Overview

File _patchinfo of Package patchinfo.42597

<patchinfo incident="42597">
  <issue tracker="cve" id="2026-1761"/>
  <issue tracker="bnc" id="1257598">VUL-0: CVE-2026-1761: libsoup,libsoup2: incorrect length calculation when parsing of multipart HTTP responses can lead to a stack-based buffer overflow</issue>
  <issue tracker="cve" id="2026-0716"/>
  <issue tracker="bnc" id="1256418">VUL-0: CVE-2026-0716: libsoup: improper bounds handling may allow out-of-bounds read</issue>
  <issue tracker="cve" id="2025-4476"/>
  <issue tracker="bnc" id="1243422">VUL-0: CVE-2025-4476: libsoup,libsoup2: libsoup: null pointer dereference may lead to denial of service</issue>
  <packager>JonathanKang</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for libsoup2</summary>
  <description>This update for libsoup2 fixes the following issues:

- CVE-2026-1761: Check length of bytes read in soup_filter_input_stream_read_until to avoid a stack-based buffer
  overflow (bsc#1257598).
- CVE-2026-0716: improper bounds handling may allow out-of-bounds read (bsc#1256418).
- CVE-2025-4476: null pointer dereference may lead to denial of service (bsc#1243422).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places