ELSA-2025-18183

ELSA-2025-18183 - libsoup3 security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2025-10-16

Description

[3.6.5-7]
- Fix handling of invalid dates in cookie expires attribute
(CVE-2025-11021)

[3.6.5-6]
- Add patch for CVE-2025-32907

[3.6.5-5]
- Fix release field

[3.6.5-4]
- Fix several CVEs

Related CVEs

CVE-2025-11021

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label
Oracle Linux 10 (aarch64)	libsoup3-3.6.5-3.el10_0.7.src.rpm	a44ed07d4f747ee584eb8948d9ac42cab4bf67a844e7ad80cfb997cc73c7f1ae	-	ol10_aarch64_appstream
	libsoup3-3.6.5-3.el10_0.7.src.rpm	a44ed07d4f747ee584eb8948d9ac42cab4bf67a844e7ad80cfb997cc73c7f1ae	-	ol10_aarch64_codeready_builder
	libsoup3-3.6.5-3.el10_0.7.aarch64.rpm	62fb6677d367771ecb2552c4818bc0521fe342fda019ec7e5529c5d52ba47c09	-	ol10_aarch64_appstream
	libsoup3-devel-3.6.5-3.el10_0.7.aarch64.rpm	734157b22c28db1f66dbc82b32acdf3778d0d592ba4e4cd5565ddccd366a7d0a	-	ol10_aarch64_appstream
	libsoup3-doc-3.6.5-3.el10_0.7.noarch.rpm	6439c2634ff979f792ed277d436a47ce7d6c75e97ca924dc5aee1df1dbb0c8f7	-	ol10_aarch64_codeready_builder
Oracle Linux 10 (x86_64)	libsoup3-3.6.5-3.el10_0.7.src.rpm	a44ed07d4f747ee584eb8948d9ac42cab4bf67a844e7ad80cfb997cc73c7f1ae	-	ol10_x86_64_appstream
	libsoup3-3.6.5-3.el10_0.7.src.rpm	a44ed07d4f747ee584eb8948d9ac42cab4bf67a844e7ad80cfb997cc73c7f1ae	-	ol10_x86_64_codeready_builder
	libsoup3-3.6.5-3.el10_0.7.x86_64.rpm	415c72a9f4d094fe065bb6f6faa53d7ae387cd94b6bbcb386c452ad68e3a4479	-	ol10_x86_64_appstream
	libsoup3-devel-3.6.5-3.el10_0.7.x86_64.rpm	2dbc05d1df5b4fb146deb011e5dcdb4915c969815d76b3f518b9bcaf4683bf68	-	ol10_x86_64_appstream
	libsoup3-doc-3.6.5-3.el10_0.7.noarch.rpm	6439c2634ff979f792ed277d436a47ce7d6c75e97ca924dc5aee1df1dbb0c8f7	-	ol10_x86_64_codeready_builder

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team