Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 496
Alerts This Week
Warning Icon 1 496

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 25 articles for you...
202

openSUSE libsoup2 Important HTTP Request Smuggling CVE-2026-1801

An update that solves one vulnerability can now be installed.. # Security update for libsoup2 Announcement ID: SUSE-SU-2026:2670-1 Release Date: 2026-06-29T05:42:42Z Rating: moderate References: * bsc#1257649 Cross-References: * CVE-2026-1801 CVSS scores: * CVE-2026-1801 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-1801 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-1801 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-1801 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves one vulnerability can now be installed. ## Description: This update for libsoup2 fixes the following issue * CVE-2026-1801: HTTP Request Smuggling in soup_filter_input_stream_read_line() (bsc#1257649). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2670=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2670=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-2670=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2670=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2670=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2670=1 ## Package List: * openSUSE Leap 15.4 (aarch64 i586 ppc64le s390x x86_64) * libsoup2-debugsource-2.74.2-150400.3.37.1 * libsoup-2_4-1-debuginfo-2.74.2-150400.3.37.1 * libsoup2-devel-2.74.2-150400.3.37.1 * typelib-1_0-Soup-2_4-2.74.2-150400.3.37.1 * libsoup-2_4-1-2.74.2-150400.3.37.1 * openSUSE Leap 15.4 (x86_64) * libsoup2-devel-32bit-2.74.2-150400.3.37.1 * libsoup-2_4-1-32bit-debuginfo-2.74.2-150400.3.37.1 * libsoup-2_4-1-32bit-2.74.2-150400.3.37.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libsoup2-devel-64bit-2.74.2-150400.3.37.1 * libsoup-2_4-1-64bit-2.74.2-150400.3.37.1 * libsoup-2_4-1-64bit-debuginfo-2.74.2-150400.3.37.1 * openSUSE Leap 15.4 (noarch) * libsoup2-lang-2.74.2-150400.3.37.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libsoup2-debugsource-2.74.2-150400.3.37.1 * libsoup-2_4-1-2.74.2-150400.3.37.1 * libsoup-2_4-1-debuginfo-2.74.2-150400.3.37.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libsoup2-debugsource-2.74.2-150400.3.37.1 * libsoup-2_4-1-2.74.2-150400.3.37.1 * libsoup-2_4-1-debuginfo-2.74.2-150400.3.37.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libsoup2-debugsource-2.74.2-150400.3.37.1 * libsoup-2_4-1-2.74.2-150400.3.37.1 * libsoup-2_4-1-debuginfo-2.74.2-150400.3.37.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libsoup2-debugsource-2.74.2-150400.3.37.1 * libsoup-2_4-1-2.74.2-150400.3.37.1 * libsoup-2_4-1-debuginfo-2.74.2-150400.3.37.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libsoup2-debugsource-2.74.2-150400.3.37.1 * libsoup-2_4-1-2.74.2-150400.3.37.1 * libsoup-2_4-1-debuginfo-2.74.2-150400.3.37.1 ## References: * https://www.suse.com/security/cve/CVE-2026-1801.html * https://bugzilla.suse.com/show_bug.cgi?id=1257649 . # Security update for libsoup2 Announcement ID: SUSE-SU-2026:2670-1 Release Date: 2026-06-29T05:42:4. update, solves, vulnerability, installed, security, libsoup2, announc. . Severity: moderate. LinuxSecurity.com Team

Calendar%202 Jun 29, 2026 moderate OpenSUSE
100

openSUSE 15.4 SUSE-SU-2026-2670-1 libsoup2 Moderate HTTP Smuggling

An update that solves one vulnerability can now be installed.. # Security update for libsoup2 Announcement ID: SUSE-SU-2026:2670-1 Release Date: 2026-06-29T05:42:42Z Rating: moderate References: * bsc#1257649 Cross-References: * CVE-2026-1801 CVSS scores: * CVE-2026-1801 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-1801 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-1801 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-1801 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves one vulnerability can now be installed. ## Description: This update for libsoup2 fixes the following issue * CVE-2026-1801: HTTP Request Smuggling in soup_filter_input_stream_read_line() (bsc#1257649). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2670=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-2670=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-2670=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2670=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2670=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-2670=1 ## Package List: * openSUSE Leap 15.4 (aarch64 i586 ppc64le s390x x86_64) * libsoup2-debugsource-2.74.2-150400.3.37.1 * libsoup-2_4-1-debuginfo-2.74.2-150400.3.37.1 * libsoup2-devel-2.74.2-150400.3.37.1 * typelib-1_0-Soup-2_4-2.74.2-150400.3.37.1 * libsoup-2_4-1-2.74.2-150400.3.37.1 * openSUSE Leap 15.4 (x86_64) * libsoup2-devel-32bit-2.74.2-150400.3.37.1 * libsoup-2_4-1-32bit-debuginfo-2.74.2-150400.3.37.1 * libsoup-2_4-1-32bit-2.74.2-150400.3.37.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libsoup2-devel-64bit-2.74.2-150400.3.37.1 * libsoup-2_4-1-64bit-2.74.2-150400.3.37.1 * libsoup-2_4-1-64bit-debuginfo-2.74.2-150400.3.37.1 * openSUSE Leap 15.4 (noarch) * libsoup2-lang-2.74.2-150400.3.37.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libsoup2-debugsource-2.74.2-150400.3.37.1 * libsoup-2_4-1-2.74.2-150400.3.37.1 * libsoup-2_4-1-debuginfo-2.74.2-150400.3.37.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libsoup2-debugsource-2.74.2-150400.3.37.1 * libsoup-2_4-1-2.74.2-150400.3.37.1 * libsoup-2_4-1-debuginfo-2.74.2-150400.3.37.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libsoup2-debugsource-2.74.2-150400.3.37.1 * libsoup-2_4-1-2.74.2-150400.3.37.1 * libsoup-2_4-1-debuginfo-2.74.2-150400.3.37.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libsoup2-debugsource-2.74.2-150400.3.37.1 * libsoup-2_4-1-2.74.2-150400.3.37.1 * libsoup-2_4-1-debuginfo-2.74.2-150400.3.37.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libsoup2-debugsource-2.74.2-150400.3.37.1 * libsoup-2_4-1-2.74.2-150400.3.37.1 * libsoup-2_4-1-debuginfo-2.74.2-150400.3.37.1 ## References: * https://www.suse.com/security/cve/CVE-2026-1801.html * https://bugzilla.suse.com/show_bug.cgi?id=1257649 . A security update addressing a moderate issue in libsoup2 has been released for openSUSE and SUSE Linux Enterprise. Install now!. libsoup2 security patch, SUSE Linux update, moderate security advisory. . Severity: moderate. LinuxSecurity.com Team

Calendar%202 Jun 29, 2026 moderate SuSE
202

openSUSE libsoup2 Moderate HTTP Request Smuggling Fix SUSE-SU-2026-2654-1

An update that solves one vulnerability can now be installed.. # Security update for libsoup2 Announcement ID: SUSE-SU-2026:2654-1 Release Date: 2026-06-26T12:23:06Z Rating: moderate References: * bsc#1257649 Cross-References: * CVE-2026-1801 CVSS scores: * CVE-2026-1801 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-1801 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-1801 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-1801 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N Affected Products: * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for libsoup2 fixes the following issue * CVE-2026-1801: HTTP Request Smuggling in soup_filter_input_stream_read_line() (bsc#1257649). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-2654=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-2654=1 ## Package List: * openSUSE Leap 15.6 (aarch64 i586 ppc64le s390x x86_64) * typelib-1_0-Soup-2_4-2.74.3-150600.4.36.1 * libsoup-2_4-1-debuginfo-2.74.3-150600.4.36.1 * libsoup-2_4-1-2.74.3-150600.4.36.1 * libsoup2-debugsource-2.74.3-150600.4.36.1 * libsoup2-devel-2.74.3-150600.4.36.1 * openSUSE Leap 15.6 (x86_64) * libsoup-2_4-1-32bit-debuginfo-2.74.3-150600.4.36.1 * libsoup2-devel-32bit-2.74.3-150600.4.36.1 * libsoup-2_4-1-32bit-2.74.3-150600.4.36.1 * openSUSE Leap 15.6 (aarch64_ilp32) *libsoup-2_4-1-64bit-debuginfo-2.74.3-150600.4.36.1 * libsoup-2_4-1-64bit-2.74.3-150600.4.36.1 * libsoup2-devel-64bit-2.74.3-150600.4.36.1 * openSUSE Leap 15.6 (noarch) * libsoup2-lang-2.74.3-150600.4.36.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * typelib-1_0-Soup-2_4-2.74.3-150600.4.36.1 * libsoup-2_4-1-debuginfo-2.74.3-150600.4.36.1 * libsoup-2_4-1-2.74.3-150600.4.36.1 * libsoup2-debugsource-2.74.3-150600.4.36.1 * libsoup2-devel-2.74.3-150600.4.36.1 * Basesystem Module 15-SP7 (noarch) * libsoup2-lang-2.74.3-150600.4.36.1 ## References: * https://www.suse.com/security/cve/CVE-2026-1801.html * https://bugzilla.suse.com/show_bug.cgi?id=1257649 . # Security update for libsoup2 Announcement ID: SUSE-SU-2026:2654-1 Release Date: 2026-06-26T12:23:0. update, solves, vulnerability, installed, security, libsoup2, announc. . Severity: moderate. LinuxSecurity.com Team

