Описание
Security update for libsoup
This update for libsoup fixes the following issues:
- CVE-2026-0719: Fixed stack-based buffer overflow in NTLM authentication (bsc#1256399).
Список пакетов
SUSE Linux Enterprise Server 12 SP5-LTSS
libsoup-2_4-1-2.62.2-5.26.1
libsoup-2_4-1-32bit-2.62.2-5.26.1
libsoup-devel-2.62.2-5.26.1
libsoup-lang-2.62.2-5.26.1
typelib-1_0-Soup-2_4-2.62.2-5.26.1
SUSE Linux Enterprise Server LTSS Extended Security 12 SP5
libsoup-2_4-1-2.62.2-5.26.1
libsoup-2_4-1-32bit-2.62.2-5.26.1
libsoup-devel-2.62.2-5.26.1
libsoup-lang-2.62.2-5.26.1
typelib-1_0-Soup-2_4-2.62.2-5.26.1
Ссылки
- Link for SUSE-SU-2026:0265-1
- E-Mail link for SUSE-SU-2026:0265-1
- SUSE Security Ratings
- SUSE Bug 1256399
- SUSE CVE CVE-2026-0719 page
Описание
A flaw was identified in the NTLM authentication handling of the libsoup HTTP library, used by GNOME and other applications for network communication. When processing extremely long passwords, an internal size calculation can overflow due to improper use of signed integers. This results in incorrect memory allocation on the stack, followed by unsafe memory copying. As a result, applications using libsoup may crash unexpectedly, creating a denial-of-service risk.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP5-LTSS:libsoup-2_4-1-2.62.2-5.26.1
SUSE Linux Enterprise Server 12 SP5-LTSS:libsoup-2_4-1-32bit-2.62.2-5.26.1
SUSE Linux Enterprise Server 12 SP5-LTSS:libsoup-devel-2.62.2-5.26.1
SUSE Linux Enterprise Server 12 SP5-LTSS:libsoup-lang-2.62.2-5.26.1
Ссылки
- CVE-2026-0719
- SUSE Bug 1256399