Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

Fedora 42 mingw-libsoup Addresses Critical Out-of-Bounds Read and Overflow

fedora
Calendar Grey February 18, 2026
Dist Fedora Esm H88
Critical backport fixes for libsoup in Fedora 42 addressing buffer overflow and out-of-bounds issues.
Backport fixes for CVE-2026-0716, CVE-2026-0719.

Summary

Libsoup is an HTTP library implementation in C. It was originally part

of a SOAP (Simple Object Access Protocol) implementation called Soup, but

the SOAP and non-SOAP parts have now been split into separate packages.

libsoup uses the Glib main loop and is designed to work well with GTK

applications. This enables GNOME applications to access HTTP servers

on the network in a completely asynchronous fashion, very similar to

the Gtk+ programming model (a synchronous operation mode is also

supported for those who want it).

This is the MinGW build of Libsoup

Update Information:

Backport fixes for CVE-2026-0716, CVE-2026-0719.

Topics%20covered

Topics Covered

security advisory fedora buffer overflow critical arbitrary code execution mingw-libsoup

Change Log

* Sat Feb 7 2026 Sandro Mani - 2.74.3-17 - Backport fixes for CVE-2026-0716 and CVE-2026-0719

References


[ 1 ] Bug #2427902 - CVE-2026-0716 mingw-libsoup: Out-of-Bounds Read in libsoup WebSocket Frame Processing [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2427902 [ 2 ] Bug #2427905 - CVE-2026-0716 mingw-libsoup: Out-of-Bounds Read in libsoup WebSocket Frame Processing [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2427905 [ 3 ] Bug #2427909 - CVE-2026-0719 mingw-libsoup: libsoup: Arbitrary code execution via stack-based buffer overflow in NTLM authentication [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2427909 [ 4 ] Bug #2427912 - CVE-2026-0719 mingw-libsoup: libsoup: Arbitrary code execution via stack-based buffer overflow in NTLM authentication [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2427912

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-07b73214fc' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: mingw-libsoup
Product: Fedora 42
Version: 2.74.3
Release: 17.fc42
URL: https://wiki.gnome.org/Projects/libsoup
Summary: MinGW library for HTTP and XML-RPC functionality

Topics%20covered

Topics Covered

security advisory fedora buffer overflow critical arbitrary code execution mingw-libsoup

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here