File _patchinfo of Package patchinfo.42649
<patchinfo incident="42649"> <issue tracker="cve" id="2026-0716"/> <issue tracker="cve" id="2025-4476"/> <issue tracker="cve" id="2025-32049"/> <issue tracker="cve" id="2026-2369"/> <issue tracker="cve" id="2026-2443"/> <issue tracker="cve" id="2026-2708"/> <issue tracker="bnc" id="1256418">VUL-0: CVE-2026-0716: libsoup: improper bounds handling may allow out-of-bounds read</issue> <issue tracker="bnc" id="1243422">VUL-0: CVE-2025-4476: libsoup,libsoup2: libsoup: null pointer dereference may lead to denial of service</issue> <issue tracker="bnc" id="1240751">VUL-0: CVE-2025-32049: libsoup: Denial of Service attack to websocket server</issue> <issue tracker="bnc" id="1258120">VUL-0: CVE-2026-2369: libsoup,libsoup2: Buffer overread due to integer underflow when handling zero-length resources</issue> <issue tracker="bnc" id="1258170">VUL-0: CVE-2026-2443: libsoup,libsoup2: out-of-bounds read when processing specially crafted HTTP Range headers can lead to heap information disclosure to remote attackers</issue> <issue tracker="bnc" id="1258508">VUL-0: CVE-2026-2708: libsoup,libsoup2: HTTP request smuggling via duplicate Content-Length headers</issue> <packager>mgorse</packager> <rating>important</rating> <category>security</category> <summary>Security update for libsoup</summary> <description>This update for libsoup fixes the following issues: - CVE-2026-0716: improper bounds handling may allow out-of-bounds read (bsc#1256418). - CVE-2025-4476: null pointer dereference may lead to denial of service (bsc#1243422). - CVE-2025-32049: denial of Service attack to websocket server (bsc#1240751). - CVE-2026-2369: buffer overread due to integer underflow when handling zero-length resources (bsc#1258120). - CVE-2026-2443: out-of-bounds read when processing specially crafted HTTP Range headers can lead to heap information disclosure to remote attackers (bsc#1258170). - CVE-2026-2708: HTTP request smuggling via duplicate Content-Length headers (bsc#1258508). </description> </patchinfo>
