Issued:: 2026-02-10
Updated:: 2026-02-10

RHSA-2026:2396 - Security Advisory

Overview
Updated Packages

Synopsis

Important: libsoup security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for libsoup is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The libsoup packages provide an HTTP client and server library for GNOME.

Security Fix(es):

libsoup: Signed to Unsigned Conversion Error Leading to Stack-Based Buffer Overflow in libsoup NTLM Authentication (CVE-2026-0719)
libsoup: Stack-Based Buffer Overflow in libsoup Multipart Response Parsingmultipart HTTP response (CVE-2026-1761)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux Server - AUS 8.2 x86_64

Fixes

BZ - 2427906 - CVE-2026-0719 libsoup: Signed to Unsigned Conversion Error Leading to Stack-Based Buffer Overflow in libsoup NTLM Authentication
BZ - 2435961 - CVE-2026-1761 libsoup: Stack-Based Buffer Overflow in libsoup Multipart Response Parsingmultipart HTTP response

CVEs

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - AUS 8.2

SRPM
libsoup-2.62.3-1.el8_2.8.src.rpm	SHA-256: da5f9087f5214d20970b76a6779c2731bb32c6dd7aeabd3a788fcb9ab9b3c83e
x86_64
libsoup-2.62.3-1.el8_2.8.i686.rpm	SHA-256: 13b2ca4890221f34916fc5c93b44bbebe4e2049c6b68929fb9e276f82985cd22
libsoup-2.62.3-1.el8_2.8.x86_64.rpm	SHA-256: 47008f21f1dc6ce2bb9486791e3302d604e903512e3d929eb60764c4073a1a3b
libsoup-debuginfo-2.62.3-1.el8_2.8.i686.rpm	SHA-256: 43df98dc9c663859aacf85a8eb33dad40782a83ba6b5107df8d6b8aad3127eb3
libsoup-debuginfo-2.62.3-1.el8_2.8.i686.rpm	SHA-256: 43df98dc9c663859aacf85a8eb33dad40782a83ba6b5107df8d6b8aad3127eb3
libsoup-debuginfo-2.62.3-1.el8_2.8.x86_64.rpm	SHA-256: 24efcca4671d03c228b0612e0819091e94fc10275baf6b247451989bb423b6c1
libsoup-debuginfo-2.62.3-1.el8_2.8.x86_64.rpm	SHA-256: 24efcca4671d03c228b0612e0819091e94fc10275baf6b247451989bb423b6c1
libsoup-debugsource-2.62.3-1.el8_2.8.i686.rpm	SHA-256: aa6f8312ae8022211929d83a35ce2a875a2ebf2200889addeb8a998afb2cd88d
libsoup-debugsource-2.62.3-1.el8_2.8.i686.rpm	SHA-256: aa6f8312ae8022211929d83a35ce2a875a2ebf2200889addeb8a998afb2cd88d
libsoup-debugsource-2.62.3-1.el8_2.8.x86_64.rpm	SHA-256: cf491455f994e9beeb8febd7b17c410891553a54378785d7ee7e154a0ae6ff27
libsoup-debugsource-2.62.3-1.el8_2.8.x86_64.rpm	SHA-256: cf491455f994e9beeb8febd7b17c410891553a54378785d7ee7e154a0ae6ff27
libsoup-devel-2.62.3-1.el8_2.8.i686.rpm	SHA-256: f04c10c7a83da6b3a18bd6990de415ee1db74ee361967d4451e0f53081ed823d
libsoup-devel-2.62.3-1.el8_2.8.x86_64.rpm	SHA-256: 150120cba3115813aa3e66f47198b4654fb3ab94af98ffde4b25e119bfd13956

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation