SUSE-SU-2026:0689-1
- Source
- https://www.suse.com/support/update/announcement/2026/suse-su-20260689-1/
- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2026:0689-1.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/SUSE-SU-2026:0689-1
- Upstream
- Related
- Published
- 2026-02-27T15:10:48Z
- Modified
- 2026-03-11T07:31:40.205897Z
- Summary
- Security update for libsoup
- Details
-
This update for libsoup fixes the following issues:
- CVE-2025-32049: denial of Service attack to websocket server (bsc#1240751).
- CVE-2026-2369: buffer overread due to integer underflow when handling zero-length resources (bsc#1258120).
- CVE-2026-2443: out-of-bounds read when processing specially crafted HTTP Range headers can lead to heap information disclosure to remote attackers (bsc#1258170).
- CVE-2026-2708: HTTP request smuggling via duplicate Content-Length headers (bsc#1258508).
- References
-
- https://www.suse.com/support/update/announcement/2026/suse-su-20260689-1/
- https://bugzilla.suse.com/1240751
- https://bugzilla.suse.com/1258120
- https://bugzilla.suse.com/1258170
- https://bugzilla.suse.com/1258508
- https://www.suse.com/security/cve/CVE-2025-32049
- https://www.suse.com/security/cve/CVE-2026-2369
- https://www.suse.com/security/cve/CVE-2026-2443
- https://www.suse.com/security/cve/CVE-2026-2708
Affected packages
SUSE:Linux Enterprise High Performance Computing 15 SP4-ESPOS
libsoup
Package
- Name
- libsoup
- Purl
- pkg:rpm/suse/libsoup&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.4-150400.3.34.1
SUSE:Linux Enterprise High Performance Computing 15 SP4-LTSS
libsoup
Package
- Name
- libsoup
- Purl
- pkg:rpm/suse/libsoup&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.4-150400.3.34.1
SUSE:Linux Enterprise High Performance Computing 15 SP5-ESPOS
libsoup
Package
- Name
- libsoup
- Purl
- pkg:rpm/suse/libsoup&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.4-150400.3.34.1
SUSE:Linux Enterprise High Performance Computing 15 SP5-LTSS
libsoup
Package
- Name
- libsoup
- Purl
- pkg:rpm/suse/libsoup&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.4-150400.3.34.1
SUSE:Linux Enterprise Server 15 SP4-LTSS
libsoup
Package
- Name
- libsoup
- Purl
- pkg:rpm/suse/libsoup&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.4-150400.3.34.1
SUSE:Linux Enterprise Server 15 SP5-LTSS
libsoup
Package
- Name
- libsoup
- Purl
- pkg:rpm/suse/libsoup&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.4-150400.3.34.1
SUSE:Linux Enterprise Server for SAP Applications 15 SP4
libsoup
Package
- Name
- libsoup
- Purl
- pkg:rpm/suse/libsoup&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.4-150400.3.34.1
SUSE:Linux Enterprise Server for SAP Applications 15 SP5
libsoup
Package
- Name
- libsoup
- Purl
- pkg:rpm/suse/libsoup&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.0.4-150400.3.34.1