Red Hat Product Errata RHSA-2024:9525 - Security Advisory
Issued:
2024-11-13
Updated:
2024-11-13

RHSA-2024:9525 - Security Advisory

Synopsis

Important: libsoup security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for libsoup is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The libsoup packages provide an HTTP client and server library for GNOME.

Security Fix(es):

  • libsoup: HTTP request smuggling via stripping null bytes from the ends of header names (CVE-2024-52530)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.6 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.6 x86_64
  • Red Hat Enterprise Linux Server - TUS 8.6 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6 x86_64

Fixes

  • BZ - 2325284 - CVE-2024-52530 libsoup: HTTP request smuggling via stripping null bytes from the ends of header names

Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.6

SRPM
libsoup-2.62.3-2.el8_6.1.src.rpm SHA-256: 1dc3440ad59a8eda50049b00cee96b5c158062d3ae6f4930010cf0935eb06d29
x86_64
libsoup-2.62.3-2.el8_6.1.i686.rpm SHA-256: 56322f98723474519827449f29cd3a60c98d277df73be56fbd8af5a8871ffae9
libsoup-2.62.3-2.el8_6.1.x86_64.rpm SHA-256: 9a468893640d8ed606ac9133caa5fef4ade6196feeab3bbb203af57b31326c2b
libsoup-debuginfo-2.62.3-2.el8_6.1.i686.rpm SHA-256: 587ed3ced6282f0dca8508a9b959c8e868280c87f9dbbf4a60ff782292b7c070
libsoup-debuginfo-2.62.3-2.el8_6.1.i686.rpm SHA-256: 587ed3ced6282f0dca8508a9b959c8e868280c87f9dbbf4a60ff782292b7c070
libsoup-debuginfo-2.62.3-2.el8_6.1.x86_64.rpm SHA-256: 637fd9d4f7629f802bff7930378002c7280957a271916d56c21f61602abcc48a
libsoup-debuginfo-2.62.3-2.el8_6.1.x86_64.rpm SHA-256: 637fd9d4f7629f802bff7930378002c7280957a271916d56c21f61602abcc48a
libsoup-debugsource-2.62.3-2.el8_6.1.i686.rpm SHA-256: 3032fcca70c58e6870d8b444a73f1fdf802e79ff577744754ad20ff25e8f194f
libsoup-debugsource-2.62.3-2.el8_6.1.i686.rpm SHA-256: 3032fcca70c58e6870d8b444a73f1fdf802e79ff577744754ad20ff25e8f194f
libsoup-debugsource-2.62.3-2.el8_6.1.x86_64.rpm SHA-256: ab6656b539e68f7ff5b5079106f17d89c8ca1f826cda78386994b8670b564bc5
libsoup-debugsource-2.62.3-2.el8_6.1.x86_64.rpm SHA-256: ab6656b539e68f7ff5b5079106f17d89c8ca1f826cda78386994b8670b564bc5
libsoup-devel-2.62.3-2.el8_6.1.i686.rpm SHA-256: 7efcc66ffa871bd466729783772f5995a217dc2663ef9a11cc205cb531a053e7
libsoup-devel-2.62.3-2.el8_6.1.x86_64.rpm SHA-256: d0b95f8d8a2df5619a9e5880f6f9a6d32a9691dce154fa234e5bb821e5848c53

Red Hat Enterprise Linux Server - AUS 8.6

SRPM
libsoup-2.62.3-2.el8_6.1.src.rpm SHA-256: 1dc3440ad59a8eda50049b00cee96b5c158062d3ae6f4930010cf0935eb06d29
x86_64
libsoup-2.62.3-2.el8_6.1.i686.rpm SHA-256: 56322f98723474519827449f29cd3a60c98d277df73be56fbd8af5a8871ffae9
libsoup-2.62.3-2.el8_6.1.x86_64.rpm SHA-256: 9a468893640d8ed606ac9133caa5fef4ade6196feeab3bbb203af57b31326c2b
libsoup-debuginfo-2.62.3-2.el8_6.1.i686.rpm SHA-256: 587ed3ced6282f0dca8508a9b959c8e868280c87f9dbbf4a60ff782292b7c070
libsoup-debuginfo-2.62.3-2.el8_6.1.i686.rpm SHA-256: 587ed3ced6282f0dca8508a9b959c8e868280c87f9dbbf4a60ff782292b7c070
libsoup-debuginfo-2.62.3-2.el8_6.1.x86_64.rpm SHA-256: 637fd9d4f7629f802bff7930378002c7280957a271916d56c21f61602abcc48a
libsoup-debuginfo-2.62.3-2.el8_6.1.x86_64.rpm SHA-256: 637fd9d4f7629f802bff7930378002c7280957a271916d56c21f61602abcc48a
libsoup-debugsource-2.62.3-2.el8_6.1.i686.rpm SHA-256: 3032fcca70c58e6870d8b444a73f1fdf802e79ff577744754ad20ff25e8f194f
libsoup-debugsource-2.62.3-2.el8_6.1.i686.rpm SHA-256: 3032fcca70c58e6870d8b444a73f1fdf802e79ff577744754ad20ff25e8f194f
libsoup-debugsource-2.62.3-2.el8_6.1.x86_64.rpm SHA-256: ab6656b539e68f7ff5b5079106f17d89c8ca1f826cda78386994b8670b564bc5
libsoup-debugsource-2.62.3-2.el8_6.1.x86_64.rpm SHA-256: ab6656b539e68f7ff5b5079106f17d89c8ca1f826cda78386994b8670b564bc5
libsoup-devel-2.62.3-2.el8_6.1.i686.rpm SHA-256: 7efcc66ffa871bd466729783772f5995a217dc2663ef9a11cc205cb531a053e7
libsoup-devel-2.62.3-2.el8_6.1.x86_64.rpm SHA-256: d0b95f8d8a2df5619a9e5880f6f9a6d32a9691dce154fa234e5bb821e5848c53

Red Hat Enterprise Linux Server - TUS 8.6

SRPM
libsoup-2.62.3-2.el8_6.1.src.rpm SHA-256: 1dc3440ad59a8eda50049b00cee96b5c158062d3ae6f4930010cf0935eb06d29
x86_64
libsoup-2.62.3-2.el8_6.1.i686.rpm SHA-256: 56322f98723474519827449f29cd3a60c98d277df73be56fbd8af5a8871ffae9
libsoup-2.62.3-2.el8_6.1.x86_64.rpm SHA-256: 9a468893640d8ed606ac9133caa5fef4ade6196feeab3bbb203af57b31326c2b
libsoup-debuginfo-2.62.3-2.el8_6.1.i686.rpm SHA-256: 587ed3ced6282f0dca8508a9b959c8e868280c87f9dbbf4a60ff782292b7c070
libsoup-debuginfo-2.62.3-2.el8_6.1.i686.rpm SHA-256: 587ed3ced6282f0dca8508a9b959c8e868280c87f9dbbf4a60ff782292b7c070
libsoup-debuginfo-2.62.3-2.el8_6.1.x86_64.rpm SHA-256: 637fd9d4f7629f802bff7930378002c7280957a271916d56c21f61602abcc48a
libsoup-debuginfo-2.62.3-2.el8_6.1.x86_64.rpm SHA-256: 637fd9d4f7629f802bff7930378002c7280957a271916d56c21f61602abcc48a
libsoup-debugsource-2.62.3-2.el8_6.1.i686.rpm SHA-256: 3032fcca70c58e6870d8b444a73f1fdf802e79ff577744754ad20ff25e8f194f
libsoup-debugsource-2.62.3-2.el8_6.1.i686.rpm SHA-256: 3032fcca70c58e6870d8b444a73f1fdf802e79ff577744754ad20ff25e8f194f
libsoup-debugsource-2.62.3-2.el8_6.1.x86_64.rpm SHA-256: ab6656b539e68f7ff5b5079106f17d89c8ca1f826cda78386994b8670b564bc5
libsoup-debugsource-2.62.3-2.el8_6.1.x86_64.rpm SHA-256: ab6656b539e68f7ff5b5079106f17d89c8ca1f826cda78386994b8670b564bc5
libsoup-devel-2.62.3-2.el8_6.1.i686.rpm SHA-256: 7efcc66ffa871bd466729783772f5995a217dc2663ef9a11cc205cb531a053e7
libsoup-devel-2.62.3-2.el8_6.1.x86_64.rpm SHA-256: d0b95f8d8a2df5619a9e5880f6f9a6d32a9691dce154fa234e5bb821e5848c53

