CLSA-2026:1780068674

[CLSA-2026:1780068674] gnutls: Fix of 8 CVEs

Type:

security

Severity:

Important

Release date:

2026-05-29 15:31:18 UTC

Description:

- CVE-2026-33846: DTLS handshake reassembly add more checks (buffers.c)
- CVE-2026-42009: DTLS reorder qsort with duplicate sequence numbers
- CVE-2026-42011: X.509 name constraints intersection of empty constraints
- CVE-2026-42012: URI/SRV SAN preclude CN fallback
- CVE-2026-42013: prevent fallback on oversized SAN
- CVE-2026-42014: PKCS#11 token set_pin UAF + leak
- CVE-2026-5260: PKCS#11 RSA short-ciphertext overread; ciphertext must match modulus size
- CVE-2026-42015: PKCS#12 bag-element off-by-one bound check

Updated packages:

gnutls-3.6.16-4.el8.tuxcare.els12.i686.rpm
sha:94bbdf2b31ad0e711d2b0cdad399420c0c1575cd7543e1e784d58eea5f5ed2d0
gnutls-3.6.16-4.el8.tuxcare.els12.x86_64.rpm
sha:6b2aa11f731af291f25621909c3cb4279657e8bfffbaf9178f2db4a0a481911d
gnutls-c++-3.6.16-4.el8.tuxcare.els12.i686.rpm
sha:ff56f116f2390c8557e6cc4e4690b32452e687d2afaa37ad1392025c55fd54ca
gnutls-c++-3.6.16-4.el8.tuxcare.els12.x86_64.rpm
sha:51747c587f23208c698a2688f84752e0c9924a1f8bab41d071b958bd2d7826e5
gnutls-dane-3.6.16-4.el8.tuxcare.els12.i686.rpm
sha:8fb06b57564062de091ff8b97903bac9af3b71e079a64898f321ec37bd1178f4
gnutls-dane-3.6.16-4.el8.tuxcare.els12.x86_64.rpm
sha:b91b45f6c91d0d618de890edfd7fb1211569e8688003434fabd693de84c5ca6a
gnutls-devel-3.6.16-4.el8.tuxcare.els12.i686.rpm
sha:beb54d3a88095e8bd3f2a5b21efc7d343469247b7b1e3b4e49571b5d0d09a949
gnutls-devel-3.6.16-4.el8.tuxcare.els12.x86_64.rpm
sha:05d2621cbcecdbb2118a6553c901c5722254e1ca07e9ea3ba08649b44806e2e6
gnutls-utils-3.6.16-4.el8.tuxcare.els12.x86_64.rpm
sha:f6659be9216c59e58cc9458c0bad2314284c46488995ce84f937da062798507b

Notes:

This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.