CLSA-2026-1778832314

See a problem?

Import Source

https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778832314.json

JSON Data

https://api.osv.dev/v1/vulns/CLSA-2026-1778832314

Upstream

CVE-2026-3833

Published

2026-05-15T08:05:22Z

Modified

2026-06-04T09:45:11.864920747Z

Summary

Fix CVE(s): CVE-2026-3833

Details

SECURITY UPDATE: Certificate policy bypass via case-sensitive nameConstraints
- debian/patches/CVE-2026-3833.patch: replace memcmp with cstrncasecmp in endswith, emailendswith, dnsnamematches and emailmatches in lib/x509/name_constraints.c so DNS labels and email domains are compared case-insensitively per RFC 5280 7.2
- CVE-2026-3833

References

https://errata.tuxcare.com/els_os/ubuntu20.04els/CLSA-2026-1778832314.html

Affected packages

TuxCare:Ubuntu:20.04

gnutls-bin

Package

Name: gnutls-bin
Purl: pkg:deb/tuxcare/gnutls-bin?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.6.13-2ubuntu1.12+tuxcare.els3

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778832314.json"

gnutls-doc

Package

Name: gnutls-doc
Purl: pkg:deb/tuxcare/gnutls-doc?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.6.13-2ubuntu1.12+tuxcare.els3

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778832314.json"

guile-gnutls

Package

Name: guile-gnutls
Purl: pkg:deb/tuxcare/guile-gnutls?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.6.13-2ubuntu1.12+tuxcare.els3

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778832314.json"

libgnutls-dane0

Package

Name: libgnutls-dane0
Purl: pkg:deb/tuxcare/libgnutls-dane0?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.6.13-2ubuntu1.12+tuxcare.els3

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778832314.json"

libgnutls-openssl27

Package

Name: libgnutls-openssl27
Purl: pkg:deb/tuxcare/libgnutls-openssl27?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.6.13-2ubuntu1.12+tuxcare.els3

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778832314.json"

libgnutls28-dev

Package

Name: libgnutls28-dev
Purl: pkg:deb/tuxcare/libgnutls28-dev?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.6.13-2ubuntu1.12+tuxcare.els3

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778832314.json"

libgnutls30

Package

Name: libgnutls30
Purl: pkg:deb/tuxcare/libgnutls30?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.6.13-2ubuntu1.12+tuxcare.els3

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778832314.json"

libgnutlsxx28

Package

Name: libgnutlsxx28
Purl: pkg:deb/tuxcare/libgnutlsxx28?distro=ubuntu-20.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.6.13-2ubuntu1.12+tuxcare.els3

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu20.04els/CLSA-2026-1778832314.json"