ALSA-2026:20613

See a problem?
Import Source
https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:20613.json
JSON Data
https://api.osv.dev/v1/vulns/ALSA-2026:20613
Related
Published
2026-05-26T00:00:00Z
Modified
2026-07-08T14:44:29.355204923Z
Summary
Important: gnutls security update
Details

The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library,
which implements cryptographic algorithms and protocols such as SSL, TLS, and
DTLS.

Security Fix(es):

  • gnutls: Fix qsort comparator in DTLS reassembly (CVE-2026-42009)
  • gnutls: Fix crashing on an underflow with a DTLS datagram (CVE-2026-33845)
  • gnutls: Fix RSA-PSK identity truncation (CVE-2026-42010)
  • gnutls: Fix case-sensitivity of domain name comparison in name constraints (CVE-2026-3833)
  • gnutls: Fix intersecting empty name constraints (CVE-2026-42011)
  • gnutls: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly (CVE-2026-33846)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.

References

Affected packages

AlmaLinux:10
gnutls

Package

Name
gnutls
Purl
pkg:rpm/almalinux/gnutls

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.8.10-4.el10_2

Database specific

source
"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:20613.json"
gnutls-c++

Package

Name
gnutls-c++
Purl
pkg:rpm/almalinux/gnutls-c%2B%2B

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.8.10-4.el10_2

Database specific

source
"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:20613.json"
gnutls-dane

Package

Name
gnutls-dane
Purl
pkg:rpm/almalinux/gnutls-dane

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.8.10-4.el10_2

Database specific

source
"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:20613.json"
gnutls-devel

Package

Name
gnutls-devel
Purl
pkg:rpm/almalinux/gnutls-devel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.8.10-4.el10_2

Database specific

source
"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:20613.json"
gnutls-fips

Package

Name
gnutls-fips
Purl
pkg:rpm/almalinux/gnutls-fips

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.8.10-4.el10_2

Database specific

source
"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:20613.json"
gnutls-utils

Package

Name
gnutls-utils
Purl
pkg:rpm/almalinux/gnutls-utils

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.8.10-4.el10_2

Database specific

source
"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux10/ALSA-2026:20613.json"