Calendar%202 Jun 26, 2026 moderate OpenSUSE
100

SUSE Libsoup2 Moderate HTTP Request Smuggling Vuln 2026-2654-1

An update that solves one vulnerability can now be installed.. # Security update for libsoup2 Announcement ID: SUSE-SU-2026:2654-1 Release Date: 2026-06-26T12:23:06Z Rating: moderate References: * bsc#1257649 Cross-References: * CVE-2026-1801 CVSS scores: * CVE-2026-1801 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-1801 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-1801 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-1801 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N Affected Products: * Basesystem Module 15-SP7 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves one vulnerability can now be installed. ## Description: This update for libsoup2 fixes the following issue * CVE-2026-1801: HTTP Request Smuggling in soup_filter_input_stream_read_line() (bsc#1257649). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2026-2654=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2026-2654=1 ## Package List: * openSUSE Leap 15.6 (aarch64 i586 ppc64le s390x x86_64) * typelib-1_0-Soup-2_4-2.74.3-150600.4.36.1 * libsoup-2_4-1-debuginfo-2.74.3-150600.4.36.1 * libsoup-2_4-1-2.74.3-150600.4.36.1 * libsoup2-debugsource-2.74.3-150600.4.36.1 * libsoup2-devel-2.74.3-150600.4.36.1 * openSUSE Leap 15.6 (x86_64) * libsoup-2_4-1-32bit-debuginfo-2.74.3-150600.4.36.1 * libsoup2-devel-32bit-2.74.3-150600.4.36.1 * libsoup-2_4-1-32bit-2.74.3-150600.4.36.1 * openSUSE Leap 15.6 (aarch64_ilp32) *libsoup-2_4-1-64bit-debuginfo-2.74.3-150600.4.36.1 * libsoup-2_4-1-64bit-2.74.3-150600.4.36.1 * libsoup2-devel-64bit-2.74.3-150600.4.36.1 * openSUSE Leap 15.6 (noarch) * libsoup2-lang-2.74.3-150600.4.36.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * typelib-1_0-Soup-2_4-2.74.3-150600.4.36.1 * libsoup-2_4-1-debuginfo-2.74.3-150600.4.36.1 * libsoup-2_4-1-2.74.3-150600.4.36.1 * libsoup2-debugsource-2.74.3-150600.4.36.1 * libsoup2-devel-2.74.3-150600.4.36.1 * Basesystem Module 15-SP7 (noarch) * libsoup2-lang-2.74.3-150600.4.36.1 ## References: * https://www.suse.com/security/cve/CVE-2026-1801.html * https://bugzilla.suse.com/show_bug.cgi?id=1257649 . Update for libsoup2 addresses a moderate threat with CVE-2026-1801 in SUSE systems. Immediate action is recommended.. libsoup2 security update, SUSE patches, moderate threat fixes. . Severity: moderate. LinuxSecurity.com Team

Calendar%202 Jun 26, 2026 moderate SuSE
202

openSUSE Leap 16.0 Libsoup2 Moderate Line Boundary Issue 2026-20895-1

An update that solves one vulnerability and has one bug fix can now be installed.. openSUSE security update: security update for libsoup2 ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20895-1 Rating: moderate References: * bsc#1257649 Cross-References: * CVE-2026-1801 CVSS scores: * CVE-2026-1801 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-1801 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that solves one vulnerability and has one bug fix can now be installed. Description: This update for libsoup2 fixes the following issues: - CVE-2026-1801: Use CRLF as line boundary when parsing chunk encoding data (bsc#1257649). Patch instructions: To install this openSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 16.0 zypper in -t patch openSUSE-Leap-16.0-881=1 Package List: - openSUSE Leap 16.0: libsoup-2_4-1-2.74.3-160000.5.1 libsoup2-devel-2.74.3-160000.5.1 libsoup2-lang-2.74.3-160000.5.1 typelib-1_0-Soup-2_4-2.74.3-160000.5.1 References: * https://www.suse.com/security/cve/CVE-2026-1801.html . Update for openSUSE fixes one security issue in libsoup2, including a bug fix for improved stability.. openSUSE, libsoup2 security, moderate issues, update patch. . Severity: moderate. LinuxSecurity.com Team

