CLSA-2026-1771519029 libsoup: Fix of 2 CVEs

CVE-2026-1761: fix stack-based buffer overflow in multipart HTTP response parsing caused by incorrect length calculation in soupfilterinputstreamreaduntil - CVE-2026-0719: fix stack-based buffer overflow in NTLM authentication caused by integer overflow in md4sum with excessively long passwords...

OESA-2026-1323 libsoup security update

libsoup is an HTTP client/server library for GNOME. It uses GObjects and the glib main loop, to integrate well with GNOME applications, and also has a synchronous API, for use in threaded applications. Security Fixes: A flaw in libsoup’s HTTP header handling allows multiple Host: headers in a...

SUSE SLES15 Security Update : libsoup (SUSE-SU-2026:0211-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0211-1 advisory. - CVE-2025-14523: Reject duplicated Host in headers and followed upstream update bsc1254876. - CVE-2026-0716: Fixed out-of-bounds...

SUSE SLES15 Security Update : libsoup2 (SUSE-SU-2026:0258-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0258-1 advisory. - CVE-2025-14523: Reject duplicated Host in headers and followed upstream update bsc1254876. - CVE-2026-0719: Fixed overflow for...

Security update for libsoup2

This update for libsoup2 fixes the following issues: CVE-2025-14523: Reject duplicated Host in headers and followed upstream update bsc1254876. CVE-2026-0719: Fixed overflow for password md4sum bsc1256399 Patch Instructions: To install this SUSE update use the SUSE recommended installation method...

SUSE-SU-2026:0257-1 Security update for libsoup

This update for libsoup fixes the following issues: - CVE-2026-0716: Fixed out-of-bounds read for websocket bsc1256418 - CVE-2026-0719: Fixed overflow for password md4sum bsc1256399 - CVE-2025-14523: Reject duplicated Host in headers and followed upstream update bsc1254876...

Security update for libsoup2

This update for libsoup2 fixes the following issues: CVE-2025-14523: Reject duplicated Host in headers and followed upstream update bsc1254876. CVE-2026-0719: Fixed overflow for password md4sum bsc1256399 Patch Instructions: To install this SUSE update use the SUSE recommended installation method...

SUSE-SU-2026:0211-1 Security update for libsoup

This update for libsoup fixes the following issues: - CVE-2025-14523: Reject duplicated Host in headers and followed upstream update bsc1254876. - CVE-2026-0716: Fixed out-of-bounds read for websocket bsc1256418 - CVE-2026-0719: Fixed overflow for password md4sum bsc1256399...

SUSE-SU-2026:20360-1 Security update for libsoup

This update for libsoup fixes the following issues: - CVE-2025-14523: flaw in HTTP header handling can lead to host header parsing discrepancy between servers and proxies and allow for request smuggling, cache poisoning and bypass of access controls bsc1254876. - CVE-2025-12105: heap use-after-fr...

Security update for libsoup

This update for libsoup fixes the following issues: CVE-2025-14523: Reject duplicated Host in headers and followed upsteram update bsc1254876. CVE-2026-0719: Fixed overflow for password md4sum bsc1256399 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods...

CVE-2026-0719

A flaw was identified in the NTLM authentication handling of the libsoup HTTP library, used by GNOME and other applications for network communication. When processing extremely long passwords, an internal size calculation can overflow due to improper use of signed integers. This results in...