Issued:: 2025-05-26
Updated:: 2025-05-26

RHSA-2025:8126 - Security Advisory

Overview
Updated Packages

Synopsis

Important: libsoup security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for libsoup is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The libsoup packages provide an HTTP client and server library for GNOME.

Security Fix(es):

libsoup: Heap buffer over-read in `skip_insignificant_space` when sniffing content (CVE-2025-2784)
libsoup: Denial of Service attack to websocket server (CVE-2025-32049)
libsoup: OOB Read on libsoup through function "soup_multipart_new_from_message" in soup-multipart.c leads to crash or exit of process (CVE-2025-32914)
libsoup: Integer Underflow in soup_multipart_new_from_message() Leading to Denial of Service in libsoup (CVE-2025-4948)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux for x86_64 9 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64
Red Hat Enterprise Linux Server - AUS 9.6 x86_64
Red Hat Enterprise Linux for IBM z Systems 9 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x
Red Hat Enterprise Linux for Power, little endian 9 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le
Red Hat Enterprise Linux for ARM 64 9 aarch64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x

Fixes

BZ - 2354669 - CVE-2025-2784 libsoup: Heap buffer over-read in `skip_insignificant_space` when sniffing content
BZ - 2357066 - CVE-2025-32049 libsoup: Denial of Service attack to websocket server
BZ - 2359358 - CVE-2025-32914 libsoup: OOB Read on libsoup through function "soup_multipart_new_from_message" in soup-multipart.c leads to crash or exit of process
BZ - 2367183 - CVE-2025-4948 libsoup: Integer Underflow in soup_multipart_new_from_message() Leading to Denial of Service in libsoup

CVEs

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 9

SRPM
libsoup-2.72.0-10.el9_6.2.src.rpm	SHA-256: 206c644b09742022e04e437ce07a2602b46400b05a7ef1f86c04c843a74822b0
x86_64
libsoup-2.72.0-10.el9_6.2.i686.rpm	SHA-256: 12a26015839377b99051113d735e7a2786f7b2917d364e10776bb29734be7e40
libsoup-2.72.0-10.el9_6.2.x86_64.rpm	SHA-256: f9b3791cbc944efa8292275d0947daa039b61cb3a8c63f7a455a7faa19834f61
libsoup-debuginfo-2.72.0-10.el9_6.2.i686.rpm	SHA-256: 02fcc1cad27ee295fdd957531a09853018fb6534baa15c131a8a755a474dece0
libsoup-debuginfo-2.72.0-10.el9_6.2.x86_64.rpm	SHA-256: 34b0597c4ff9c45791d69452e2e8243cb304ac5a3b3a1a5c278f7bb5077b1030
libsoup-debugsource-2.72.0-10.el9_6.2.i686.rpm	SHA-256: b4d296c43c7db76e9b2e1433db78287e84e3095217ddcdabbfdfc138d25ffd1b
libsoup-debugsource-2.72.0-10.el9_6.2.x86_64.rpm	SHA-256: 9499a89969c78b763df9c7fc6d68cdbf9584ba47d2cf8d484b3ed35aa8ad1411
libsoup-devel-2.72.0-10.el9_6.2.i686.rpm	SHA-256: e7f89436fd387ebc5a71ffbc38f3a49c96eee02c5a8fb2b1e7be51f5eff2d1da
libsoup-devel-2.72.0-10.el9_6.2.x86_64.rpm	SHA-256: 32a34669411e5d092469a62159258775abe938e8b608dce705acf21bee851f41

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6

SRPM
libsoup-2.72.0-10.el9_6.2.src.rpm	SHA-256: 206c644b09742022e04e437ce07a2602b46400b05a7ef1f86c04c843a74822b0
x86_64
libsoup-2.72.0-10.el9_6.2.i686.rpm	SHA-256: 12a26015839377b99051113d735e7a2786f7b2917d364e10776bb29734be7e40
libsoup-2.72.0-10.el9_6.2.x86_64.rpm	SHA-256: f9b3791cbc944efa8292275d0947daa039b61cb3a8c63f7a455a7faa19834f61
libsoup-debuginfo-2.72.0-10.el9_6.2.i686.rpm	SHA-256: 02fcc1cad27ee295fdd957531a09853018fb6534baa15c131a8a755a474dece0
libsoup-debuginfo-2.72.0-10.el9_6.2.x86_64.rpm	SHA-256: 34b0597c4ff9c45791d69452e2e8243cb304ac5a3b3a1a5c278f7bb5077b1030
libsoup-debugsource-2.72.0-10.el9_6.2.i686.rpm	SHA-256: b4d296c43c7db76e9b2e1433db78287e84e3095217ddcdabbfdfc138d25ffd1b
libsoup-debugsource-2.72.0-10.el9_6.2.x86_64.rpm	SHA-256: 9499a89969c78b763df9c7fc6d68cdbf9584ba47d2cf8d484b3ed35aa8ad1411
libsoup-devel-2.72.0-10.el9_6.2.i686.rpm	SHA-256: e7f89436fd387ebc5a71ffbc38f3a49c96eee02c5a8fb2b1e7be51f5eff2d1da
libsoup-devel-2.72.0-10.el9_6.2.x86_64.rpm	SHA-256: 32a34669411e5d092469a62159258775abe938e8b608dce705acf21bee851f41

Red Hat Enterprise Linux Server - AUS 9.6

SRPM
libsoup-2.72.0-10.el9_6.2.src.rpm	SHA-256: 206c644b09742022e04e437ce07a2602b46400b05a7ef1f86c04c843a74822b0
x86_64
libsoup-2.72.0-10.el9_6.2.i686.rpm	SHA-256: 12a26015839377b99051113d735e7a2786f7b2917d364e10776bb29734be7e40
libsoup-2.72.0-10.el9_6.2.x86_64.rpm	SHA-256: f9b3791cbc944efa8292275d0947daa039b61cb3a8c63f7a455a7faa19834f61
libsoup-debuginfo-2.72.0-10.el9_6.2.i686.rpm	SHA-256: 02fcc1cad27ee295fdd957531a09853018fb6534baa15c131a8a755a474dece0
libsoup-debuginfo-2.72.0-10.el9_6.2.x86_64.rpm	SHA-256: 34b0597c4ff9c45791d69452e2e8243cb304ac5a3b3a1a5c278f7bb5077b1030
libsoup-debugsource-2.72.0-10.el9_6.2.i686.rpm	SHA-256: b4d296c43c7db76e9b2e1433db78287e84e3095217ddcdabbfdfc138d25ffd1b
libsoup-debugsource-2.72.0-10.el9_6.2.x86_64.rpm	SHA-256: 9499a89969c78b763df9c7fc6d68cdbf9584ba47d2cf8d484b3ed35aa8ad1411
libsoup-devel-2.72.0-10.el9_6.2.i686.rpm	SHA-256: e7f89436fd387ebc5a71ffbc38f3a49c96eee02c5a8fb2b1e7be51f5eff2d1da
libsoup-devel-2.72.0-10.el9_6.2.x86_64.rpm	SHA-256: 32a34669411e5d092469a62159258775abe938e8b608dce705acf21bee851f41

Red Hat Enterprise Linux for IBM z Systems 9

SRPM
libsoup-2.72.0-10.el9_6.2.src.rpm	SHA-256: 206c644b09742022e04e437ce07a2602b46400b05a7ef1f86c04c843a74822b0
s390x
libsoup-2.72.0-10.el9_6.2.s390x.rpm	SHA-256: c52584311b35d9ca420886a33af342840a75065bdb751caa522d18314a260a05
libsoup-debuginfo-2.72.0-10.el9_6.2.s390x.rpm	SHA-256: 30d013ad67067cdcd3e13b5f12bdcae19df17795dd190e7462479ce88f66982f
libsoup-debugsource-2.72.0-10.el9_6.2.s390x.rpm	SHA-256: a62c5fb8b88210d30b886551d0c77b5bf75484d0b8c5783f9a2a0cf1c1643c95
libsoup-devel-2.72.0-10.el9_6.2.s390x.rpm	SHA-256: 42b860a5492b2fe92069161c0d3511267c8f3e92f2e20ab7ef8b2a45b3063368

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6

SRPM
libsoup-2.72.0-10.el9_6.2.src.rpm	SHA-256: 206c644b09742022e04e437ce07a2602b46400b05a7ef1f86c04c843a74822b0
s390x
libsoup-2.72.0-10.el9_6.2.s390x.rpm	SHA-256: c52584311b35d9ca420886a33af342840a75065bdb751caa522d18314a260a05
libsoup-debuginfo-2.72.0-10.el9_6.2.s390x.rpm	SHA-256: 30d013ad67067cdcd3e13b5f12bdcae19df17795dd190e7462479ce88f66982f
libsoup-debugsource-2.72.0-10.el9_6.2.s390x.rpm	SHA-256: a62c5fb8b88210d30b886551d0c77b5bf75484d0b8c5783f9a2a0cf1c1643c95
libsoup-devel-2.72.0-10.el9_6.2.s390x.rpm	SHA-256: 42b860a5492b2fe92069161c0d3511267c8f3e92f2e20ab7ef8b2a45b3063368

Red Hat Enterprise Linux for Power, little endian 9

SRPM
libsoup-2.72.0-10.el9_6.2.src.rpm	SHA-256: 206c644b09742022e04e437ce07a2602b46400b05a7ef1f86c04c843a74822b0
ppc64le
libsoup-2.72.0-10.el9_6.2.ppc64le.rpm	SHA-256: 9d27743231dcd89721e57b2692c3ae130e82815fd3de208dd0f9efac6e2d9801
libsoup-debuginfo-2.72.0-10.el9_6.2.ppc64le.rpm	SHA-256: ada5a00b140c28ec4f3e6c9fd8a3d9fb9db5a08efdc77173b353a50694aef6c7
libsoup-debugsource-2.72.0-10.el9_6.2.ppc64le.rpm	SHA-256: 3850fe9bbcdadb4c6278c78cfcadda7894c7c41f96e391584204e5e717cf874c
libsoup-devel-2.72.0-10.el9_6.2.ppc64le.rpm	SHA-256: b8446879608b0b59de11890ab67b5af96434cca2257ecaeffd6796037a860652

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6

SRPM
libsoup-2.72.0-10.el9_6.2.src.rpm	SHA-256: 206c644b09742022e04e437ce07a2602b46400b05a7ef1f86c04c843a74822b0
ppc64le
libsoup-2.72.0-10.el9_6.2.ppc64le.rpm	SHA-256: 9d27743231dcd89721e57b2692c3ae130e82815fd3de208dd0f9efac6e2d9801
libsoup-debuginfo-2.72.0-10.el9_6.2.ppc64le.rpm	SHA-256: ada5a00b140c28ec4f3e6c9fd8a3d9fb9db5a08efdc77173b353a50694aef6c7
libsoup-debugsource-2.72.0-10.el9_6.2.ppc64le.rpm	SHA-256: 3850fe9bbcdadb4c6278c78cfcadda7894c7c41f96e391584204e5e717cf874c
libsoup-devel-2.72.0-10.el9_6.2.ppc64le.rpm	SHA-256: b8446879608b0b59de11890ab67b5af96434cca2257ecaeffd6796037a860652

Red Hat Enterprise Linux for ARM 64 9

SRPM
libsoup-2.72.0-10.el9_6.2.src.rpm	SHA-256: 206c644b09742022e04e437ce07a2602b46400b05a7ef1f86c04c843a74822b0
aarch64
libsoup-2.72.0-10.el9_6.2.aarch64.rpm	SHA-256: b32b8dd690b98b1a3c318b97622215caa552b68f7543596384e37811b2ab5a08
libsoup-debuginfo-2.72.0-10.el9_6.2.aarch64.rpm	SHA-256: c516eed2d520a08a670a8acce43b333fb8e93eb803caeb7d371a2275c58e65f7
libsoup-debugsource-2.72.0-10.el9_6.2.aarch64.rpm	SHA-256: 6f7cd0b279a31833cdd7304b7e4dfa78c2bc6f3ef9ceb9c8a069ffaae8fa5ad8
libsoup-devel-2.72.0-10.el9_6.2.aarch64.rpm	SHA-256: 1d5a5439a7ba69310c7f233c6c632d24e413e75f99389687589fef4b047cf820

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6

SRPM
libsoup-2.72.0-10.el9_6.2.src.rpm	SHA-256: 206c644b09742022e04e437ce07a2602b46400b05a7ef1f86c04c843a74822b0
aarch64
libsoup-2.72.0-10.el9_6.2.aarch64.rpm	SHA-256: b32b8dd690b98b1a3c318b97622215caa552b68f7543596384e37811b2ab5a08
libsoup-debuginfo-2.72.0-10.el9_6.2.aarch64.rpm	SHA-256: c516eed2d520a08a670a8acce43b333fb8e93eb803caeb7d371a2275c58e65f7
libsoup-debugsource-2.72.0-10.el9_6.2.aarch64.rpm	SHA-256: 6f7cd0b279a31833cdd7304b7e4dfa78c2bc6f3ef9ceb9c8a069ffaae8fa5ad8
libsoup-devel-2.72.0-10.el9_6.2.aarch64.rpm	SHA-256: 1d5a5439a7ba69310c7f233c6c632d24e413e75f99389687589fef4b047cf820

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6

SRPM
libsoup-2.72.0-10.el9_6.2.src.rpm	SHA-256: 206c644b09742022e04e437ce07a2602b46400b05a7ef1f86c04c843a74822b0
ppc64le
libsoup-2.72.0-10.el9_6.2.ppc64le.rpm	SHA-256: 9d27743231dcd89721e57b2692c3ae130e82815fd3de208dd0f9efac6e2d9801
libsoup-debuginfo-2.72.0-10.el9_6.2.ppc64le.rpm	SHA-256: ada5a00b140c28ec4f3e6c9fd8a3d9fb9db5a08efdc77173b353a50694aef6c7
libsoup-debugsource-2.72.0-10.el9_6.2.ppc64le.rpm	SHA-256: 3850fe9bbcdadb4c6278c78cfcadda7894c7c41f96e391584204e5e717cf874c
libsoup-devel-2.72.0-10.el9_6.2.ppc64le.rpm	SHA-256: b8446879608b0b59de11890ab67b5af96434cca2257ecaeffd6796037a860652

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6

SRPM
libsoup-2.72.0-10.el9_6.2.src.rpm	SHA-256: 206c644b09742022e04e437ce07a2602b46400b05a7ef1f86c04c843a74822b0
x86_64
libsoup-2.72.0-10.el9_6.2.i686.rpm	SHA-256: 12a26015839377b99051113d735e7a2786f7b2917d364e10776bb29734be7e40
libsoup-2.72.0-10.el9_6.2.x86_64.rpm	SHA-256: f9b3791cbc944efa8292275d0947daa039b61cb3a8c63f7a455a7faa19834f61
libsoup-debuginfo-2.72.0-10.el9_6.2.i686.rpm	SHA-256: 02fcc1cad27ee295fdd957531a09853018fb6534baa15c131a8a755a474dece0
libsoup-debuginfo-2.72.0-10.el9_6.2.x86_64.rpm	SHA-256: 34b0597c4ff9c45791d69452e2e8243cb304ac5a3b3a1a5c278f7bb5077b1030
libsoup-debugsource-2.72.0-10.el9_6.2.i686.rpm	SHA-256: b4d296c43c7db76e9b2e1433db78287e84e3095217ddcdabbfdfc138d25ffd1b
libsoup-debugsource-2.72.0-10.el9_6.2.x86_64.rpm	SHA-256: 9499a89969c78b763df9c7fc6d68cdbf9584ba47d2cf8d484b3ed35aa8ad1411
libsoup-devel-2.72.0-10.el9_6.2.i686.rpm	SHA-256: e7f89436fd387ebc5a71ffbc38f3a49c96eee02c5a8fb2b1e7be51f5eff2d1da
libsoup-devel-2.72.0-10.el9_6.2.x86_64.rpm	SHA-256: 32a34669411e5d092469a62159258775abe938e8b608dce705acf21bee851f41

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6

SRPM
libsoup-2.72.0-10.el9_6.2.src.rpm	SHA-256: 206c644b09742022e04e437ce07a2602b46400b05a7ef1f86c04c843a74822b0
aarch64
libsoup-2.72.0-10.el9_6.2.aarch64.rpm	SHA-256: b32b8dd690b98b1a3c318b97622215caa552b68f7543596384e37811b2ab5a08
libsoup-debuginfo-2.72.0-10.el9_6.2.aarch64.rpm	SHA-256: c516eed2d520a08a670a8acce43b333fb8e93eb803caeb7d371a2275c58e65f7
libsoup-debugsource-2.72.0-10.el9_6.2.aarch64.rpm	SHA-256: 6f7cd0b279a31833cdd7304b7e4dfa78c2bc6f3ef9ceb9c8a069ffaae8fa5ad8
libsoup-devel-2.72.0-10.el9_6.2.aarch64.rpm	SHA-256: 1d5a5439a7ba69310c7f233c6c632d24e413e75f99389687589fef4b047cf820

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6

SRPM
libsoup-2.72.0-10.el9_6.2.src.rpm	SHA-256: 206c644b09742022e04e437ce07a2602b46400b05a7ef1f86c04c843a74822b0
s390x
libsoup-2.72.0-10.el9_6.2.s390x.rpm	SHA-256: c52584311b35d9ca420886a33af342840a75065bdb751caa522d18314a260a05
libsoup-debuginfo-2.72.0-10.el9_6.2.s390x.rpm	SHA-256: 30d013ad67067cdcd3e13b5f12bdcae19df17795dd190e7462479ce88f66982f
libsoup-debugsource-2.72.0-10.el9_6.2.s390x.rpm	SHA-256: a62c5fb8b88210d30b886551d0c77b5bf75484d0b8c5783f9a2a0cf1c1643c95
libsoup-devel-2.72.0-10.el9_6.2.s390x.rpm	SHA-256: 42b860a5492b2fe92069161c0d3511267c8f3e92f2e20ab7ef8b2a45b3063368

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation