SUSE-SU-2026:0886-1

Опубликовано: 12 мар. 2026

Источник: suse-cvrf

Описание

Security update for libsoup2

This update for libsoup2 fixes the following issue:

CVE-2026-0716: improper bounds handling may allow out-of-bounds read (bsc#1256418).

Список пакетов

SUSE Linux Enterprise Module for Basesystem 15 SP7

libsoup-2_4-1-2.74.3-150600.4.33.1

libsoup2-devel-2.74.3-150600.4.33.1

libsoup2-lang-2.74.3-150600.4.33.1

typelib-1_0-Soup-2_4-2.74.3-150600.4.33.1

openSUSE Leap 15.6

libsoup-2_4-1-2.74.3-150600.4.33.1

libsoup-2_4-1-32bit-2.74.3-150600.4.33.1

libsoup2-devel-2.74.3-150600.4.33.1

libsoup2-devel-32bit-2.74.3-150600.4.33.1

libsoup2-lang-2.74.3-150600.4.33.1

typelib-1_0-Soup-2_4-2.74.3-150600.4.33.1

Ссылки

https://www.suse.com/support/update/announcement/2026/suse-su-20260886-1/
Link for SUSE-SU-2026:0886-1
https://lists.suse.com/pipermail/sle-security-updates/2026-March/024687.html
E-Mail link for SUSE-SU-2026:0886-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1256418
SUSE Bug 1256418
https://www.suse.com/security/cve/CVE-2026-0716/
SUSE CVE CVE-2026-0716 page

Описание

A flaw was found in libsoup's WebSocket frame processing when handling incoming messages. If a non-default configuration is used where the maximum incoming payload size is unset, the library may read memory outside the intended bounds. This can cause unintended memory exposure or a crash. Applications using libsoup's WebSocket support with this configuration may be impacted.

Затронутые продукты

SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-2_4-1-2.74.3-150600.4.33.1

SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup2-devel-2.74.3-150600.4.33.1

SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup2-lang-2.74.3-150600.4.33.1

SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-2_4-2.74.3-150600.4.33.1

Ссылки

https://www.suse.com/security/cve/CVE-2026-0716.html
CVE-2026-0716
https://bugzilla.suse.com/1256418
SUSE Bug 1256418

SUSE-SU-2026:0886-1

Описание

Список пакетов

SUSE Linux Enterprise Module for Basesystem 15 SP7

openSUSE Leap 15.6

Ссылки

Уязвимость: CVE-2026-0716

Описание

Затронутые продукты

Ссылки