[ALSA-2025:19714] Important: libsoup security update
Type:
security
Severity:
important
Release date:
2025-11-07
Description:
The libsoup packages provide an HTTP client and server library for GNOME. Security Fix(es): * libsoup: Integer Overflow in Cookie Expiration Date Handling in libsoup (CVE-2025-4945) * libsoup: Out-of-Bounds Read in Cookie Date Handling of libsoup HTTP Library (CVE-2025-11021) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 libsoup-devel-2.62.3-10.el8_10.aarch64.rpm 043113cfce7be4ba0c4dcc5b2735d4d7a325c9cbecb45595f939b3c2bd5c829a
aarch64 libsoup-2.62.3-10.el8_10.aarch64.rpm 5c6eea16e3d424e1440b2ea12b52009937213bef6b4dd6394329fa79b171df3e
i686 libsoup-devel-2.62.3-10.el8_10.i686.rpm 20479eb363f445ab70c9765940e8ec8cad24c80532a2ec99d55c4e59a9d58840
i686 libsoup-2.62.3-10.el8_10.i686.rpm e1660499679095bc983c27cc05b04e7a775bf130bcf8ea7b20a62155466c756d
ppc64le libsoup-2.62.3-10.el8_10.ppc64le.rpm 5699fdb94234f1e07aafa731ea17b30f74907db50dfff7290dc04d86a3234b9b
ppc64le libsoup-devel-2.62.3-10.el8_10.ppc64le.rpm 70026042bcbcc34ffd7c8ed09a7dd806ddd822ba7edc807056193962afcd3548
s390x libsoup-2.62.3-10.el8_10.s390x.rpm 35ee73684452f8e021db57acfbb11b95fd036d7c8e217fadad804b60c7a43bbd
s390x libsoup-devel-2.62.3-10.el8_10.s390x.rpm 44d99e0bfc4dd33038cbd895d1c66ed8c31f7735adf21d404a365cbfbb2778d1
x86_64 libsoup-devel-2.62.3-10.el8_10.x86_64.rpm 3532ffb07652f708b0b1943577286148e78cd1f495b665c10ca534ab6bf3b102
x86_64 libsoup-2.62.3-10.el8_10.x86_64.rpm cce99c10a5f2b64ccb442c1e4015cb2af7d5de69b101ec66131a8d14c90900b8
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.