Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 533
Alerts This Week
Warning Icon 1 533

SUSE Linux Micro 6.1 libsoup Important Update for Nine Issues 2026-20649-1

suse
Calendar Grey March 18, 2026
Dist Suse Esm H88
Resolve nine issues in libsoup for SUSE Linux Micro 6.1 with important updates and security patches.
An update that solves nine vulnerabilities can now be installed.

Summary

## This update for libsoup fixes the following issues: * CVE-2025-32049: denial of service attack to websocket server (bsc#1240751). * CVE-2026-1467: lack of input sanitization can lead to unintended or unauthorized HTTP requests (bsc#1257398). * CVE-2026-1536: HTTP header injection or response splitting via CRLF injection in the Content-Disposition header (bsc#1257440). * CVE-2026-1539: proxy authentication credentials leaked via the Proxy- Authorization header when handling HTTP redirects (bsc#1257441). * CVE-2026-1760: improper handling of HTTP requests combining certain headers by SoupServer can lead to HTTP request smuggling and potential DoS (bsc#1257597). * CVE-2026-1761: incorrect length calculation when parsing of multipart HTTP

References

* bsc#1240751

* bsc#1257398

* bsc#1257440

* bsc#1257441

* bsc#1257597

* bsc#1257598

* bsc#1258120

* bsc#1258170

* bsc#1258508

Cross-

* CVE-2025-32049

* CVE-2026-1467

* CVE-2026-1536

* CVE-2026-1539

* CVE-2026-1760

* CVE-2026-1761

* CVE-2026-2369

* CVE-2026-2443

* CVE-2026-2708

CVSS scores:

* CVE-2025-32049 ( SUSE ): 7.1

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

* CVE-2025-32049 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

* CVE-2025-32049 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

* CVE-2026-1467 ( SUSE ): 5.3

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N

* CVE-2026-1467 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

* CVE-2026-1467 ( NVD ): 5.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2026:20649-1
Release Date: 2026-03-03T15:01:40Z
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.