Libsoup is an HTTP library implementation in C. It was originally part of a SOAP (Simple Object Access Protocol) implementation called Soup, but the SOAP and non-SOAP parts have now been split into separate packages.
Security Fix(es):
A flaw was found in libsoup. When establishing HTTPS tunnels through a configured HTTP proxy, sensitive session cookies are transmitted in cleartext within the initial HTTP CONNECT request. A network-positioned attacker or a malicious HTTP proxy can intercept these cookies, leading to potential session hijacking or user impersonation.(CVE-2026-5119)
{
"severity": "High"
}{
"noarch": [
"libsoup3-help-3.4.5-14.oe2403.noarch.rpm"
],
"src": [
"libsoup3-3.4.5-14.oe2403.src.rpm"
],
"x86_64": [
"libsoup3-3.4.5-14.oe2403.x86_64.rpm",
"libsoup3-debuginfo-3.4.5-14.oe2403.x86_64.rpm",
"libsoup3-debugsource-3.4.5-14.oe2403.x86_64.rpm",
"libsoup3-devel-3.4.5-14.oe2403.x86_64.rpm"
],
"aarch64": [
"libsoup3-3.4.5-14.oe2403.aarch64.rpm",
"libsoup3-debuginfo-3.4.5-14.oe2403.aarch64.rpm",
"libsoup3-debugsource-3.4.5-14.oe2403.aarch64.rpm",
"libsoup3-devel-3.4.5-14.oe2403.aarch64.rpm"
]
}