Issued:: 2025-11-25
Updated:: 2025-11-25

RHSA-2025:22013 - Security Advisory

Overview
Updated Packages

Synopsis

Important: libsoup security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for libsoup is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The libsoup packages provide an HTTP client and server library for GNOME.

Security Fix(es):

libsoup: Integer Overflow in Cookie Expiration Date Handling in libsoup (CVE-2025-4945)
libsoup: Out-of-Bounds Read in Cookie Date Handling of libsoup HTTP Library (CVE-2025-11021)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux Server - AUS 8.2 x86_64

Fixes

BZ - 2367175 - CVE-2025-4945 libsoup: Integer Overflow in Cookie Expiration Date Handling in libsoup
BZ - 2399627 - CVE-2025-11021 libsoup: Out-of-Bounds Read in Cookie Date Handling of libsoup HTTP Library

CVEs

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - AUS 8.2

SRPM
libsoup-2.62.3-1.el8_2.6.src.rpm	SHA-256: 06bf9efd2bcf9ef15a52364627cbd3f63301597fff65df2a1d87efb19f2985bc
x86_64
libsoup-2.62.3-1.el8_2.6.i686.rpm	SHA-256: 112fae9f283ece728385e39506ddcc8ac36383977f29b7c802f8f67c1348cda3
libsoup-2.62.3-1.el8_2.6.x86_64.rpm	SHA-256: 5df16d07e85844c4ad7606acaf947e43633131a9672eca52ac43ad6594933843
libsoup-debuginfo-2.62.3-1.el8_2.6.i686.rpm	SHA-256: 5421562fcf7a9f53e8f71e3697d0f62625143098ebf68eee328d957726f2a117
libsoup-debuginfo-2.62.3-1.el8_2.6.i686.rpm	SHA-256: 5421562fcf7a9f53e8f71e3697d0f62625143098ebf68eee328d957726f2a117
libsoup-debuginfo-2.62.3-1.el8_2.6.x86_64.rpm	SHA-256: 2e982106fbaf9a2990b44a3f8b6e3b559d4e77ce28e36b495978cae5714973b0
libsoup-debuginfo-2.62.3-1.el8_2.6.x86_64.rpm	SHA-256: 2e982106fbaf9a2990b44a3f8b6e3b559d4e77ce28e36b495978cae5714973b0
libsoup-debugsource-2.62.3-1.el8_2.6.i686.rpm	SHA-256: 431f20409fe8ee6a8b48b73591748b1798105ca25ddf453543f5c4dd0e056568
libsoup-debugsource-2.62.3-1.el8_2.6.i686.rpm	SHA-256: 431f20409fe8ee6a8b48b73591748b1798105ca25ddf453543f5c4dd0e056568
libsoup-debugsource-2.62.3-1.el8_2.6.x86_64.rpm	SHA-256: 114a4e7b38510c062cfc4ac602ed2345a84af35a7e725c7b3377a0a16ffc8fd2
libsoup-debugsource-2.62.3-1.el8_2.6.x86_64.rpm	SHA-256: 114a4e7b38510c062cfc4ac602ed2345a84af35a7e725c7b3377a0a16ffc8fd2
libsoup-devel-2.62.3-1.el8_2.6.i686.rpm	SHA-256: 3d336250a67d0e7b3c5761b4d967c15af43729b9c80404662d5019854e783af1
libsoup-devel-2.62.3-1.el8_2.6.x86_64.rpm	SHA-256: a8786e144f9d8e979b072cf7f29be845f6402d500159d4af100979523b6260d7

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation