Overview

File _patchinfo of Package patchinfo.42977

<patchinfo incident="42977">
  <!--generated with prepare-update from request 402447-->
  <issue tracker="bnc" id="1257398">VUL-0: CVE-2026-1467: libsoup,libsoup2: lack of input sanitization can lead to unintended or unauthorized HTTP requests</issue>
  <issue tracker="bnc" id="1257441">VUL-0: CVE-2026-1539: libsoup,libsoup2: proxy authentication credentials leaked via the Proxy-Authorization header when handling HTTP redirects</issue>
  <issue tracker="bnc" id="1257597">VUL-0: CVE-2026-1760: libsoup,libsoup2: improper handling of HTTP requests combining certain headers by SoupServer can lead to HTTP request smuggling and potential DoS</issue>
  <issue tracker="cve" id="2026-1467"/>
  <issue tracker="cve" id="2026-1539"/>
  <issue tracker="cve" id="2026-1760"/>
  <category>security</category>
  <rating>important</rating>
  <packager>JonathanKang</packager>
  <summary>Security update for libsoup</summary>
  <description>This update for libsoup fixes the following issues:

- CVE-2026-1467: lack of input sanitization can lead to unintended or unauthorized HTTP requests (bsc#1257398).
- CVE-2026-1539: proxy authentication credentials leaked via the Proxy-Authorization header when handling HTTP redirects
  (bsc#1257441).
- CVE-2026-1760: improper handling of HTTP requests combining certain headers by SoupServer can lead to HTTP request
  smuggling and potential DoS (bsc#1257597).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places