Calendar%202 Jun 05, 2026 moderate OpenSUSE
202

openSUSE Leap 16.0 libsoup2 Moderate CRLF Parsing Issue Fix 2026-20895-1

An update that solves one vulnerability and has one bug fix can now be installed.. openSUSE security update: security update for libsoup2 ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20895-1 Rating: moderate References: * bsc#1257649 Cross-References: * CVE-2026-1801 CVSS scores: * CVE-2026-1801 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2026-1801 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that solves one vulnerability and has one bug fix can now be installed. Description: This update for libsoup2 fixes the following issues: - CVE-2026-1801: Use CRLF as line boundary when parsing chunk encoding data (bsc#1257649). Patch instructions: To install this openSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 16.0 zypper in -t patch openSUSE-Leap-16.0-881=1 Package List: - openSUSE Leap 16.0: libsoup-2_4-1-2.74.3-160000.5.1 libsoup2-devel-2.74.3-160000.5.1 libsoup2-lang-2.74.3-160000.5.1 typelib-1_0-Soup-2_4-2.74.3-160000.5.1 References: * https://www.suse.com/security/cve/CVE-2026-1801.html . Discover the openSUSE Leap 16.0 libsoup2 update addressing CVE-2026-1801 with a moderate severity rating for improved security.. opensuse security, libsoup2 update, CVE-2026-1801, patch management. . Severity: moderate. LinuxSecurity.com Team

Calendar%202 Jun 05, 2026 moderate OpenSUSE
100

SUSE libsoup2 Moderate Out-of-Bounds Read Fix CVE-2026-0716 2026-1179-1

An update that solves one vulnerability can now be installed.. # Security update for libsoup2 Announcement ID: SUSE-SU-2026:1179-1 Release Date: 2026-04-02T15:08:35Z Rating: moderate References: * bsc#1256418 Cross-References: * CVE-2026-0716 CVSS scores: * CVE-2026-0716 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-0716 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L * CVE-2026-0716 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves one vulnerability can now be installed. ## Description: This update for libsoup2 fixes the following issue: * CVE-2026-0716: improper bounds handling may allow out-of-bounds read (bsc#1256418). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-1179=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-1179=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-1179=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-1179=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-1179=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-1179=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libsoup-2_4-1-2.74.2-150400.3.34.1 * libsoup-2_4-1-debuginfo-2.74.2-150400.3.34.1 * libsoup2-devel-2.74.2-150400.3.34.1 * typelib-1_0-Soup-2_4-2.74.2-150400.3.34.1 * libsoup2-debugsource-2.74.2-150400.3.34.1 * openSUSE Leap 15.4 (x86_64) * libsoup-2_4-1-32bit-2.74.2-150400.3.34.1 * libsoup2-devel-32bit-2.74.2-150400.3.34.1 * libsoup-2_4-1-32bit-debuginfo-2.74.2-150400.3.34.1 * openSUSE Leap 15.4 (noarch) * libsoup2-lang-2.74.2-150400.3.34.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libsoup2-devel-64bit-2.74.2-150400.3.34.1 * libsoup-2_4-1-64bit-2.74.2-150400.3.34.1 * libsoup-2_4-1-64bit-debuginfo-2.74.2-150400.3.34.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libsoup-2_4-1-debuginfo-2.74.2-150400.3.34.1 * libsoup-2_4-1-2.74.2-150400.3.34.1 * libsoup2-debugsource-2.74.2-150400.3.34.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libsoup-2_4-1-debuginfo-2.74.2-150400.3.34.1 * libsoup-2_4-1-2.74.2-150400.3.34.1 * libsoup2-debugsource-2.74.2-150400.3.34.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libsoup-2_4-1-debuginfo-2.74.2-150400.3.34.1 * libsoup-2_4-1-2.74.2-150400.3.34.1 * libsoup2-debugsource-2.74.2-150400.3.34.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libsoup-2_4-1-debuginfo-2.74.2-150400.3.34.1 * libsoup-2_4-1-2.74.2-150400.3.34.1 * libsoup2-debugsource-2.74.2-150400.3.34.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libsoup-2_4-1-debuginfo-2.74.2-150400.3.34.1 * libsoup-2_4-1-2.74.2-150400.3.34.1 * libsoup2-debugsource-2.74.2-150400.3.34.1 ## References: * https://www.suse.com/security/cve/CVE-2026-0716.html * https://bugzilla.suse.com/show_bug.cgi?id=1256418 . Update for libsoup2 addresses CVE-2026-0716 with moderate risk; recommended patch available for SUSE users.. libsoup2 update, SUSE security, moderate risk, CVE-2026-0716, patch instructions. . LinuxSecurity.com Team

