Security News

Cybersecurity news aggregator

🐧
MEDIUM Updates Ubuntu Security

USN-8020-1: libsoup vulnerabilities

ubuntulinuxcve-2026-1467cve-2026-1536cve-2026-1539
  • What: Ubuntu released security updates for libsoup, addressing HTTP header injection and information leakage vulnerabilities.
  • Impact: Remote attackers could cause a denial of service, execute arbitrary code, or leak sensitive information.
  • Affected: libsoup3 on Ubuntu 25.10, 24.04 LTS, and 22.04 LTS.
  • CVE: CVE-2026-1467, CVE-2026-1536, CVE-2026-1539
Read Full Article →

Ubuntu Security Notices USN-8020-1 USN-8020-1: libsoup vulnerabilities Publication date 8 February 2026 Overview Several security issues were fixed in libsoup. Releases 25.10 24.04 LTS 22.04 LTS Packages libsoup3 - HTTP client/server library for GNOME Details It was discovered that libsoup did not correctly handle certain URL-decoded input, which could allow for HTTP header injection. A remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. ( CVE-2026-1467 , CVE-2026-1536 ) It was discovered that libsoup did not correctly handle removal of the Proxy-Authorization header. A remote attacker could possibly use this issue to leak sensitive information. ( CVE-2026-1539 ) It was discovered that libsoup did not correctly handle certain URL-decoded input, which could allow for HTTP header injection. A remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. ( CVE-2026-1467 , CVE-2026-1536 ) It was discovered that libsoup did not correctly handle removal of the Proxy-Authorization header. A remote attacker could possibly use this issue to leak sensitive information. ( CVE-2026-1539 ) Update instructions In general, a standard system update will make all the necessary changes. Learn more about how to get the fixes. The problem can be corrected by updating your system to the following package versions: Ubuntu Release Package Version 25.10 questing gir1.2-soup-3.0 – 3.6.5-4ubuntu0.2 libsoup-3.0-0 – 3.6.5-4ubuntu0.2 libsoup-3.0-common – 3.6.5-4ubuntu0.2 libsoup-3.0-dev – 3.6.5-4ubuntu0.2 libsoup-3.0-doc – 3.6.5-4ubuntu0.2 libsoup-3.0-tests – 3.6.5-4ubuntu0.2 24.04 LTS noble gir1.2-soup-3.0 – 3.4.4-5ubuntu0.7 libsoup-3.0-0 – 3.4.4-5ubuntu0.7 libsoup-3.0-common – 3.4.4-5ubuntu0.7 libsoup-3.0-dev – 3.4.4-5ubuntu0.7 libsoup-3.0-doc – 3.4.4-5ubuntu0.7 libsoup-3.0-tests – 3.4.4-5ubuntu0.7 22.04 LTS jammy gir1.2-soup-3.0 – 3.0.7-0ubuntu1+esm7 libsoup-3.0-0 – 3.0.7-0ubuntu1+esm7 libsoup-3.0-common – 3.0.7-0ubuntu1+esm7 libsoup-3.0-dev – 3.0.7-0ubuntu1+esm7 libsoup-3.0-doc – 3.0.7-0ubuntu1+esm7 libsoup-3.0-tests – 3.0.7-0ubuntu1+esm7 Reduce your security exposure Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines. Get Ubuntu Pro References CVE-2026-1539 CVE-2026-1536 CVE-2026-1467 CVE-2026-1539 CVE-2026-1536 CVE-2026-1467

Related Articles

HIGH [NEU] [mittel] Siemens SIMATIC S7: Schwachstelle ermöglicht Denial of Service BSI Germany HIGH Multiples vulnérabilités dans le noyau Linux d'Ubuntu (30 janvier 2026) CERT-FR (ANSSI) MEDIUM USN-8010-1: pip vulnerabilities Ubuntu Security MEDIUM USN-8013-1: Linux kernel vulnerabilities Ubuntu Security
Read Full Article → ← Back to News

Share this article

Twitter Facebook LinkedIn