Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Fedora 43 mingw-libsoup Crucial Out-of-Bounds Read and Code Execution Patch

fedora
Calendar Grey February 18, 2026
Dist Fedora Esm H88
Backport fixes for critical out-of-bounds read and buffer overflow issues in Fedora 43's mingw-libsoup application.
Backport fixes for CVE-2026-0716, CVE-2026-0719.

Summary

Libsoup is an HTTP library implementation in C. It was originally part

of a SOAP (Simple Object Access Protocol) implementation called Soup, but

the SOAP and non-SOAP parts have now been split into separate packages.

libsoup uses the Glib main loop and is designed to work well with GTK

applications. This enables GNOME applications to access HTTP servers

on the network in a completely asynchronous fashion, very similar to

the Gtk+ programming model (a synchronous operation mode is also

supported for those who want it).

This is the MinGW build of Libsoup

Update Information:

Backport fixes for CVE-2026-0716, CVE-2026-0719.

Topics%20covered

Topics Covered

security advisory fedora code execution important out-of-bounds mingw-libsoup

Change Log

* Sat Feb 7 2026 Sandro Mani - 2.74.3-17 - Backport fixes for CVE-2026-0716 and CVE-2026-0719

References


[ 1 ] Bug #2427902 - CVE-2026-0716 mingw-libsoup: Out-of-Bounds Read in libsoup WebSocket Frame Processing [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2427902 [ 2 ] Bug #2427905 - CVE-2026-0716 mingw-libsoup: Out-of-Bounds Read in libsoup WebSocket Frame Processing [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2427905 [ 3 ] Bug #2427909 - CVE-2026-0719 mingw-libsoup: libsoup: Arbitrary code execution via stack-based buffer overflow in NTLM authentication [fedora-42] https://bugzilla.redhat.com/show_bug.cgi?id=2427909 [ 4 ] Bug #2427912 - CVE-2026-0719 mingw-libsoup: libsoup: Arbitrary code execution via stack-based buffer overflow in NTLM authentication [fedora-43] https://bugzilla.redhat.com/show_bug.cgi?id=2427912

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-44af0f2383' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
important
Lowest
Low
Medium
High
Critical

Name: mingw-libsoup
Product: Fedora 43
Version: 2.74.3
Release: 17.fc43
URL: https://wiki.gnome.org/Projects/libsoup
Summary: MinGW library for HTTP and XML-RPC functionality

Topics%20covered

Topics Covered

security advisory fedora code execution important out-of-bounds mingw-libsoup

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here