CLSA-2026-1776965055

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1776965055.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2026-1776965055
Upstream
Published
2026-04-23T17:24:20Z
Modified
2026-06-04T09:45:11.725179507Z
Summary
Fix CVE(s): CVE-2025-32988, CVE-2025-32990
Details
  • SECURITY UPDATE: heap buffer overflow in certtool template parsing
    • debian/patches/CVE-2025-32990.patch: use calloc(MAXENTRIES + 1) instead of malloc(MAXENTRIES) in READMULTILINE and READMULTILINE_TOKENIZED macros in src/certtool-cfg.c.
    • CVE-2025-32990
  • SECURITY UPDATE: double free when exporting othernames in SAN
    • debian/patches/CVE-2025-32988.patch: remove erroneous asn1deletestructure calls on non-owned ext parameter in gnutlswritenewothername in lib/x509/extensions.c.
    • CVE-2025-32988
References

Affected packages

TuxCare:Ubuntu:20.04
gnutls-bin

Package

Name
gnutls-bin
Purl
pkg:deb/tuxcare/gnutls-bin?distro=ubuntu-20.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.6.13-2ubuntu1.12+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1776965055.json"
gnutls-doc

Package

Name
gnutls-doc
Purl
pkg:deb/tuxcare/gnutls-doc?distro=ubuntu-20.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.6.13-2ubuntu1.12+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1776965055.json"
guile-gnutls

Package

Name
guile-gnutls
Purl
pkg:deb/tuxcare/guile-gnutls?distro=ubuntu-20.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.6.13-2ubuntu1.12+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1776965055.json"
libgnutls-dane0

Package

Name
libgnutls-dane0
Purl
pkg:deb/tuxcare/libgnutls-dane0?distro=ubuntu-20.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.6.13-2ubuntu1.12+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1776965055.json"
libgnutls-openssl27

Package

Name
libgnutls-openssl27
Purl
pkg:deb/tuxcare/libgnutls-openssl27?distro=ubuntu-20.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.6.13-2ubuntu1.12+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1776965055.json"
libgnutls28-dev

Package

Name
libgnutls28-dev
Purl
pkg:deb/tuxcare/libgnutls28-dev?distro=ubuntu-20.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.6.13-2ubuntu1.12+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1776965055.json"
libgnutls30

Package

Name
libgnutls30
Purl
pkg:deb/tuxcare/libgnutls30?distro=ubuntu-20.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.6.13-2ubuntu1.12+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1776965055.json"
libgnutlsxx28

Package

Name
libgnutlsxx28
Purl
pkg:deb/tuxcare/libgnutlsxx28?distro=ubuntu-20.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.6.13-2ubuntu1.12+tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1776965055.json"