SUSE-SU-2026:0253-1 | Mondoo Vulnerability Intelligence

SUSE-SU-2026:0253-1

UNKNOWN

Security update for libsoup2

Published Jan 22, 2026

Modified 1 months ago

Fix available

Details

This update for libsoup2 fixes the following issues:

CVE-2025-14523: Reject duplicated Host in headers and followed upstream update (bsc#1254876).
CVE-2026-0719: Fixed overflow for password md4sum (bsc#1256399)

Affected Packages

libsoup-2_4-1

SUSE Linux Enterprise Module for Basesystem 15 SP7SUSE Linux Enterprise Server 15 SP6-LTSSSUSE Linux Enterprise Server for SAP Applications 15 SP6openSUSE Leap 15.6

Fixed in:

2.74.3-150600.4.19.1

libsoup2

SUSE Linux Enterprise Module for Basesystem 15 SP7SUSE Linux Enterprise Server 15 SP6-LTSSSUSE Linux Enterprise Server for SAP Applications 15 SP6openSUSE Leap 15.6

Fixed in:

2.74.3-150600.4.19.1

libsoup2-devel

SUSE Linux Enterprise Module for Basesystem 15 SP7SUSE Linux Enterprise Server 15 SP6-LTSSSUSE Linux Enterprise Server for SAP Applications 15 SP6openSUSE Leap 15.6

Fixed in:

2.74.3-150600.4.19.1

libsoup2-lang

SUSE Linux Enterprise Module for Basesystem 15 SP7SUSE Linux Enterprise Server 15 SP6-LTSSSUSE Linux Enterprise Server for SAP Applications 15 SP6openSUSE Leap 15.6

Fixed in:

2.74.3-150600.4.19.1

typelib-1_0-Soup-2_4

SUSE Linux Enterprise Module for Basesystem 15 SP7SUSE Linux Enterprise Server 15 SP6-LTSSSUSE Linux Enterprise Server for SAP Applications 15 SP6openSUSE Leap 15.6

Fixed in:

2.74.3-150600.4.19.1

libsoup-2_4-1-32bit

openSUSE Leap 15.6

Fixed in:

2.74.3-150600.4.19.1

libsoup2-devel-32bit

openSUSE Leap 15.6

Fixed in:

2.74.3-150600.4.19.1

References

https://bugzilla.suse.com/1254876

https://bugzilla.suse.com/1256399

https://www.suse.com/security/cve/CVE-2025-14523

https://www.suse.com/security/cve/CVE-2026-0719

https://www.suse.com/support/update/announcement/2026/suse-su-20260253-1/

Upstream

CVE-2025-14523 CVE-2026-0719

Related

CVE-2025-14523 CVE-2026-0719

Ecosystems

SUSE Linux Enterprise Module for Basesystem 15 SP7 SUSE Linux Enterprise Server 15 SP6-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SP6 openSUSE Leap 15.6

Timeline

PublishedJan 22, 2026

ModifiedJan 22, 2026