Описание
Security update for libsoup
This update for libsoup fixes the following issues:
- CVE-2025-11021: Ignored invalid date when processing cookies to prevent out-of-bounds read (bsc#1250562).
Список пакетов
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS
libsoup-3_0-0-3.0.4-150400.3.18.1
libsoup-devel-3.0.4-150400.3.18.1
libsoup-lang-3.0.4-150400.3.18.1
typelib-1_0-Soup-3_0-3.0.4-150400.3.18.1
SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS
libsoup-3_0-0-3.0.4-150400.3.18.1
libsoup-devel-3.0.4-150400.3.18.1
libsoup-lang-3.0.4-150400.3.18.1
typelib-1_0-Soup-3_0-3.0.4-150400.3.18.1
SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS
libsoup-3_0-0-3.0.4-150400.3.18.1
libsoup-devel-3.0.4-150400.3.18.1
libsoup-lang-3.0.4-150400.3.18.1
typelib-1_0-Soup-3_0-3.0.4-150400.3.18.1
SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS
libsoup-3_0-0-3.0.4-150400.3.18.1
libsoup-devel-3.0.4-150400.3.18.1
libsoup-lang-3.0.4-150400.3.18.1
typelib-1_0-Soup-3_0-3.0.4-150400.3.18.1
SUSE Linux Enterprise Server 15 SP4-LTSS
libsoup-3_0-0-3.0.4-150400.3.18.1
libsoup-devel-3.0.4-150400.3.18.1
libsoup-lang-3.0.4-150400.3.18.1
typelib-1_0-Soup-3_0-3.0.4-150400.3.18.1
SUSE Linux Enterprise Server 15 SP5-LTSS
libsoup-3_0-0-3.0.4-150400.3.18.1
libsoup-devel-3.0.4-150400.3.18.1
libsoup-lang-3.0.4-150400.3.18.1
typelib-1_0-Soup-3_0-3.0.4-150400.3.18.1
SUSE Linux Enterprise Server for SAP Applications 15 SP4
libsoup-3_0-0-3.0.4-150400.3.18.1
libsoup-devel-3.0.4-150400.3.18.1
libsoup-lang-3.0.4-150400.3.18.1
typelib-1_0-Soup-3_0-3.0.4-150400.3.18.1
SUSE Linux Enterprise Server for SAP Applications 15 SP5
libsoup-3_0-0-3.0.4-150400.3.18.1
libsoup-devel-3.0.4-150400.3.18.1
libsoup-lang-3.0.4-150400.3.18.1
typelib-1_0-Soup-3_0-3.0.4-150400.3.18.1
SUSE Manager Proxy LTS 4.3
libsoup-3_0-0-3.0.4-150400.3.18.1
libsoup-devel-3.0.4-150400.3.18.1
libsoup-lang-3.0.4-150400.3.18.1
typelib-1_0-Soup-3_0-3.0.4-150400.3.18.1
SUSE Manager Server LTS 4.3
libsoup-3_0-0-3.0.4-150400.3.18.1
libsoup-devel-3.0.4-150400.3.18.1
libsoup-lang-3.0.4-150400.3.18.1
typelib-1_0-Soup-3_0-3.0.4-150400.3.18.1
Ссылки
- Link for SUSE-SU-2025:3752-1
- E-Mail link for SUSE-SU-2025:3752-1
- SUSE Security Ratings
- SUSE Bug 1250562
- SUSE CVE CVE-2025-11021 page
Описание
A flaw was found in the cookie date handling logic of the libsoup HTTP library, widely used by GNOME and other applications for web communication. When processing cookies with specially crafted expiration dates, the library may perform an out-of-bounds memory read. This flaw could result in unintended disclosure of memory contents, potentially exposing sensitive information from the process using libsoup.
Затронутые продукты
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libsoup-3_0-0-3.0.4-150400.3.18.1
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libsoup-devel-3.0.4-150400.3.18.1
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:libsoup-lang-3.0.4-150400.3.18.1
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:typelib-1_0-Soup-3_0-3.0.4-150400.3.18.1
Ссылки
- CVE-2025-11021
- SUSE Bug 1250562