Issued:: 2026-01-21
Updated:: 2026-01-21

RHSA-2026:0909 - Security Advisory

Overview
Updated Packages

Synopsis

Important: libsoup security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for libsoup is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The libsoup packages provide an HTTP client and server library for GNOME.

Security Fix(es):

libsoup: libsoup: Duplicate Host Header Handling Causes Host-Parsing Discrepancy (First- vs Last-Value Wins) (CVE-2025-14523)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.4 x86_64
Red Hat Enterprise Linux Server - AUS 8.4 x86_64

Fixes

BZ - 2421349 - CVE-2025-14523 libsoup: libsoup: Duplicate Host Header Handling Causes Host-Parsing Discrepancy (First- vs Last-Value Wins)

CVEs

CVE-2025-14523

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 - Extended Update Support Extension 8.4

SRPM
libsoup-2.62.3-2.el8_4.7.src.rpm	SHA-256: 69121fc53ee250fe3ef40817ea833a08c99836b14726b017a77416675c483897
x86_64
libsoup-2.62.3-2.el8_4.7.i686.rpm	SHA-256: 2678296b6472dbcaf107c6ce8a6c82c75c2ff19e03149f0bba75b6547402c718
libsoup-2.62.3-2.el8_4.7.x86_64.rpm	SHA-256: 843e39cada61539d4655782847500cb6599b8161052a667830ddb96744a5f60b
libsoup-debuginfo-2.62.3-2.el8_4.7.i686.rpm	SHA-256: 40d3f77f2aa6235326486576f34f762e149ddccd3fc1fb9074ef76b31d5446ac
libsoup-debuginfo-2.62.3-2.el8_4.7.i686.rpm	SHA-256: 40d3f77f2aa6235326486576f34f762e149ddccd3fc1fb9074ef76b31d5446ac
libsoup-debuginfo-2.62.3-2.el8_4.7.x86_64.rpm	SHA-256: de4619a6f8be138e06d72ecaa7b833e8420ded54e91a087703011e5c03393b6a
libsoup-debuginfo-2.62.3-2.el8_4.7.x86_64.rpm	SHA-256: de4619a6f8be138e06d72ecaa7b833e8420ded54e91a087703011e5c03393b6a
libsoup-debugsource-2.62.3-2.el8_4.7.i686.rpm	SHA-256: cf3d80a3e30840e887600128b522b8ffaab2ad07d236e35d9a142f2d9ebac7fd
libsoup-debugsource-2.62.3-2.el8_4.7.i686.rpm	SHA-256: cf3d80a3e30840e887600128b522b8ffaab2ad07d236e35d9a142f2d9ebac7fd
libsoup-debugsource-2.62.3-2.el8_4.7.x86_64.rpm	SHA-256: dffdcf827c3ccb7e479724a72bba96a5bc1c9a9b526c663eb9e01216f5cbcb78
libsoup-debugsource-2.62.3-2.el8_4.7.x86_64.rpm	SHA-256: dffdcf827c3ccb7e479724a72bba96a5bc1c9a9b526c663eb9e01216f5cbcb78
libsoup-devel-2.62.3-2.el8_4.7.i686.rpm	SHA-256: 9dfe123a18ae0c58500d6af3f9bb5804ce99bc47d8ecb60c7f285884dedb74fb
libsoup-devel-2.62.3-2.el8_4.7.x86_64.rpm	SHA-256: e2122554c96d33d5c7eca79b39950aa6abb2a6a5316e0abc91c6921c0ed1bb36

Red Hat Enterprise Linux Server - AUS 8.4

SRPM
libsoup-2.62.3-2.el8_4.7.src.rpm	SHA-256: 69121fc53ee250fe3ef40817ea833a08c99836b14726b017a77416675c483897
x86_64
libsoup-2.62.3-2.el8_4.7.i686.rpm	SHA-256: 2678296b6472dbcaf107c6ce8a6c82c75c2ff19e03149f0bba75b6547402c718
libsoup-2.62.3-2.el8_4.7.x86_64.rpm	SHA-256: 843e39cada61539d4655782847500cb6599b8161052a667830ddb96744a5f60b
libsoup-debuginfo-2.62.3-2.el8_4.7.i686.rpm	SHA-256: 40d3f77f2aa6235326486576f34f762e149ddccd3fc1fb9074ef76b31d5446ac
libsoup-debuginfo-2.62.3-2.el8_4.7.i686.rpm	SHA-256: 40d3f77f2aa6235326486576f34f762e149ddccd3fc1fb9074ef76b31d5446ac
libsoup-debuginfo-2.62.3-2.el8_4.7.x86_64.rpm	SHA-256: de4619a6f8be138e06d72ecaa7b833e8420ded54e91a087703011e5c03393b6a
libsoup-debuginfo-2.62.3-2.el8_4.7.x86_64.rpm	SHA-256: de4619a6f8be138e06d72ecaa7b833e8420ded54e91a087703011e5c03393b6a
libsoup-debugsource-2.62.3-2.el8_4.7.i686.rpm	SHA-256: cf3d80a3e30840e887600128b522b8ffaab2ad07d236e35d9a142f2d9ebac7fd
libsoup-debugsource-2.62.3-2.el8_4.7.i686.rpm	SHA-256: cf3d80a3e30840e887600128b522b8ffaab2ad07d236e35d9a142f2d9ebac7fd
libsoup-debugsource-2.62.3-2.el8_4.7.x86_64.rpm	SHA-256: dffdcf827c3ccb7e479724a72bba96a5bc1c9a9b526c663eb9e01216f5cbcb78
libsoup-debugsource-2.62.3-2.el8_4.7.x86_64.rpm	SHA-256: dffdcf827c3ccb7e479724a72bba96a5bc1c9a9b526c663eb9e01216f5cbcb78
libsoup-devel-2.62.3-2.el8_4.7.i686.rpm	SHA-256: 9dfe123a18ae0c58500d6af3f9bb5804ce99bc47d8ecb60c7f285884dedb74fb
libsoup-devel-2.62.3-2.el8_4.7.x86_64.rpm	SHA-256: e2122554c96d33d5c7eca79b39950aa6abb2a6a5316e0abc91c6921c0ed1bb36

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation