ALSA-2026:2182

[ALSA-2026:2182] Important: libsoup3 security update

Type:

security

Severity:

important

Release date:

2026-02-06

Description:

Libsoup is an HTTP library implementation in C. It was originally part of a SOAP (Simple Object Access Protocol) implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages. libsoup uses the Glib main loop and is designed to work well with GTK applications. This enables GNOME applications to access HTTP servers on the network in a completely asynchronous fashion, very similar to the Gtk+ programming model (a synchronous operation mode is also supported for those who want it), but the SOAP parts were removed long ago.  

Security Fix(es):  

  * libsoup: Signed to Unsigned Conversion Error Leading to Stack-Based Buffer Overflow in libsoup NTLM Authentication (CVE-2026-0719)
  * libsoup: Stack-Based Buffer Overflow in libsoup Multipart Response Parsingmultipart HTTP response (CVE-2026-1761)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	libsoup3-3.6.5-3.el10_1.9.aarch64.rpm	1e86ae800b5a68128dbc44b869c480addb3be3b85122fecbc397b3bf8d3341e6
aarch64	libsoup3-devel-3.6.5-3.el10_1.9.aarch64.rpm	9f865ae9a091ae8ddb2df76d5247db6ddf983bf19ec97445d9f6ce74fe3f265a
noarch	libsoup3-doc-3.6.5-3.el10_1.9.noarch.rpm	c5a13ea7b87529168e6633802580187fdcd2de43917221fbc25a1aa3721b520d
ppc64le	libsoup3-3.6.5-3.el10_1.9.ppc64le.rpm	0227185e8e9b942bcbcce4b78c7bef69040f5d51e349e7196417f3b409591dce
ppc64le	libsoup3-devel-3.6.5-3.el10_1.9.ppc64le.rpm	a0b8b6e10e1fa39aa5819d137a109392e24e701b123100a696154d4748f1f80d
s390x	libsoup3-devel-3.6.5-3.el10_1.9.s390x.rpm	96026732ff5ed9eb2a7eedab2e160b386ca9b29674142dcc8d0325cd720dd5c4
s390x	libsoup3-3.6.5-3.el10_1.9.s390x.rpm	9c8b925d92e620de54d3ce75dbf6f3b3e8d8160d412d5f8a795101b4cbe33a76
x86_64	libsoup3-3.6.5-3.el10_1.9.x86_64.rpm	3d86e8eab8fca89640d82554fbe515da93f7075c002872e25e799ee9b48ec4d9
x86_64	libsoup3-devel-3.6.5-3.el10_1.9.x86_64.rpm	8ea9a35a0c5ae2e2e8c850d3d0524ef54fc8950c395bd94bbc5a8f25d2bf4d76
x86_64_v2	libsoup3-3.6.5-3.el10_1.9.x86_64_v2.rpm	35ce5721a166a8a663a70c2402e7d0e8cae0039ab25afc1ee83aa2816e273681
x86_64_v2	libsoup3-devel-3.6.5-3.el10_1.9.x86_64_v2.rpm	b52de5b85f1d7461b7441d61b841dc52117f9ba9d316a8897227e50be2abbfc2

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.