ALSA-2026:19143

[ALSA-2026:19143] Moderate: libsoup3 security update

Type:

security

Severity:

moderate

Release date:

2026-05-26

Description:

Libsoup is an HTTP library implementation in C. It was originally part of a SOAP (Simple Object Access Protocol) implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages. libsoup uses the Glib main loop and is designed to work well with GTK applications. This enables GNOME applications to access HTTP servers on the network in a completely asynchronous fashion, very similar to the Gtk+ programming model (a synchronous operation mode is also supported for those who want it), but the SOAP parts were removed long ago.  

Security Fix(es):  

  * libsoup: libsoup: Denial of Service via Use-After-Free in HTTP/2 server (CVE-2026-4271)
  * libsoup: libsoup: Information disclosure via cleartext transmission of cookies during HTTPS tunnel establishment (CVE-2026-5119)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	libsoup3-devel-3.6.5-3.el10_2.11.aarch64.rpm	46359728033ef7db7509616de8fdd1c9db9ac7f54aa114f4b3b40b48a5166551
aarch64	libsoup3-3.6.5-3.el10_2.11.aarch64.rpm	fa5bbb6b86369a81fd38e5c62517f82e9bc75e80f11188861e60d99d38e7e7bc
noarch	libsoup3-doc-3.6.5-3.el10_2.11.noarch.rpm	e9c9aacec423d69703716502eee70d36997b031b05b8cdd423d46cbd4cf7206c
ppc64le	libsoup3-3.6.5-3.el10_2.11.ppc64le.rpm	315a5c090efbc086af2aa37904d54d2626dbd0810cdc7066cfec63ca9b9d9a3b
ppc64le	libsoup3-devel-3.6.5-3.el10_2.11.ppc64le.rpm	7fc4c61666831b4199e75cb2b029c96697b899e91f8b9ddadeaf878a79eccb42
s390x	libsoup3-devel-3.6.5-3.el10_2.11.s390x.rpm	a9aa6144bba1fe96d10fba0c5c3fd727dae58853d7090430e5bf9d41b8bead08
s390x	libsoup3-3.6.5-3.el10_2.11.s390x.rpm	ac1e6d86d494bbd3f54c7a85f5cdfb44049e5f784c33bea6cde39bff1cac9683
x86_64	libsoup3-devel-3.6.5-3.el10_2.11.x86_64.rpm	3eac197ea71f50a431f9d006cd3c3c7f3a17cf39b27ecd63a6f1bd19912eac46
x86_64	libsoup3-3.6.5-3.el10_2.11.x86_64.rpm	b7634121742c3f218f724ae568a845757fe715cb5acd1b194b2e1da355c15af9
x86_64_v2	libsoup3-devel-3.6.5-3.el10_2.11.x86_64_v2.rpm	28788897ff445bb5456a22517cb78a388ac21ee0d8101ac3796d25e830d566b6
x86_64_v2	libsoup3-3.6.5-3.el10_2.11.x86_64_v2.rpm	51f68826da83aadb59fee2dfde1e436f0f39b894d5ff3cc881b8cb4e98812dc5

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.