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.6

SRPM
libsoup-2.62.3-2.el8_6.1.src.rpm SHA-256: 1dc3440ad59a8eda50049b00cee96b5c158062d3ae6f4930010cf0935eb06d29
ppc64le
libsoup-2.62.3-2.el8_6.1.ppc64le.rpm SHA-256: 320e179e769e8241edae17f8a303b1ca3d29fe98b8b5cfaa9a94611c0924fcea
libsoup-debuginfo-2.62.3-2.el8_6.1.ppc64le.rpm SHA-256: cc86a7812b2777658d3dff0f6fa4450df96b3900874283774bd4bc2259286222
libsoup-debuginfo-2.62.3-2.el8_6.1.ppc64le.rpm SHA-256: cc86a7812b2777658d3dff0f6fa4450df96b3900874283774bd4bc2259286222
libsoup-debugsource-2.62.3-2.el8_6.1.ppc64le.rpm SHA-256: 338627a44e9d8858695402a328e5c04d7c1e40e85cf450e912722156d6e511ee
libsoup-debugsource-2.62.3-2.el8_6.1.ppc64le.rpm SHA-256: 338627a44e9d8858695402a328e5c04d7c1e40e85cf450e912722156d6e511ee
libsoup-devel-2.62.3-2.el8_6.1.ppc64le.rpm SHA-256: fbde3faa68e4ec70179a839a60e5955fb6274743a5dd456469a2c431360a3164

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.6

SRPM
libsoup-2.62.3-2.el8_6.1.src.rpm SHA-256: 1dc3440ad59a8eda50049b00cee96b5c158062d3ae6f4930010cf0935eb06d29
x86_64
libsoup-2.62.3-2.el8_6.1.i686.rpm SHA-256: 56322f98723474519827449f29cd3a60c98d277df73be56fbd8af5a8871ffae9
libsoup-2.62.3-2.el8_6.1.x86_64.rpm SHA-256: 9a468893640d8ed606ac9133caa5fef4ade6196feeab3bbb203af57b31326c2b
libsoup-debuginfo-2.62.3-2.el8_6.1.i686.rpm SHA-256: 587ed3ced6282f0dca8508a9b959c8e868280c87f9dbbf4a60ff782292b7c070
libsoup-debuginfo-2.62.3-2.el8_6.1.i686.rpm SHA-256: 587ed3ced6282f0dca8508a9b959c8e868280c87f9dbbf4a60ff782292b7c070
libsoup-debuginfo-2.62.3-2.el8_6.1.x86_64.rpm SHA-256: 637fd9d4f7629f802bff7930378002c7280957a271916d56c21f61602abcc48a
libsoup-debuginfo-2.62.3-2.el8_6.1.x86_64.rpm SHA-256: 637fd9d4f7629f802bff7930378002c7280957a271916d56c21f61602abcc48a
libsoup-debugsource-2.62.3-2.el8_6.1.i686.rpm SHA-256: 3032fcca70c58e6870d8b444a73f1fdf802e79ff577744754ad20ff25e8f194f
libsoup-debugsource-2.62.3-2.el8_6.1.i686.rpm SHA-256: 3032fcca70c58e6870d8b444a73f1fdf802e79ff577744754ad20ff25e8f194f
libsoup-debugsource-2.62.3-2.el8_6.1.x86_64.rpm SHA-256: ab6656b539e68f7ff5b5079106f17d89c8ca1f826cda78386994b8670b564bc5
libsoup-debugsource-2.62.3-2.el8_6.1.x86_64.rpm SHA-256: ab6656b539e68f7ff5b5079106f17d89c8ca1f826cda78386994b8670b564bc5
libsoup-devel-2.62.3-2.el8_6.1.i686.rpm SHA-256: 7efcc66ffa871bd466729783772f5995a217dc2663ef9a11cc205cb531a053e7
libsoup-devel-2.62.3-2.el8_6.1.x86_64.rpm SHA-256: d0b95f8d8a2df5619a9e5880f6f9a6d32a9691dce154fa234e5bb821e5848c53

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.