[ALSA-2024:9573] Important: libsoup security update
Type:
security
Severity:
important
Release date:
2024-11-14
Description:
The libsoup packages provide an HTTP client and server library for GNOME. Security Fix(es): * libsoup: infinite loop while reading websocket data (CVE-2024-52532) * libsoup: HTTP request smuggling via stripping null bytes from the ends of header names (CVE-2024-52530) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 libsoup-2.62.3-6.el8_10.aarch64.rpm 0a0ed7258d1bed173d26930542d9c3e31d581f9bdc0a8945fe3c2e10adaa41c1
aarch64 libsoup-devel-2.62.3-6.el8_10.aarch64.rpm d403c2fcaf1b7188c03959f1cd7188b595beeecf69241b41fdad8ea07ae82aac
i686 libsoup-devel-2.62.3-6.el8_10.i686.rpm 4010e3dea7228b0e17f9dcf15a9fbcaff02ae8f29b674269f651dcc7813f739a
i686 libsoup-2.62.3-6.el8_10.i686.rpm 8d7885afc98501a7df81804e7f3100e0c3f401001e7e85d235412da3fbab65f7
ppc64le libsoup-devel-2.62.3-6.el8_10.ppc64le.rpm 2ab669d984f7d87d5779dd591abe9326b6da782c3966bd2186eda78280d79c42
ppc64le libsoup-2.62.3-6.el8_10.ppc64le.rpm d02300ed412b578a23afe87e271775611563288116ddfd37132020ddb9753c87
s390x libsoup-devel-2.62.3-6.el8_10.s390x.rpm 6b9c3c9eac5518defbbcc1a90f312d1601146004d72fc05635a9666649e3c43b
s390x libsoup-2.62.3-6.el8_10.s390x.rpm f374df18be2a28ad29782c84b07e73aefd25a975337a122eacf2aee3db10ab02
x86_64 libsoup-devel-2.62.3-6.el8_10.x86_64.rpm 9dd00d6bc17e9f141969d7dc59d450d5877a18c5ab4c18c439cb51dc9c458e96
x86_64 libsoup-2.62.3-6.el8_10.x86_64.rpm ff575fe42fc4dd56c4e1498a6cfb195c4cb31229e389c9cbbb3294145d8b5ddf
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.