From b39354486deacf587ee2a50f9b1f39ef7cec23c0 Mon Sep 17 00:00:00 2001
From: qilinyangxiaodong <yangxiaodong@kylinos.cn>
Date: Mon, 17 Nov 2025 21:02:59 +0800
Subject: [PATCH] fix CVE-2024-52532

---
 backport-0003-CVE-2024-52532.patch | 21 +++++++++++++++++++++
 libsoup.spec                       |  9 ++++++++-
 2 files changed, 29 insertions(+), 1 deletion(-)
 create mode 100644 backport-0003-CVE-2024-52532.patch

diff --git a/backport-0003-CVE-2024-52532.patch b/backport-0003-CVE-2024-52532.patch
new file mode 100644
index 0000000..23ed9f2
--- /dev/null
+++ b/backport-0003-CVE-2024-52532.patch
@@ -0,0 +1,21 @@
+--- a/tests/websocket-test.c	2022-10-12 02:27:22.000000000 +0800
++++ b/tests/websocket-test.c	2024-12-13 16:34:41.558920381 +0800
+@@ -1300,8 +1300,9 @@
+ 	GError *error = NULL;
+ 	InvalidEncodeLengthTest context = { test, NULL };
+ 	guint i;
++	guint error_id;
+ 
+-	g_signal_connect (test->client, "error", G_CALLBACK (on_error_copy), &error);
++	error_id = g_signal_connect (test->client, "error", G_CALLBACK (on_error_copy), &error);
+ 	g_signal_connect (test->client, "message", G_CALLBACK (on_binary_message), &received);
+ 
+ 	/* We use 126(~) as payload length with 125 extended length */
+@@ -1314,6 +1315,7 @@
+ 	WAIT_UNTIL (error != NULL || received != NULL);
+ 	g_assert_error (error, SOUP_WEBSOCKET_ERROR, SOUP_WEBSOCKET_CLOSE_PROTOCOL_ERROR);
+ 	g_clear_error (&error);
++	g_signal_handler_disconnect (test->client, error_id);
+ 	g_assert_null (received);
+ 
+ 	g_thread_join (thread);
diff --git a/libsoup.spec b/libsoup.spec
index ccc19e6..e868198 100644
--- a/libsoup.spec
+++ b/libsoup.spec
@@ -2,7 +2,7 @@
 
 Name:           libsoup
 Version:        2.74.3
-Release:        10
+Release:        11
 Summary:        An HTTP library implementation
 License:        LGPL-2.0-only
 URL:            https://wiki.gnome.org/Projects/libsoup
@@ -40,6 +40,7 @@ Patch6028:      backport-CVE-2025-46421.patch
 Patch6029:      backport-CVE-2025-4476.patch
 Patch6030:      backport-CVE-2025-4948.patch
 Patch6031:      backport-CVE-2025-4969.patch
+Patch6032:      backport-0003-CVE-2024-52532.patch
 
 BuildRequires: meson >= 0.50
 BuildRequires: pkgconfig(gio-2.0) >= 2.58
@@ -113,6 +114,12 @@ sed -i 's/idm[0-9]\{5,32\}/idm12345678912345/g' %{buildroot}%{_datadir}/gtk-doc/
 %{_datadir}/gtk-doc/html/libsoup-2.4
 
 %changelog
+* Mon Nov 17 2025 yangxiaodong <yangxiaodong@kylinos.cn> - 2.74.3-11
+- Type:cves
+- ID:CVE-2024-52532
+- SUG:NA
+- DESC:fix CVE-2024-52532
+
 * Thu May 29 2025 zhangpan <zhangpan103@h-partners.com> - 2.74.3-10
 - Type:cves
 - ID:CVE-2025-4476 CVE-2025-4948 CVE-2025-4969
-- 
Gitee