Red Hat Product Errata RHSA-2025:0848 - Security Advisory
Issued:
2025-01-30
Updated:
2025-01-30

RHSA-2025:0848 - Security Advisory

Synopsis

Important: libsoup security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for libsoup is now available for Red Hat Enterprise Linux 9.4 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The libsoup packages provide an HTTP client and server library for GNOME.

Security Fix(es):

  • libsoup: buffer overflow via UTF-8 conversion in soup_header_parse_param_list_strict (CVE-2024-52531)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 x86_64
  • Red Hat Enterprise Linux Server - AUS 9.4 x86_64
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4 s390x
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4 ppc64le
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 x86_64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4 s390x

Fixes

  • BZ - 2325277 - CVE-2024-52531 libsoup: buffer overflow via UTF-8 conversion in soup_header_parse_param_list_strict

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4

SRPM
libsoup-2.72.0-8.el9_4.3.src.rpm SHA-256: c2c9b4e6da885322475c9ef3ad5e6040198a46f8d53929854c5ea359d8dcee65
x86_64
libsoup-2.72.0-8.el9_4.3.i686.rpm SHA-256: af81daee346a8be2c89e660a0f67ae124f94343b001a571bef27523ab9cac6e1
libsoup-2.72.0-8.el9_4.3.x86_64.rpm SHA-256: 7e14d4c98077af03eb14b781ea2b581fa1d33aca17abfca90a3cc70b037c3d35
libsoup-debuginfo-2.72.0-8.el9_4.3.i686.rpm SHA-256: 907a40938cb6a2d5b198c8cab8bfb54443218360abe288ea25c52d937e063cf3
libsoup-debuginfo-2.72.0-8.el9_4.3.x86_64.rpm SHA-256: 26f58f1344215a1faa8420978439454b095e2852795c50711521229a1965a78e
libsoup-debugsource-2.72.0-8.el9_4.3.i686.rpm SHA-256: 2da63fcc4ce522f0bf043d12315101387f835a9d0f833cd0c776086d5b9e125f
libsoup-debugsource-2.72.0-8.el9_4.3.x86_64.rpm SHA-256: cb4e61a94b7910596ce583835f13cec86b40e54101dacaa63351dfdce271e008
libsoup-devel-2.72.0-8.el9_4.3.i686.rpm SHA-256: f3a67916837d9b2e71ade715b06fd4b6aabcba8d118e31c660a5d8b1790c40f6
libsoup-devel-2.72.0-8.el9_4.3.x86_64.rpm SHA-256: 188ddbe380a9c703052e1726dad695544a603a629d8088056be5469607935b66

Red Hat Enterprise Linux Server - AUS 9.4

SRPM
libsoup-2.72.0-8.el9_4.3.src.rpm SHA-256: c2c9b4e6da885322475c9ef3ad5e6040198a46f8d53929854c5ea359d8dcee65
x86_64
libsoup-2.72.0-8.el9_4.3.i686.rpm SHA-256: af81daee346a8be2c89e660a0f67ae124f94343b001a571bef27523ab9cac6e1
libsoup-2.72.0-8.el9_4.3.x86_64.rpm SHA-256: 7e14d4c98077af03eb14b781ea2b581fa1d33aca17abfca90a3cc70b037c3d35
libsoup-debuginfo-2.72.0-8.el9_4.3.i686.rpm SHA-256: 907a40938cb6a2d5b198c8cab8bfb54443218360abe288ea25c52d937e063cf3
libsoup-debuginfo-2.72.0-8.el9_4.3.x86_64.rpm SHA-256: 26f58f1344215a1faa8420978439454b095e2852795c50711521229a1965a78e
libsoup-debugsource-2.72.0-8.el9_4.3.i686.rpm SHA-256: 2da63fcc4ce522f0bf043d12315101387f835a9d0f833cd0c776086d5b9e125f
libsoup-debugsource-2.72.0-8.el9_4.3.x86_64.rpm SHA-256: cb4e61a94b7910596ce583835f13cec86b40e54101dacaa63351dfdce271e008
libsoup-devel-2.72.0-8.el9_4.3.i686.rpm SHA-256: f3a67916837d9b2e71ade715b06fd4b6aabcba8d118e31c660a5d8b1790c40f6
libsoup-devel-2.72.0-8.el9_4.3.x86_64.rpm SHA-256: 188ddbe380a9c703052e1726dad695544a603a629d8088056be5469607935b66

