RLSA-2026:20612

See a problem?
Please try reporting it to the source first.

Source

https://errata.rockylinux.org/RLSA-2026:20612

Import Source

https://storage.googleapis.com/resf-osv-data/RLSA-2026:20612.json

JSON Data

https://api.osv.dev/v1/vulns/RLSA-2026:20612

Upstream

CVE-2026-33845

CVE-2026-33846

CVE-2026-3832

CVE-2026-3833

CVE-2026-42009

CVE-2026-42010

CVE-2026-42011

CVE-2026-42012

CVE-2026-42013

CVE-2026-42014

CVE-2026-42015

CVE-2026-5260

CVE-2026-5419

Published

2026-06-02T18:03:08.506628Z

Modified

2026-06-02T18:25:39.713855542Z

Severity

8.2 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N CVSS Calculator

Summary

Important: gnutls security update

Details

The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS.

Security Fix(es):

gnutls: Fix qsort comparator in DTLS reassembly (CVE-2026-42009)
gnutls: Fix crashing on an underflow with a DTLS datagram (CVE-2026-33845)
gnutls: Fix RSA-PSK identity truncation (CVE-2026-42010)
gnutls: Fix case-sensitivity of domain name comparison in name constraints (CVE-2026-3833)
gnutls: Fix intersecting empty name constraints (CVE-2026-42011)
gnutls: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly (CVE-2026-33846)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References

Credits

- Rocky Enterprise Software Foundation
- Red Hat

Affected packages

Rocky Linux:9 / gnutls

Package

Name: gnutls
Purl: pkg:rpm/rocky-linux/gnutls?distro=rocky-linux-9&epoch=0

Affected ranges

Type

ECOSYSTEM

Events

Introduced

Fixed

0:3.8.10-4.el9_8

Database specific

{
    "yum_repository": "BaseOS"
}

Database specific

source

"https://storage.googleapis.com/resf-osv-data/RLSA-2026:20612.json"