Release date:
2026-06-13 10:30:22 UTC
Description:
- CVE-2026-42009: fix DTLS handshake_compare qsort comparator contract violation (undefined behaviour)
- CVE-2026-33846: add DTLS reassembly fragment length/bounds checks (heap overwrite)
- CVE-2026-42012: URI subjectAltName now precludes Common Name fallback in hostname verification
- CVE-2026-42013: oversized subjectAltName now precludes Common Name fallback in hostname verification
- CVE-2026-5260: guard PKCS#11 RSA decryption against short-ciphertext heap overread
Updated packages:
-
gnutls-3.3.29-9.el7_9.tuxcare.els5.i686.rpm
sha:1b566729e77063482ff0c318633381f9a6e53921adaa78afa03328f33f86826c
-
gnutls-3.3.29-9.el7_9.tuxcare.els5.x86_64.rpm
sha:b5a2f86871d0779fbd4268e49e00f65c716bfc58cf4d77df7291a906f6123a36
-
gnutls-c++-3.3.29-9.el7_9.tuxcare.els5.i686.rpm
sha:8f664f83f700a428ed044bf0f471250e5e789604cf1eb4c9f04a8dfcab2d991a
-
gnutls-c++-3.3.29-9.el7_9.tuxcare.els5.x86_64.rpm
sha:68ff1ecb53aebee8c6db85fdf52eeae0318a80eeefbc131571ca8358623caf25
-
gnutls-dane-3.3.29-9.el7_9.tuxcare.els5.i686.rpm
sha:d71b760c8eeb2f875fcbe38e61355934a9a36a61394ae4787809b3b1f7e69f0f
-
gnutls-dane-3.3.29-9.el7_9.tuxcare.els5.x86_64.rpm
sha:6409e9ffb747f3bfc6798ab792e9fc4be3df869a49867665bbe4b02baa664bc5
-
gnutls-devel-3.3.29-9.el7_9.tuxcare.els5.i686.rpm
sha:4a5695449ff0b43041d5582a46f069cd4c66974727e3064be06389ca6e4029e2
-
gnutls-devel-3.3.29-9.el7_9.tuxcare.els5.x86_64.rpm
sha:f9b712d7e4836caedc463bcf93738dbbb6ec479238cbdf927d9d3fe92aa89b64
-
gnutls-utils-3.3.29-9.el7_9.tuxcare.els5.x86_64.rpm
sha:304fff07ddcc35adbaa360f82aa3afcc503ac5a4547699caba8dba20cf81fcb4
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
