Release Info

Advisory: CLSA-2025:1762792127

OS: CentOS 7 ELS

Public date: 2025-11-10 16:28:52.297081

Project: libsoup

Version: 2.62.2-2.0.5.el7.tuxcare.els1

Errata link: https://errata.tuxcare.com/els_os/centos7els/CLSA-2025-1762792127.html

Changelog

- CVE-2025-4948: fix integer underflow in soup_multipart_new_from_message() - CVE-2025-32049: fix Denial of Service attack to websocket server - CVE-2025-32914: fix OOB Read through soup_multipart_new_from_message()

Update

Update command: yum update libsoup*

Packages list

libsoup-2.62.2-2.0.5.el7.tuxcare.els1.i686.rpm libsoup-2.62.2-2.0.5.el7.tuxcare.els1.x86_64.rpm libsoup-devel-2.62.2-2.0.5.el7.tuxcare.els1.i686.rpm libsoup-devel-2.62.2-2.0.5.el7.tuxcare.els1.x86_64.rpm

CVEs

CVE-2025-32049
CVE-2025-32914
CVE-2025-4948