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4

SRPM
libsoup-2.72.0-8.el9_4.3.src.rpm SHA-256: c2c9b4e6da885322475c9ef3ad5e6040198a46f8d53929854c5ea359d8dcee65
s390x
libsoup-2.72.0-8.el9_4.3.s390x.rpm SHA-256: 5550bacf2a52e2f1cc70b2e97ae2f6e6a68773e2daa0ad9bed7ecef012d67ea7
libsoup-debuginfo-2.72.0-8.el9_4.3.s390x.rpm SHA-256: 6f27c48a2a5a158cacf04a600c57e9d85e95d4571b6f459974ce062d1c78ffa1
libsoup-debugsource-2.72.0-8.el9_4.3.s390x.rpm SHA-256: 644437c37f3e4d5ddfad7d308d219886fc26373effef613e46d94bb59a6e736c
libsoup-devel-2.72.0-8.el9_4.3.s390x.rpm SHA-256: fe41511027acd61e5807c20beedf150a2f929cb2d233484fb9b94ac873ca3d5e

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4

SRPM
libsoup-2.72.0-8.el9_4.3.src.rpm SHA-256: c2c9b4e6da885322475c9ef3ad5e6040198a46f8d53929854c5ea359d8dcee65
ppc64le
libsoup-2.72.0-8.el9_4.3.ppc64le.rpm SHA-256: 939bbb7421b2a0edfe5efef908a1232f1739f67f3917850ff8e61043465f098c
libsoup-debuginfo-2.72.0-8.el9_4.3.ppc64le.rpm SHA-256: 01c92190c12ce00e1c0cc4bd5d9d7a98daeff813c7c9964d429467e49c0a8755
libsoup-debugsource-2.72.0-8.el9_4.3.ppc64le.rpm SHA-256: da863c9d7c12cd71a22fbce06aedcdb4bb8b85ea22061fff5e6d77953478a802
libsoup-devel-2.72.0-8.el9_4.3.ppc64le.rpm SHA-256: f04af363d520e495b21f7a879f9e85d381482e1b47c4d94d22db2daf9d1e76f4

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4

SRPM
libsoup-2.72.0-8.el9_4.3.src.rpm SHA-256: c2c9b4e6da885322475c9ef3ad5e6040198a46f8d53929854c5ea359d8dcee65
aarch64
libsoup-2.72.0-8.el9_4.3.aarch64.rpm SHA-256: 031498bcefaca926baa17bcf1532236b0df36bf970c932749fd94b23a90ad862
libsoup-debuginfo-2.72.0-8.el9_4.3.aarch64.rpm SHA-256: 845a554147b7ef69fd2c7c248ef434091d4f36380dcf69365798bc1261f05b36
libsoup-debugsource-2.72.0-8.el9_4.3.aarch64.rpm SHA-256: 900f38b983f995fd6c770042616e1adb03f7fb79160efe3a5aac55c1dd0e6013
libsoup-devel-2.72.0-8.el9_4.3.aarch64.rpm SHA-256: 67476aaa329c56238f544c4d8e2de38922c74980668f0cdeaae6779cb452e37b

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4

SRPM
libsoup-2.72.0-8.el9_4.3.src.rpm SHA-256: c2c9b4e6da885322475c9ef3ad5e6040198a46f8d53929854c5ea359d8dcee65
ppc64le
libsoup-2.72.0-8.el9_4.3.ppc64le.rpm SHA-256: 939bbb7421b2a0edfe5efef908a1232f1739f67f3917850ff8e61043465f098c
libsoup-debuginfo-2.72.0-8.el9_4.3.ppc64le.rpm SHA-256: 01c92190c12ce00e1c0cc4bd5d9d7a98daeff813c7c9964d429467e49c0a8755
libsoup-debugsource-2.72.0-8.el9_4.3.ppc64le.rpm SHA-256: da863c9d7c12cd71a22fbce06aedcdb4bb8b85ea22061fff5e6d77953478a802
libsoup-devel-2.72.0-8.el9_4.3.ppc64le.rpm SHA-256: f04af363d520e495b21f7a879f9e85d381482e1b47c4d94d22db2daf9d1e76f4

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4

SRPM
libsoup-2.72.0-8.el9_4.3.src.rpm SHA-256: c2c9b4e6da885322475c9ef3ad5e6040198a46f8d53929854c5ea359d8dcee65
x86_64
libsoup-2.72.0-8.el9_4.3.i686.rpm SHA-256: af81daee346a8be2c89e660a0f67ae124f94343b001a571bef27523ab9cac6e1
libsoup-2.72.0-8.el9_4.3.x86_64.rpm SHA-256: 7e14d4c98077af03eb14b781ea2b581fa1d33aca17abfca90a3cc70b037c3d35
libsoup-debuginfo-2.72.0-8.el9_4.3.i686.rpm SHA-256: 907a40938cb6a2d5b198c8cab8bfb54443218360abe288ea25c52d937e063cf3
libsoup-debuginfo-2.72.0-8.el9_4.3.x86_64.rpm SHA-256: 26f58f1344215a1faa8420978439454b095e2852795c50711521229a1965a78e
libsoup-debugsource-2.72.0-8.el9_4.3.i686.rpm SHA-256: 2da63fcc4ce522f0bf043d12315101387f835a9d0f833cd0c776086d5b9e125f
libsoup-debugsource-2.72.0-8.el9_4.3.x86_64.rpm SHA-256: cb4e61a94b7910596ce583835f13cec86b40e54101dacaa63351dfdce271e008
libsoup-devel-2.72.0-8.el9_4.3.i686.rpm SHA-256: f3a67916837d9b2e71ade715b06fd4b6aabcba8d118e31c660a5d8b1790c40f6
libsoup-devel-2.72.0-8.el9_4.3.x86_64.rpm SHA-256: 188ddbe380a9c703052e1726dad695544a603a629d8088056be5469607935b66

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4

SRPM
libsoup-2.72.0-8.el9_4.3.src.rpm SHA-256: c2c9b4e6da885322475c9ef3ad5e6040198a46f8d53929854c5ea359d8dcee65
aarch64
libsoup-2.72.0-8.el9_4.3.aarch64.rpm SHA-256: 031498bcefaca926baa17bcf1532236b0df36bf970c932749fd94b23a90ad862
libsoup-debuginfo-2.72.0-8.el9_4.3.aarch64.rpm SHA-256: 845a554147b7ef69fd2c7c248ef434091d4f36380dcf69365798bc1261f05b36
libsoup-debugsource-2.72.0-8.el9_4.3.aarch64.rpm SHA-256: 900f38b983f995fd6c770042616e1adb03f7fb79160efe3a5aac55c1dd0e6013
libsoup-devel-2.72.0-8.el9_4.3.aarch64.rpm SHA-256: 67476aaa329c56238f544c4d8e2de38922c74980668f0cdeaae6779cb452e37b

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4

SRPM
libsoup-2.72.0-8.el9_4.3.src.rpm SHA-256: c2c9b4e6da885322475c9ef3ad5e6040198a46f8d53929854c5ea359d8dcee65
s390x
libsoup-2.72.0-8.el9_4.3.s390x.rpm SHA-256: 5550bacf2a52e2f1cc70b2e97ae2f6e6a68773e2daa0ad9bed7ecef012d67ea7
libsoup-debuginfo-2.72.0-8.el9_4.3.s390x.rpm SHA-256: 6f27c48a2a5a158cacf04a600c57e9d85e95d4571b6f459974ce062d1c78ffa1
libsoup-debugsource-2.72.0-8.el9_4.3.s390x.rpm SHA-256: 644437c37f3e4d5ddfad7d308d219886fc26373effef613e46d94bb59a6e736c
libsoup-devel-2.72.0-8.el9_4.3.s390x.rpm SHA-256: fe41511027acd61e5807c20beedf150a2f929cb2d233484fb9b94ac873ca3d5e

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.