First published: Thu Nov 14 2024(Updated: )
Important: libsoup security update
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/libsoup | <2.62.2-3.el7_9 | 2.62.2-3.el7_9 |
redhat/libsoup | <2.62.2-3.el7_9 | 2.62.2-3.el7_9 |
redhat/libsoup-debuginfo | <2.62.2-3.el7_9 | 2.62.2-3.el7_9 |
redhat/libsoup-debuginfo | <2.62.2-3.el7_9 | 2.62.2-3.el7_9 |
redhat/libsoup-devel | <2.62.2-3.el7_9 | 2.62.2-3.el7_9 |
redhat/libsoup-devel | <2.62.2-3.el7_9 | 2.62.2-3.el7_9 |
redhat/libsoup | <2.62.2-3.el7_9 | 2.62.2-3.el7_9 |
redhat/libsoup-debuginfo | <2.62.2-3.el7_9 | 2.62.2-3.el7_9 |
redhat/libsoup-devel | <2.62.2-3.el7_9 | 2.62.2-3.el7_9 |
Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, little endian | ||
Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, big endian | ||
Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) | ||
Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The severity of RHSA-2024:9654 is classified as important.
To fix RHSA-2024:9654, update the libsoup package to version 2.62.2-3.el7_9.
RHSA-2024:9654 affects various versions of Red Hat Enterprise Linux Server and related packages.
The vulnerability in RHSA-2024:9654 involves HTTP request smuggling via stripping null bytes from header names.
Currently, there are no known workarounds for addressing the vulnerability in RHSA-2024:9654.