Red Hat Product Errata RHSA-2024:9566 - Security Advisory
Issued:
2024-11-13
Updated:
2024-11-13

RHSA-2024:9566 - Security Advisory

Synopsis

Important: libsoup security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for libsoup is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The libsoup packages provide an HTTP client and server library for GNOME.

Security Fix(es):

  • libsoup: HTTP request smuggling via stripping null bytes from the ends of header names (CVE-2024-52530)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.4 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.4 x86_64
  • Red Hat Enterprise Linux Server - TUS 8.4 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.4 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.4 x86_64

Fixes

  • BZ - 2325284 - CVE-2024-52530 libsoup: HTTP request smuggling via stripping null bytes from the ends of header names

Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.4

SRPM
libsoup-2.62.3-2.el8_4.1.src.rpm SHA-256: 273d790cd871429a34f00512d5c921b6f9694af4ec589734f2e0335aca485171
x86_64
libsoup-2.62.3-2.el8_4.1.i686.rpm SHA-256: 69af303b2a8e84e606ab25d4f0a9abc1b31c0c91476b0e63043976cb5d6c750f
libsoup-2.62.3-2.el8_4.1.x86_64.rpm SHA-256: f4d628fd59f9f81a7628373ceee1614c1a47d681a352b49d3be3c9ef88c81fec
libsoup-debuginfo-2.62.3-2.el8_4.1.i686.rpm SHA-256: 062edeb93256b01d5254ab611ab115573f9cc8876bfa2200dd294d7a655056b7
libsoup-debuginfo-2.62.3-2.el8_4.1.i686.rpm SHA-256: 062edeb93256b01d5254ab611ab115573f9cc8876bfa2200dd294d7a655056b7
libsoup-debuginfo-2.62.3-2.el8_4.1.x86_64.rpm SHA-256: 4d4df276276de87453134d12f801fc2cba0f2cc5e60fba0ea1f047bcc33ec099
libsoup-debuginfo-2.62.3-2.el8_4.1.x86_64.rpm SHA-256: 4d4df276276de87453134d12f801fc2cba0f2cc5e60fba0ea1f047bcc33ec099
libsoup-debugsource-2.62.3-2.el8_4.1.i686.rpm SHA-256: 31f57c7592647905d71c8e8f4c7b0105f76bc08e42d4b582185fe2752815fd28
libsoup-debugsource-2.62.3-2.el8_4.1.i686.rpm SHA-256: 31f57c7592647905d71c8e8f4c7b0105f76bc08e42d4b582185fe2752815fd28
libsoup-debugsource-2.62.3-2.el8_4.1.x86_64.rpm SHA-256: 8443138b07d83183723074cd9eb033deb66af8fe3f983e623ebb7e9fc62a987b
libsoup-debugsource-2.62.3-2.el8_4.1.x86_64.rpm SHA-256: 8443138b07d83183723074cd9eb033deb66af8fe3f983e623ebb7e9fc62a987b
libsoup-devel-2.62.3-2.el8_4.1.i686.rpm SHA-256: abe2502c2a7beb6f2ef0ec7c6e48c2793b8b7f1be79251feea2e9d6a7f6a3584
libsoup-devel-2.62.3-2.el8_4.1.x86_64.rpm SHA-256: 5aaaf20218d9e53e223abe1c1a9af884d9521f7c0a88b3664613d4226fcc927a

Red Hat Enterprise Linux Server - AUS 8.4

SRPM
libsoup-2.62.3-2.el8_4.1.src.rpm SHA-256: 273d790cd871429a34f00512d5c921b6f9694af4ec589734f2e0335aca485171
x86_64
libsoup-2.62.3-2.el8_4.1.i686.rpm SHA-256: 69af303b2a8e84e606ab25d4f0a9abc1b31c0c91476b0e63043976cb5d6c750f
libsoup-2.62.3-2.el8_4.1.x86_64.rpm SHA-256: f4d628fd59f9f81a7628373ceee1614c1a47d681a352b49d3be3c9ef88c81fec
libsoup-debuginfo-2.62.3-2.el8_4.1.i686.rpm SHA-256: 062edeb93256b01d5254ab611ab115573f9cc8876bfa2200dd294d7a655056b7
libsoup-debuginfo-2.62.3-2.el8_4.1.i686.rpm SHA-256: 062edeb93256b01d5254ab611ab115573f9cc8876bfa2200dd294d7a655056b7
libsoup-debuginfo-2.62.3-2.el8_4.1.x86_64.rpm SHA-256: 4d4df276276de87453134d12f801fc2cba0f2cc5e60fba0ea1f047bcc33ec099
libsoup-debuginfo-2.62.3-2.el8_4.1.x86_64.rpm SHA-256: 4d4df276276de87453134d12f801fc2cba0f2cc5e60fba0ea1f047bcc33ec099
libsoup-debugsource-2.62.3-2.el8_4.1.i686.rpm SHA-256: 31f57c7592647905d71c8e8f4c7b0105f76bc08e42d4b582185fe2752815fd28
libsoup-debugsource-2.62.3-2.el8_4.1.i686.rpm SHA-256: 31f57c7592647905d71c8e8f4c7b0105f76bc08e42d4b582185fe2752815fd28
libsoup-debugsource-2.62.3-2.el8_4.1.x86_64.rpm SHA-256: 8443138b07d83183723074cd9eb033deb66af8fe3f983e623ebb7e9fc62a987b
libsoup-debugsource-2.62.3-2.el8_4.1.x86_64.rpm SHA-256: 8443138b07d83183723074cd9eb033deb66af8fe3f983e623ebb7e9fc62a987b
libsoup-devel-2.62.3-2.el8_4.1.i686.rpm SHA-256: abe2502c2a7beb6f2ef0ec7c6e48c2793b8b7f1be79251feea2e9d6a7f6a3584
libsoup-devel-2.62.3-2.el8_4.1.x86_64.rpm SHA-256: 5aaaf20218d9e53e223abe1c1a9af884d9521f7c0a88b3664613d4226fcc927a

Red Hat Enterprise Linux Server - TUS 8.4

SRPM
libsoup-2.62.3-2.el8_4.1.src.rpm SHA-256: 273d790cd871429a34f00512d5c921b6f9694af4ec589734f2e0335aca485171
x86_64
libsoup-2.62.3-2.el8_4.1.i686.rpm SHA-256: 69af303b2a8e84e606ab25d4f0a9abc1b31c0c91476b0e63043976cb5d6c750f
libsoup-2.62.3-2.el8_4.1.x86_64.rpm SHA-256: f4d628fd59f9f81a7628373ceee1614c1a47d681a352b49d3be3c9ef88c81fec
libsoup-debuginfo-2.62.3-2.el8_4.1.i686.rpm SHA-256: 062edeb93256b01d5254ab611ab115573f9cc8876bfa2200dd294d7a655056b7
libsoup-debuginfo-2.62.3-2.el8_4.1.i686.rpm SHA-256: 062edeb93256b01d5254ab611ab115573f9cc8876bfa2200dd294d7a655056b7
libsoup-debuginfo-2.62.3-2.el8_4.1.x86_64.rpm SHA-256: 4d4df276276de87453134d12f801fc2cba0f2cc5e60fba0ea1f047bcc33ec099
libsoup-debuginfo-2.62.3-2.el8_4.1.x86_64.rpm SHA-256: 4d4df276276de87453134d12f801fc2cba0f2cc5e60fba0ea1f047bcc33ec099
libsoup-debugsource-2.62.3-2.el8_4.1.i686.rpm SHA-256: 31f57c7592647905d71c8e8f4c7b0105f76bc08e42d4b582185fe2752815fd28
libsoup-debugsource-2.62.3-2.el8_4.1.i686.rpm SHA-256: 31f57c7592647905d71c8e8f4c7b0105f76bc08e42d4b582185fe2752815fd28
libsoup-debugsource-2.62.3-2.el8_4.1.x86_64.rpm SHA-256: 8443138b07d83183723074cd9eb033deb66af8fe3f983e623ebb7e9fc62a987b
libsoup-debugsource-2.62.3-2.el8_4.1.x86_64.rpm SHA-256: 8443138b07d83183723074cd9eb033deb66af8fe3f983e623ebb7e9fc62a987b
libsoup-devel-2.62.3-2.el8_4.1.i686.rpm SHA-256: abe2502c2a7beb6f2ef0ec7c6e48c2793b8b7f1be79251feea2e9d6a7f6a3584
libsoup-devel-2.62.3-2.el8_4.1.x86_64.rpm SHA-256: 5aaaf20218d9e53e223abe1c1a9af884d9521f7c0a88b3664613d4226fcc927a

