ALSA-2026:0423

[ALSA-2026:0423] Important: libsoup3 security update

Type:

security

Severity:

important

Release date:

2026-01-16

Description:

Libsoup is an HTTP library implementation in C. It was originally part of a SOAP (Simple Object Access Protocol) implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages. libsoup uses the Glib main loop and is designed to work well with GTK applications. This enables GNOME applications to access HTTP servers on the network in a completely asynchronous fashion, very similar to the Gtk+ programming model (a synchronous operation mode is also supported for those who want it), but the SOAP parts were removed long ago.  

Security Fix(es):  

  * libsoup: libsoup: Duplicate Host Header Handling Causes Host-Parsing Discrepancy (First- vs Last-Value Wins) (CVE-2025-14523)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	libsoup3-devel-3.6.5-3.el10_1.8.aarch64.rpm	1be2b8ff67dca19063ac05edcdad96a4298879f2e0262765dabcbf7c13a315fd
aarch64	libsoup3-3.6.5-3.el10_1.8.aarch64.rpm	d89a098c53b268c151937d4349ff04534104f25cf600f65ffa94bff2f5b89612
noarch	libsoup3-doc-3.6.5-3.el10_1.8.noarch.rpm	8ed97c9a1a703661eb82c105face921f622fc4708b0498230b898951295899e1
ppc64le	libsoup3-devel-3.6.5-3.el10_1.8.ppc64le.rpm	54acf7840106a05c70a83426ab22da74debfb98ef3224f5d0056dbe5e7ec2a54
ppc64le	libsoup3-3.6.5-3.el10_1.8.ppc64le.rpm	79277333bcd66239cf4500ddee3c4dfe8753631dc3c223965ac55243eff45867
s390x	libsoup3-devel-3.6.5-3.el10_1.8.s390x.rpm	af143e71489b3f003991d3310e82b3571fcd80a95fc5937d5fec5463d41ec02a
s390x	libsoup3-3.6.5-3.el10_1.8.s390x.rpm	dce6e1b8cc65a58c083a5ffae86f9a53c99aaaf4e809a8a552b9024da83cb0f5
x86_64	libsoup3-3.6.5-3.el10_1.8.x86_64.rpm	5d56180948d99709846e1c084323dc429ed1f7eaa1da68dfd660cd9f42a710bf
x86_64	libsoup3-devel-3.6.5-3.el10_1.8.x86_64.rpm	a5e6897884af6972545719b19e9b71b895a7286d1f70776b7d57a9ed0e3b06f6
x86_64_v2	libsoup3-devel-3.6.5-3.el10_1.8.x86_64_v2.rpm	ce2b4aa7e0e174a2350ffb93973ca11d8d4df60590acb7217ca3d9a9125a055c
x86_64_v2	libsoup3-3.6.5-3.el10_1.8.x86_64_v2.rpm	e18bff55293033f8edd538213465d598e7f49b9f1c46adf1fc5d4fa60cf8f34f

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.