Release date:
2026-04-23 17:24:20 UTC
Description:
* SECURITY UPDATE: heap buffer overflow in certtool template parsing
- debian/patches/CVE-2025-32990.patch: use calloc(MAX_ENTRIES + 1)
instead of malloc(MAX_ENTRIES) in READ_MULTI_LINE and
READ_MULTI_LINE_TOKENIZED macros in src/certtool-cfg.c.
- CVE-2025-32990
* SECURITY UPDATE: double free when exporting othernames in SAN
- debian/patches/CVE-2025-32988.patch: remove erroneous
asn1_delete_structure calls on non-owned ext parameter in
_gnutls_write_new_othername in lib/x509/extensions.c.
- CVE-2025-32988
Updated packages:
-
gnutls-bin_3.6.13-2ubuntu1.12+tuxcare.els1_amd64.deb
sha:2da7e7fd61e02fbe3ad189eb9d3d683a678924c4
-
gnutls-doc_3.6.13-2ubuntu1.12+tuxcare.els1_all.deb
sha:c1b80e8dae211e690568807bd569e8725145b69e
-
guile-gnutls_3.6.13-2ubuntu1.12+tuxcare.els1_amd64.deb
sha:3feb3f6479ea6ab91d028d7dc1aa48d2aa4e2cba
-
libgnutls-dane0_3.6.13-2ubuntu1.12+tuxcare.els1_amd64.deb
sha:c7d111f484346abf05dd2cd459cb9455fd6a0c98
-
libgnutls-openssl27_3.6.13-2ubuntu1.12+tuxcare.els1_amd64.deb
sha:b2362472ec13845b82bc924836b8705058f60e13
-
libgnutls28-dev_3.6.13-2ubuntu1.12+tuxcare.els1_amd64.deb
sha:2f049e21b9eaebf7f1d5907bc1439cdf7bc0c001
-
libgnutls30_3.6.13-2ubuntu1.12+tuxcare.els1_amd64.deb
sha:94820f4d6386841b44d0bd307582d1871135d06b
-
libgnutlsxx28_3.6.13-2ubuntu1.12+tuxcare.els1_amd64.deb
sha:5d5aecdb1cb51071cc67071d6d0fa00a178ecd97
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