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.4

SRPM
libsoup-2.62.3-2.el8_4.1.src.rpm SHA-256: 273d790cd871429a34f00512d5c921b6f9694af4ec589734f2e0335aca485171
ppc64le
libsoup-2.62.3-2.el8_4.1.ppc64le.rpm SHA-256: b26876729f16c2b59923a5e7ed88d0a74bdd78229062a4a575543ea9a4b15a98
libsoup-debuginfo-2.62.3-2.el8_4.1.ppc64le.rpm SHA-256: 90c6792da7d227111dc17761be9fd03d11c00d0cec8312f600b2c7a433443a45
libsoup-debuginfo-2.62.3-2.el8_4.1.ppc64le.rpm SHA-256: 90c6792da7d227111dc17761be9fd03d11c00d0cec8312f600b2c7a433443a45
libsoup-debugsource-2.62.3-2.el8_4.1.ppc64le.rpm SHA-256: fd0b15f7af5005cfa602f3ddf0f747e9c311b40c48650a3b970c43f4d5937eb6
libsoup-debugsource-2.62.3-2.el8_4.1.ppc64le.rpm SHA-256: fd0b15f7af5005cfa602f3ddf0f747e9c311b40c48650a3b970c43f4d5937eb6
libsoup-devel-2.62.3-2.el8_4.1.ppc64le.rpm SHA-256: 4a093504fb47eb962ef456c33e40a217d2c0cac340ef36f485ed21650f06ae46

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.4

SRPM
libsoup-2.62.3-2.el8_4.1.src.rpm SHA-256: 273d790cd871429a34f00512d5c921b6f9694af4ec589734f2e0335aca485171
x86_64
libsoup-2.62.3-2.el8_4.1.i686.rpm SHA-256: 69af303b2a8e84e606ab25d4f0a9abc1b31c0c91476b0e63043976cb5d6c750f
libsoup-2.62.3-2.el8_4.1.x86_64.rpm SHA-256: f4d628fd59f9f81a7628373ceee1614c1a47d681a352b49d3be3c9ef88c81fec
libsoup-debuginfo-2.62.3-2.el8_4.1.i686.rpm SHA-256: 062edeb93256b01d5254ab611ab115573f9cc8876bfa2200dd294d7a655056b7
libsoup-debuginfo-2.62.3-2.el8_4.1.i686.rpm SHA-256: 062edeb93256b01d5254ab611ab115573f9cc8876bfa2200dd294d7a655056b7
libsoup-debuginfo-2.62.3-2.el8_4.1.x86_64.rpm SHA-256: 4d4df276276de87453134d12f801fc2cba0f2cc5e60fba0ea1f047bcc33ec099
libsoup-debuginfo-2.62.3-2.el8_4.1.x86_64.rpm SHA-256: 4d4df276276de87453134d12f801fc2cba0f2cc5e60fba0ea1f047bcc33ec099
libsoup-debugsource-2.62.3-2.el8_4.1.i686.rpm SHA-256: 31f57c7592647905d71c8e8f4c7b0105f76bc08e42d4b582185fe2752815fd28
libsoup-debugsource-2.62.3-2.el8_4.1.i686.rpm SHA-256: 31f57c7592647905d71c8e8f4c7b0105f76bc08e42d4b582185fe2752815fd28
libsoup-debugsource-2.62.3-2.el8_4.1.x86_64.rpm SHA-256: 8443138b07d83183723074cd9eb033deb66af8fe3f983e623ebb7e9fc62a987b
libsoup-debugsource-2.62.3-2.el8_4.1.x86_64.rpm SHA-256: 8443138b07d83183723074cd9eb033deb66af8fe3f983e623ebb7e9fc62a987b
libsoup-devel-2.62.3-2.el8_4.1.i686.rpm SHA-256: abe2502c2a7beb6f2ef0ec7c6e48c2793b8b7f1be79251feea2e9d6a7f6a3584
libsoup-devel-2.62.3-2.el8_4.1.x86_64.rpm SHA-256: 5aaaf20218d9e53e223abe1c1a9af884d9521f7c0a88b3664613d4226fcc927a

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.