Calendar%202 Apr 02, 2026 SuSE
202

openSUSE Leap 16.0 libsoup2 Important 11 Vulnerabilities Fixed 2026-20354-1

An update that solves 11 vulnerabilities and has 11 bug fixes can now be installed.. openSUSE security update: security update for libsoup2 ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20354-1 Rating: important References: * bsc#1240751 * bsc#1243422 * bsc#1254876 * bsc#1256399 * bsc#1256418 * bsc#1257398 * bsc#1257441 * bsc#1257597 * bsc#1258120 * bsc#1258170 * bsc#1258508 Cross-References: * CVE-2025-14523 * CVE-2025-32049 * CVE-2025-4476 * CVE-2026-0716 * CVE-2026-0719 * CVE-2026-1467 * CVE-2026-1539 * CVE-2026-1760 * CVE-2026-2369 * CVE-2026-2443 * CVE-2026-2708 CVSS scores: * CVE-2025-14523 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N * CVE-2025-14523 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-32049 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-32049 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-4476 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2025-4476 ( SUSE ): 2.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-0716 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:L * CVE-2026-0716 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-0719 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-0719 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2026-1467 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2026-1467 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N * CVE-2026-1539 ( SUSE ): 5.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N * CVE-2026-1539 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:N/SA:N * CVE-2026-1760 ( SUSE ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L * CVE-2026-1760 ( SUSE ): 8.8CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2026-2369 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2026-2369 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-2443 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2026-2443 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2026-2708 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N * CVE-2026-2708 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N Affected Products: openSUSE Leap 16.0 ------------------------------------------------------------- An update that solves 11 vulnerabilities and has 11 bug fixes can now be installed. Description: This update for libsoup2 fixes the following issues: - CVE-2025-4476: null pointer dereference may lead to denial of service (bsc#1243422). - CVE-2025-14523: Duplicate Host Header Handling Causes Host-Parsing Discrepancy (bsc#1254876). - CVE-2025-32049: Denial of Service attack to websocket server (bsc#1240751). - CVE-2026-0716: improper bounds handling may allow out-of-bounds read (bsc#1256418). - CVE-2026-0719: stack-based buffer overflow in NTLM authentication can lead to arbitrary code execution (bsc#1256399). - CVE-2026-1467: lack of input sanitization can lead to unintended or unauthorized HTTP requests (bsc#1257398). - CVE-2026-1539: proxy authentication credentials leaked via the Proxy-Authorization header when handling HTTP redirects (bsc#1257441). - CVE-2026-1760: improper handling of HTTP requests combining certain headers by SoupServer can lead to HTTP request smuggling and potential DoS (bsc#1257597). - CVE-2026-2369: Buffer overread due to integer underflow when handling zero-length resources (bsc#1258120). - CVE-2026-2443: out-of-bounds read when processing specially crafted HTTP Range headers can lead to heap information disclosure to remote attackers (bsc#1258170). - CVE-2026-2708: HTTP request smuggling viaduplicate Content-Length headers (bsc#1258508). Patch instructions: To install this openSUSE security update use the suse recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 16.0 zypper in -t patch openSUSE-Leap-16.0-378=1 Package List: - openSUSE Leap 16.0: libsoup-2_4-1-2.74.3-160000.4.1 libsoup2-devel-2.74.3-160000.4.1 libsoup2-lang-2.74.3-160000.4.1 typelib-1_0-Soup-2_4-2.74.3-160000.4.1 References: * https://www.suse.com/security/cve/CVE-2025-14523.html * https://www.suse.com/security/cve/CVE-2025-32049.html * https://www.suse.com/security/cve/CVE-2025-4476.html * https://www.suse.com/security/cve/CVE-2026-0716.html * https://www.suse.com/security/cve/CVE-2026-0719.html * https://www.suse.com/security/cve/CVE-2026-1467.html * https://www.suse.com/security/cve/CVE-2026-1539.html * https://www.suse.com/security/cve/CVE-2026-1760.html * https://www.suse.com/security/cve/CVE-2026-2369.html * https://www.suse.com/security/cve/CVE-2026-2443.html * https://www.suse.com/security/cve/CVE-2026-2708.html . An important security update for openSUSE addressing 11 vulnerabilities in libsoup2, ensuring system integrity and stability.. openSUSE security update, libsoup2 vulnerabilities, Linux security patches. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Mar 14, 2026 Important OpenSUSE
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200