SUSE-SU-2026:0894-1

Опубликовано: 13 мар. 2026

Источник: suse-cvrf

Описание

Security update for libsoup

This update for libsoup fixes the following issue:

CVE-2026-0716: improper bounds handling may allow out-of-bounds read (bsc#1256418).

Список пакетов

SUSE Linux Enterprise Module for Basesystem 15 SP7

libsoup-3_0-0-3.4.4-150600.3.42.1

libsoup-devel-3.4.4-150600.3.42.1

libsoup-lang-3.4.4-150600.3.42.1

typelib-1_0-Soup-3_0-3.4.4-150600.3.42.1

openSUSE Leap 15.6

libsoup-3_0-0-3.4.4-150600.3.42.1

libsoup-3_0-0-32bit-3.4.4-150600.3.42.1

libsoup-devel-3.4.4-150600.3.42.1

libsoup-devel-32bit-3.4.4-150600.3.42.1

libsoup-lang-3.4.4-150600.3.42.1

typelib-1_0-Soup-3_0-3.4.4-150600.3.42.1

Ссылки

https://www.suse.com/support/update/announcement/2026/suse-su-20260894-1/
Link for SUSE-SU-2026:0894-1
https://lists.suse.com/pipermail/sle-security-updates/2026-March/024697.html
E-Mail link for SUSE-SU-2026:0894-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1256418
SUSE Bug 1256418
https://www.suse.com/security/cve/CVE-2026-0716/
SUSE CVE CVE-2026-0716 page

Описание

A flaw was found in libsoup's WebSocket frame processing when handling incoming messages. If a non-default configuration is used where the maximum incoming payload size is unset, the library may read memory outside the intended bounds. This can cause unintended memory exposure or a crash. Applications using libsoup's WebSocket support with this configuration may be impacted.

Затронутые продукты

SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-3_0-0-3.4.4-150600.3.42.1

SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-devel-3.4.4-150600.3.42.1

SUSE Linux Enterprise Module for Basesystem 15 SP7:libsoup-lang-3.4.4-150600.3.42.1

SUSE Linux Enterprise Module for Basesystem 15 SP7:typelib-1_0-Soup-3_0-3.4.4-150600.3.42.1

Ссылки

https://www.suse.com/security/cve/CVE-2026-0716.html
CVE-2026-0716
https://bugzilla.suse.com/1256418
SUSE Bug 1256418

SUSE-SU-2026:0894-1

Описание

Список пакетов

SUSE Linux Enterprise Module for Basesystem 15 SP7

openSUSE Leap 15.6

Ссылки

Уязвимость: CVE-2026-0716

Описание

Затронутые продукты

Ссылки