-- Bruce Cable <bruce.cable@canonical.com> Mon, 18 Nov 2024 15:21:40 +1100
libsoup3 (3.4.4-5build2) noble; urgency=medium
* No-change rebuild for CVE-2024-3094
-- Steve Langasek <steve.langasek@ubuntu.com> Sun, 31 Mar 2024 02:17:22 +0000
libsoup3 (3.4.4-5build1) noble; urgency=medium
* No-change rebuild against libglib2.0-0t64
-- Steve Langasek <steve.langasek@ubuntu.com> Fri, 08 Mar 2024 05:29:46 +0000
libsoup3 (3.4.4-5) unstable; urgency=medium
* Don't require libapache2-mod-php on i386 either
-- Jeremy Bícha <jbicha@ubuntu.com> Sun, 28 Jan 2024 20:05:48 -0500
libsoup3 (3.4.4-4) unstable; urgency=medium
* Don't require php on i386: only used by tests
-- Jeremy Bícha <jbicha@ubuntu.com> Sun, 28 Jan 2024 08:50:22 -0500
libsoup3 (3.4.4-3) unstable; urgency=medium
[ Simon McVittie ]
* d/rules: Explicitly disable pkcs11_tests if built with nocheck,noinsttest.
These require GNUTLS, which is omitted from the build dependencies
if built with both of those profiles. Because we're using
-Dauto_features=enabled, we need to override that for each feature that
is not wanted.
Note that both of those profiles need to be activated during
bootstrapping: even if we are not going to run the test suite during
the build, we need to compile it for the libsoup3.0-tests binary package,
unless the noinsttest build profile was specified. (Closes: #1061133)
-- Jeremy Bícha <jbicha@ubuntu.com> Fri, 19 Jan 2024 09:06:45 -0500
libsoup3 (3.4.4-2) unstable; urgency=medium
* Team upload
* d/control: Stop generating from d/control.in
* d/control: Explicitly build-depend on required GIR XML.
Helps: #1030223
* d/control: Add ${gir:Depends}, ${gir:Provides} to -dev package.
Helps: #1030223
* Remove version constraints unnecessary since Debian 11
-- Simon McVittie <smcv@debian.org> Fri, 17 Nov 2023 13:28:30 +0000
libsoup3 (3.4.4-1) unstable; urgency=medium
* New upstream release
- Fix regression seen in Ubuntu's s390s autopkgtest (LP: #2036444)
-- Jeremy Bícha <jbicha@ubuntu.com> Thu, 26 Oct 2023 20:24:22 -0400
libsoup3 (3.4.3-1) unstable; urgency=medium
* New upstream release
-- Jeremy Bícha <jbicha@ubuntu.com> Fri, 15 Sep 2023 14:09:13 -0400
libsoup3 (3.4.2-4) unstable; urgency=medium
* Revert "d/rules, d/meson/no-exe-wrapper.ini: Work around FTBFS on mips64el":
The underlying issue was fixed in meson 1.2.1
* Have -dev package depend on libsysprof-capture-4-dev instead of
libsysprof-4-dev
-- Jeremy Bícha <jbicha@ubuntu.com> Thu, 10 Aug 2023 09:55:02 -0400
libsoup3 (3.4.2-3) unstable; urgency=medium
* d/rules, d/meson/no-exe-wrapper.ini: Work around FTBFS on mips64el
Mitigates: #1041499
-- Jeremy Bícha <jbicha@ubuntu.com> Fri, 04 Aug 2023 11:37:09 -0400
libsoup3 (3.4.2-2) unstable; urgency=medium
* Release to unstable
-- Jeremy Bícha <jbicha@ubuntu.com> Sun, 23 Jul 2023 15:55:23 -0400
libsoup3 (3.4.2-1) experimental; urgency=medium
* New upstream release
* Update lintian override info format
* Update standards version to 4.6.2, no changes needed
-- Jeremy Bícha <jbicha@ubuntu.com> Sun, 07 May 2023 10:46:02 -0400
libsoup3 (3.4.1-1) experimental; urgency=medium
* New upstream release
* Drop patch applied in new release
-- Jeremy Bicha <jbicha@ubuntu.com> Fri, 21 Apr 2023 10:56:33 +0200
libsoup3 (3.4.0-1) experimental; urgency=medium
* New upstream release
* Cherry-pick fix for build on various architectures
-- Jeremy Bicha <jbicha@ubuntu.com> Sun, 19 Mar 2023 18:12:58 -0400
libsoup3 (3.3.1-1) experimental; urgency=medium
* New upstream release
* debian/libsoup-3.0-0.symbols: Add new symbols
-- Jeremy Bicha <jbicha@ubuntu.com> Tue, 14 Feb 2023 11:35:19 -0500
libsoup3 (3.2.2-1) unstable; urgency=medium
* New upstream release
* Drop cherry-picked 32-bit patches: applied in new release
-- Jeremy Bicha <jbicha@ubuntu.com> Wed, 30 Nov 2022 15:11:19 -0500
libsoup3 (3.2.1-2) unstable; urgency=medium
* Cherry-pick patches to fix 32-bit build
-- Jeremy Bicha <jbicha@ubuntu.com> Fri, 21 Oct 2022 14:09:33 -0400
libsoup3 (3.2.1-1) unstable; urgency=medium
* New upstream release (LP: #1992503)
-- Jeremy Bicha <jbicha@ubuntu.com> Tue, 11 Oct 2022 15:19:46 -0400
libsoup3 (3.2.0-1) unstable; urgency=medium
* New upstream release
-- Jeremy Bicha <jbicha@ubuntu.com> Wed, 14 Sep 2022 16:04:35 -0400
libsoup3 (3.1.4-1) unstable; urgency=medium
[ Jeremy Bicha ]
* New upstream release
[ Eric Long ]
* Add patch to fix build test timeout on riscv64 (Closes: #1018709)
-- Jeremy Bicha <jbicha@ubuntu.com> Fri, 02 Sep 2022 16:23:08 -0400
libsoup3 (3.1.3-2) unstable; urgency=medium
[ Samuel Thibault ]
* Fix unsatisfiable dependency on non-Linux (Closes: #1017758)
-- Jeremy Bicha <jbicha@ubuntu.com> Sun, 21 Aug 2022 16:23:16 -0400
libsoup3 (3.1.3-1) unstable; urgency=medium
* Team upload
* New upstream release
-- Jesús Soto <jesus.soto@canonical.com> Tue, 16 Aug 2022 14:23:55 -0500
libsoup3 (3.1.1-1) unstable; urgency=medium
* New upstream release
* Refresh patch
* Build-Depend on gi-docgen instead of gtk-doc-tools
* debian/libsoup-3.0-0.symbols: Add new symbols
-- Jeremy Bicha <jbicha@ubuntu.com> Wed, 03 Aug 2022 08:20:06 -0400
libsoup3 (3.0.7-1) unstable; urgency=medium
* New upstream release (LP: #1980400)
* debian/libsoup-3.0-0.symbols: Drop 2 unused symbols no longer exported
-- Jeremy Bicha <jbicha@ubuntu.com> Thu, 30 Jun 2022 15:10:11 -0400
libsoup3 (3.0.6-1) unstable; urgency=medium
* New upstream release
* debian/control.in: Bump minimum meson to 0.54
-- Jeremy Bicha <jbicha@ubuntu.com> Thu, 31 Mar 2022 16:47:01 -0400
libsoup3 (3.0.5-1) unstable; urgency=medium
* New upstream release
* Drop test patches applied in new release
-- Jeremy Bicha <jbicha@ubuntu.com> Fri, 18 Mar 2022 14:47:42 -0400
libsoup3 (3.0.4-4) unstable; urgency=medium
* Team upload
* d/rules: Increase test timeouts.
http2-body-stream-test timed out on mipsel and riscv64 machines.
Ideally we should extend the timeout for particularly slow tests
upstream, but for now, just apply a multiplier so we can see how long
they take in practice.
* d/patches: Add more debug-logging for starting/stopping Apache.
This will hopefully help to debug intermittent test failures in which
Apache fails to bind to a port that is already in use.
-- Simon McVittie <smcv@debian.org> Wed, 16 Mar 2022 12:21:59 +0000
libsoup3 (3.0.4-3) unstable; urgency=medium
* Team upload
[ Jeremy Bicha ]
* debian/control.in: Have libsoup-3.0-dev depend on libsysprof-4-dev
per its pkgconfig file
[ Simon McVittie ]
* d/p/tests-Install-http2-server.py.patch,
d/p/tests-Install-missing-test-cert-and-key-for-installed-tes.patch:
Add patches to install http2-server.py and some test TLS certificates,
fixing an autopkgtest
* d/patches: Remove workarounds for libsoup#175.
A better workaround for glib#2563 was merged upstream before 3.0.4.
* d/control.in: installed-tests depend on python3 and python3-quart
* d/control.in: Fix Vcs-Git, Vcs-Browser for this source package name
* Upload to unstable.
Please coordinate with the GNOME team before transitioning other
packages to use this version of libsoup: it is important that we avoid
trying to load libsoup 2 and libsoup 3 into the same process space.
-- Simon McVittie <smcv@debian.org> Tue, 15 Mar 2022 13:09:07 +0000
libsoup3 (3.0.4-2) experimental; urgency=medium
* debian/* Fix several libsoup-3.0 missing hyphens. Thanks Alberto Garcia.
-- Jeremy Bicha <jeremy.bicha@canonical.com> Thu, 24 Feb 2022 11:25:39 -0500
libsoup3 (3.0.4-1) experimental; urgency=medium
* New upstream release (Closes: #1006006)
* Rename packages for new major release with new namespace
* debian/libsoup-3.0-0.symbols: Update
* debian/control.in: Bump minimum meson to 0.53 & libglib2.0-dev to 2.69
* debian/control.in: Build-Depend on libnghttp2-dev
* debian/control.in: Build-Depend on libsysprof-capture-4-dev
* debian/control.in: Build-Depend on winbind for NTLM support
* debian/control.in: Build-Depend on libgnutls28-dev & python3-quart
for build tests
* debian/control.in: Drop obsolete libxml2 & php-xmlrpc dependencies
* debian/rules: Update build flags for new version
* debian/rules: Disable autobahn tests
* Update patches
-- Jeremy Bicha <jeremy.bicha@canonical.com> Fri, 18 Feb 2022 14:56:10 -0500
libsoup2.4 (2.74.2-3) unstable; urgency=medium
* Team upload
* Source-only upload to allow testing migration
* Move to debhelper compat level 13
* Standards-Version: 4.6.0 (no changes required)
* Override Lintian errors for RUNPATH in installed-tests.
These have a private shared library for common code.
* Override overzealous Lintian hint for documentation outside /usr/share/doc
* d/p/tests-add-soup_test_build_filename_abs.patch,
d/p/test-utils-Log-Apache-arguments.patch,
d/p/test-utils-Save-Apache-server-root-during-initialization.patch:
Add patches to fix unit test teardown for XMLRPC tests
* Adjust PHP dependencies.
php currently has a complicated version number as a result of a
transition to PHP 8 that was started and then rolled back.
* d/p/Record-Apache-error-log-for-unit-tests-and-show-it-during.patch:
Add patch to display Apache error log in test diagnostics
* d/p/Mark-XMLRPC-tests-as-flaky.patch:
Add patch to treat tests based on php-xmlrpc as unreliable
-- Simon McVittie <smcv@debian.org> Mon, 27 Dec 2021 20:33:29 +0000
libsoup2.4 (2.74.2-2) unstable; urgency=medium
* Add libsoup2.4-common package for translations
-- Jeremy Bicha <jbicha@debian.org> Sun, 28 Nov 2021 16:04:43 -0500
libsoup2.4 (2.74.2-1) unstable; urgency=medium
* New upstream release
* Update debian/copyright
-- Jeremy Bicha <jbicha@debian.org> Sun, 28 Nov 2021 15:57:59 -0500
libsoup2.4 (2.74.1-1) unstable; urgency=medium
* New upstream release
* debian/control.in: Allow building against php8
* debian/control.in: Add php8 as an alternate dependency to php-xmlrpc
-- Jeremy Bicha <jbicha@debian.org> Sun, 24 Oct 2021 20:43:30 -0400
libsoup2.4 (2.74.0-3) unstable; urgency=medium
* Drop vala patch since vala 0.54 is in Debian (Closes: #997243)
-- Jeremy Bicha <jbicha@debian.org> Sat, 23 Oct 2021 15:38:01 -0400
libsoup2.4 (2.74.0-2) unstable; urgency=medium
* Add patch to revert commit applied for use with vala 0.53.1
-- Jeremy Bicha <jbicha@debian.org> Tue, 31 Aug 2021 19:13:26 -0400
libsoup2.4 (2.74.0-1) unstable; urgency=medium
* New upstream release
* Drop three patches applied in new release
* Don't let debhelper 13.4+ make all the installed-tests executable
-- Jeremy Bicha <jbicha@debian.org> Thu, 26 Aug 2021 20:45:31 -0400
libsoup2.4 (2.72.0-4) unstable; urgency=medium
* Team upload
* Upload to unstable, to unblock upload of GLib 2.68.x
-- Simon McVittie <smcv@debian.org> Sun, 15 Aug 2021 14:06:06 +0100
libsoup2.4 (2.72.0-3) experimental; urgency=medium
* d/p/tests-connection-test-Update-expected-events-for-GLib-2.6.patch. Fix
test compatibility with glib 2.67.0
-- Iain Lane <laney@debian.org> Thu, 04 Mar 2021 22:05:29 +0000
libsoup2.4 (2.72.0-2) unstable; urgency=medium
* Team upload
* d/p/gitlab_tests_fix.patch:
Update patch metadata to reflect it being applied upstream
* Amend 2.71.1-1 changelog entry to reflect that patch fixing tests when
run against glib-networking >= 2.65.90 (see #970935)
* d/p/tests-ensure-we-use-an-absolute-path-for-apache-server-ro.patch:
Add patch from upstream to fix Apache startup in some circumstances.
This might make d/p/tests-Skip-tests-if-unable-to-start-Apache.patch
unnecessary, but that patch was for an intermittent failure, so let's
get more test results before removing it.
* Release to unstable
-- Simon McVittie <smcv@debian.org> Sun, 27 Sep 2020 16:46:52 +0100
libsoup2.4 (2.72.0-1) experimental; urgency=medium
* New upstream release
-- Sebastien Bacher <seb128@ubuntu.com> Tue, 15 Sep 2020 13:59:03 +0200
libsoup2.4 (2.71.1-1) experimental; urgency=medium
* New upstream release
* debian/patches/gitlab_tests_fix.patch:
- backport an upstream proposed change to fix the tests
(Closes: #970935)
-- Sebastien Bacher <seb128@ubuntu.com> Thu, 10 Sep 2020 10:27:08 +0200
libsoup2.4 (2.71.0-1) experimental; urgency=medium
[ Simon McVittie ]
* d/shlibs.local: Generate lockstep dependencies between binary packages.
Upstream developers are not going to support mixing binary packages
of different versions from the same source package, and neither should
we; they all migrate to testing as a unit anyway.
* Don't override libexecdir to libexec.
This is the default now.
[ Sebastien Bacher ]
* New upstream release
* debian/libsoup2.4-1.symbols:
- refreshed the list of sumbols for the new version
* d/p/test-utils-Clarify-meaning-of-an-environment-variable.patch:
- removed, the fix is included in the new version
-- Sebastien Bacher <seb128@ubuntu.com> Wed, 19 Aug 2020 13:58:53 +0200
libsoup2.4 (2.70.0-1) unstable; urgency=medium
* Team upload
* New upstream stable release
* Merge packaging changes from unstable
* d/p/test-utils-Clarify-meaning-of-an-environment-variable.patch,
d/p/tests-Skip-tests-if-unable-to-start-Apache.patch:
Work around intermittent failure to start Apache for unit tests
* Upload 2.70.x branch to unstable
-- Simon McVittie <smcv@debian.org> Wed, 11 Mar 2020 09:43:38 +0000
libsoup2.4 (2.68.4-1) unstable; urgency=medium
* Team upload
[ Sebastien Bacher ]
* debian/test/build:
- Use the correct compiler for proposed autopkgtest cross-testing
support
[ Simon McVittie ]
* New upstream release
- Require GLib 2.58, for g_canonicalize_filename()
* Correct list of patches in previous changelog entry.
d/p/tests-Disable-parallelism-for-XMLRPC-server-tests.patch
turned out to be unnecessary and was dropped before upload.
* d/p/xmlrpc-tests-Cope-with-GLib-2.62-TAP-output.patch,
d/p/tests-Disable-parallelism-for-installed-tests-too.patch:
Drop, applied upstream
* Switch packaging branch to debian/unstable, upstream/2.68.x.
Versions 2.69.x are already in debian/master and upstream/latest.
* d/watch: Only watch for stable releases
* d/p/skip-tls_interaction-test.patch, d/tests:
Don't skip this test (suspected to be flaky) if an environment variable
is set. Run it as an autopkgtest marked as flaky, to get an idea of
how often it fails.
* Standards-Version: 4.5.0
* Replace non-standard pkg.libsoup2.4.noinsttests build-profile with
noinsttest
* libsoup2.4-1.docs: Normalize order of lines
* Normalize order of (build-)dependencies (wrap-and-sort -a)
* Wrap long lines in changelog entries: 2.62.2-2
* Set field Upstream-Name in debian/copyright
* Set upstream metadata fields: Bug-Database, Bug-Submit, Repository,
Repository-Browse
[ Andreas Henriksson ]
* Make libnss-myhostname (build-)dep only apply on linux (Closes: #947943)
-- Simon McVittie <smcv@debian.org> Sat, 29 Feb 2020 21:07:01 +0000
libsoup2.4 (2.69.90-1) experimental; urgency=medium
[ Sebastien Bacher ]
* debian/test/build:
- Use the correct compiler for proposed autopkgtest cross-testing
support
[ Simon McVittie ]
* New upstream release
- Allow introspection in cross builds
- Fixes to testing infrastructure
- Require GLib 2.58, for g_canonicalize_filename()
* Correct list of patches in previous changelog entry.
d/p/tests-Disable-parallelism-for-XMLRPC-server-tests.patch
turned out to be unnecessary and was dropped before upload.
* d/p/xmlrpc-tests-Cope-with-GLib-2.62-TAP-output.patch,
d/p/tests-Disable-parallelism-for-installed-tests-too.patch:
Drop, applied upstream
[ Iain Lane ]
* New upstream release:
- Add new API to expose support for same-site cookies
- Deprecate soup_date_to_timeval()
- Fix TRACE method not being considered safe and idempotent internally
- WebSockets: do not start the input source when IO is closing
* Add new symbols for 2.69.90
[ Andreas Henriksson ]
* Make libnss-myhostname (build-)dep only apply on linux (Closes: #947943)
-- Iain Lane <laney@debian.org> Wed, 19 Feb 2020 14:04:37 +0000
libsoup2.4 (2.68.2-2) experimental; urgency=medium
* Team upload
* Upload to experimental for NEW processing
* Install automated tests in a new libsoup2.4-tests binary package
* d/tests/installed-tests: Run those tests
* d/p/tests-Disable-parallelism-for-installed-tests-too.patch:
Avoid running tests in parallel if they need a specific port number
-- Simon McVittie <smcv@debian.org> Wed, 09 Oct 2019 14:50:18 +0100
libsoup2.4 (2.68.2-1) unstable; urgency=medium
* Team upload
* d/gbp.conf: Switch branch to debian/unstable.
We should upload the fix for CVE-2019-17266 to unstable, but
the debian/master branch already has a version waiting for NEW
processing.
* New upstream release (CVE-2019-17266) (Closes: #941912)
* libsoup-gnome2.4-dev: Explicitly depend on gir1.2-soup-2.4.
According to the GIR mini-policy, this is required because
gir1.2-soup-2.4 contains SoupGNOME-2.4.typelib, corresponding to
SoupGNOME-2.4.gir in libsoup-gnome2.4-dev. This dependency is not in
fact strictly necessary, because libsoup-gnome2.4-dev depends on
libsoup2.4-dev which in turn depends on gir1.2-soup-2.4, but Lintian
doesn't look at recursive dependencies.
* libsoup2.4-doc.links: Create symlinks to documentation in /usr/share/doc.
The actual documentation files remain in /usr/share/gtk-doc/html,
because they are technically a programmatic interface: other libraries
that depend on libsoup2.4 and use gtk-doc will use that path to fix
cross-references in their own documentation.
There are symlinks in both /u/s/d/libsoup2.4-dev (the "main package"
in Policy §12.3), and /u/s/d/libsoup2.4-doc (the traditional location
for documentation).
* libsoup2.4-doc: Add Recommends: libglib2.0-doc, for the cross-references.
The libsoup2.4 documentation contains many cross-references to GLib,
GObject and GIO documentation. Add symlinks in /usr/share/doc so that
those cross-references can be followed, even in browsers that treat
symlinks like directories for the purposes of resolving relative paths.
* d/libsoup2.4-doc.doc-base: Use the symlinks in /usr/share/doc.
This is functionally equivalent to what we already had, but silences
a Lintian error.
* Standards-Version: 4.4.1 (no changes required)
* d/copyright: Update
* d/p/xmlrpc-tests-Cope-with-GLib-2.62-TAP-output.patch:
Add proposed patch to fix test failures with GLib 2.62
* Explicitly build-depend on libapache2-mod-php, PHP 7 and Python 3.
The script that checks for the required PHP version is written in
Python 3 and specifically looks for a php7* module. It seems that in
practice the dependency resolver used on unstable buildds will always
select libapache2-mod-php anyway, but the resolver used on
experimental buildds can select the -cgi or -fpm implementations,
which are not detected, resulting in the necessary files for some of
the installed-tests not being installed.
* Add lintian overrides for the binary package names not precisely
matching the SONAMEs.
They're close enough to achieve the goal of the mechanically-generated
naming convention, and changing them now (other than at the time of an
upstream SONAME bump) seems like more disruption than it's worth.
-- Simon McVittie <smcv@debian.org> Wed, 09 Oct 2019 12:23:19 +0100
libsoup2.4 (2.68.1-2) unstable; urgency=medium
* Build-Depend on debhelper-compat 12 and drop debian/compat
* Bump Standards-Version to 4.4.0
* Drop obsolete dh_strip dbgsym migration rule
-- Jeremy Bicha <jbicha@debian.org> Sat, 28 Sep 2019 09:55:29 -0400
libsoup2.4 (2.68.1-1) experimental; urgency=medium
[ Philip Chimento ]
* debian/control.in: Add build dependency on libnss-myhostname, this
should provide a way to resolve *.localhost which the HSTS tests depend
on.
* debian/patches/disable_buggy_test.patch: Dropped, the test passes now.
[ Sebastien Bacher ]
* New upstream release
-- Sebastien Bacher <seb128@ubuntu.com> Mon, 16 Sep 2019 15:18:07 +0200
libsoup2.4 (2.68.0-1) experimental; urgency=medium
[ Simon McVittie ]
* Add a superficial autopkgtest for the -dev packages.
This will detect bugs like #935944 in future.
* libsoup2.4-dev: Add missing dependency on libbrotli-dev
(Closes: #935944)
[ Sebastien Bacher ]
* New upstream release
* debian/control.in:
- libsoup2.4-dev depends also on zlib1g-dev now
* debian/patches/disable_buggy_test.patch:
- disabled some buggy tests following upstream's recommendation, at
least until the next version where they plan to rework or drop those
-- Sebastien Bacher <seb128@ubuntu.com> Wed, 11 Sep 2019 15:09:30 +0200
libsoup2.4 (2.67.92-2) experimental; urgency=medium
* debian/rules:
- set the feature arguments to 'enabled'
-- Sebastien Bacher <seb128@debian.org> Wed, 21 Aug 2019 15:46:10 +0200
libsoup2.4 (2.67.92-1) experimental; urgency=medium
* New upstream release
-- Sebastien Bacher <seb128@ubuntu.com> Wed, 21 Aug 2019 13:57:06 +0200
libsoup2.4 (2.67.91-2) experimental; urgency=medium
* debian/libsoup2.4-1.symbols:
- updated for the new version
-- Sebastien Bacher <seb128@ubuntu.com> Tue, 20 Aug 2019 15:53:24 +0200
libsoup2.4 (2.67.91-1) experimental; urgency=medium
* New upstream release
-- Sebastien Bacher <seb128@ubuntu.com> Tue, 20 Aug 2019 09:19:30 +0200
libsoup2.4 (2.67.3-1) experimental; urgency=medium
* debian/watch: Find unstable versions
* New upstream release
* debian/rules: Explicilty enable the new brotli support
* debian/rules: 'doc' is renamed to 'gtk_doc' in meson_options.txt
* debian/libsoup2.4-1.symbols: Add new symbols introduced w/this release
-- Iain Lane <iain.lane@canonical.com> Fri, 19 Jul 2019 11:00:24 +0100
# Older entries have been removed from this changelog.
# To read the complete changelog use `apt changelog libsoup-3.0-0`.
Generated by dwww version 1.16 on Sun Jul 12 07:15:56 CEST 2026.