Description:
The libsoup packages provide an HTTP client and server library for GNOME.
Security Fix(es):
* libsoup: Heap buffer over-read in `skip_insignificant_space` when sniffing content (CVE-2025-2784)
* libsoup: Denial of Service attack to websocket server (CVE-2025-32049)
* libsoup: OOB Read on libsoup through function "soup_multipart_new_from_message" in soup-multipart.c leads to crash or exit of process (CVE-2025-32914)
* libsoup: Integer Underflow in soup_multipart_new_from_message() Leading to Denial of Service in libsoup (CVE-2025-4948)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
| Architecture |
Package |
Checksum |
| aarch64 |
libsoup-2.62.3-9.el8_10.aarch64.rpm |
ecf943c6d4f3116c7243c7885b270e6f80457ad115659c263d0375d7495da56f |
| aarch64 |
libsoup-devel-2.62.3-9.el8_10.aarch64.rpm |
ee2f867aaeb5c305b6e7bce700230ce877e385dc6d7c5430cf2e756ded5c69e3 |
| i686 |
libsoup-devel-2.62.3-9.el8_10.i686.rpm |
1f59b216bd4e64d7299487b200fcff8027b9a03b8fcd69a860a1b4bc357e2283 |
| i686 |
libsoup-2.62.3-9.el8_10.i686.rpm |
6f9cd2e03b50e3e5c3deb0d264516d87e4ee6d73fcd58e554eaf954431609c99 |
| ppc64le |
libsoup-2.62.3-9.el8_10.ppc64le.rpm |
08d922841669845c83ae107810dac0aec54297a44377f4333b74d92a43d49bc7 |
| ppc64le |
libsoup-devel-2.62.3-9.el8_10.ppc64le.rpm |
5f90d727020ff8e257176a17d28e21f368949752c1e0c81887df302f259cd460 |
| s390x |
libsoup-2.62.3-9.el8_10.s390x.rpm |
b4de832d48b2882c33b64040a970c9aeb39be4253ca2f7ab111b2bba33fecf3f |
| s390x |
libsoup-devel-2.62.3-9.el8_10.s390x.rpm |
c6d8c9ab91b3f94a10425510721cd7c60ad77198ed8ab86ca9136e784fc14a16 |
| x86_64 |
libsoup-devel-2.62.3-9.el8_10.x86_64.rpm |
4096f8ab94923f3f7df55319161447b0cefde38b9853ad32a3f9c83ce840b799 |
| x86_64 |
libsoup-2.62.3-9.el8_10.x86_64.rpm |
babc1076cbc6e8e02bf67cac8b45af69fda738cc8da68e0db2496fd7abf80d55 |
