RLSA-2026:2215

Synopsis

Important: libsoup security update

Description

The libsoup packages provide an HTTP client and server library for GNOME.

Security Fix(es):

* libsoup: Signed to Unsigned Conversion Error Leading to Stack-Based Buffer Overflow in libsoup NTLM Authentication (CVE-2026-0719)

* libsoup: Stack-Based Buffer Overflow in libsoup Multipart Response Parsingmultipart HTTP response (CVE-2026-1761)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected products

Rocky Linux 8 aarch64 Rocky Linux 8 x86_64

Fixes

2427906 2435961

CVEs

CVE-2026-0719 CVE-2026-1761

Affected packages

Rocky Linux 8 aarch64 - BaseOS

libsoup-0:2.62.3-13.el8_10.aarch64.rpm libsoup-0:2.62.3-13.el8_10.src.rpm libsoup-debuginfo-0:2.62.3-13.el8_10.aarch64.rpm libsoup-debugsource-0:2.62.3-13.el8_10.aarch64.rpm

Rocky Linux 8 x86_64 - BaseOS

libsoup-0:2.62.3-13.el8_10.i686.rpm libsoup-0:2.62.3-13.el8_10.src.rpm libsoup-0:2.62.3-13.el8_10.x86_64.rpm libsoup-debuginfo-0:2.62.3-13.el8_10.i686.rpm libsoup-debuginfo-0:2.62.3-13.el8_10.x86_64.rpm libsoup-debugsource-0:2.62.3-13.el8_10.i686.rpm libsoup-debugsource-0:2.62.3-13.el8_10.x86_64.rpm

Rocky Linux 8 aarch64 - AppStream

libsoup-devel-0:2.62.3-13.el8_10.aarch64.rpm

Rocky Linux 8 x86_64 - AppStream

libsoup-devel-0:2.62.3-13.el8_10.i686.rpm libsoup-devel-0:2.62.3-13.el8_10.x86_64.rpm