CLSA-2025-1758915545

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2025-1758915545.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2025-1758915545
Upstream
Published
2025-09-26T19:39:09Z
Modified
2026-06-04T09:46:52.332526956Z
Summary
Fix CVE(s): CVE-2025-32988, CVE-2025-32990
Details
  • SECURITY UPDATE: double-free when exporting SAN otherName
    • debian/patches/CVE-2025-32988.patch: fix double-free triggered when exporting certificates with multiple SAN otherName entries.
    • CVE-2025-32988
  • SECURITY UPDATE: 1-byte heap write in certtool template parsing
    • debian/patches/CVE-2025-32990.patch: prevent 1-byte heap overwrite caused by malformed certificate template input in certtool.
    • CVE-2025-32990
References

Affected packages

TuxCare:Ubuntu:16.04
gnutls-bin

Package

Name
gnutls-bin
Purl
pkg:deb/tuxcare/gnutls-bin?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.4.10-4ubuntu1.9+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2025-1758915545.json"
gnutls-doc

Package

Name
gnutls-doc
Purl
pkg:deb/tuxcare/gnutls-doc?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.4.10-4ubuntu1.9+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2025-1758915545.json"
guile-gnutls

Package

Name
guile-gnutls
Purl
pkg:deb/tuxcare/guile-gnutls?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.4.10-4ubuntu1.9+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2025-1758915545.json"
libgnutls-dev

Package

Name
libgnutls-dev
Purl
pkg:deb/tuxcare/libgnutls-dev?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.4.10-4ubuntu1.9+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2025-1758915545.json"
libgnutls-openssl27

Package

Name
libgnutls-openssl27
Purl
pkg:deb/tuxcare/libgnutls-openssl27?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.4.10-4ubuntu1.9+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2025-1758915545.json"
libgnutls28-dev

Package

Name
libgnutls28-dev
Purl
pkg:deb/tuxcare/libgnutls28-dev?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.4.10-4ubuntu1.9+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2025-1758915545.json"
libgnutls30

Package

Name
libgnutls30
Purl
pkg:deb/tuxcare/libgnutls30?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.4.10-4ubuntu1.9+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2025-1758915545.json"
libgnutlsxx28

Package

Name
libgnutlsxx28
Purl
pkg:deb/tuxcare/libgnutlsxx28?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.4.10-4ubuntu1.9+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2025-1758915545.json"