Release date:
2026-07-14 08:39:50 UTC
Description:
* SECURITY UPDATE: heap buffer overflow in DTLS handshake reassembly
- debian/patches/CVE-2026-33846.patch: add length-consistency and array
bounds checks in merge_handshake_packet in lib/gnutls_buffers.c to reject
DTLS fragments with mismatching or oversized claimed length
- CVE-2026-33846
* SECURITY UPDATE: denial of service via non-conforming qsort comparator
- debian/patches/CVE-2026-42009.patch: return 0 for equal sequence numbers
in handshake_compare in lib/gnutls_buffers.c so DTLS packet ordering
follows the qsort strict-weak-ordering contract
- CVE-2026-42009
Updated packages:
-
gnutls-bin_3.4.10-4ubuntu1.9+tuxcare.els3_amd64.deb
sha:ae4741f449a9bc323320fe4ab8fdaa30fea48456
-
gnutls-doc_3.4.10-4ubuntu1.9+tuxcare.els3_all.deb
sha:62416bd4b8cc0335b676207edf73beb1e7b75d4a
-
guile-gnutls_3.4.10-4ubuntu1.9+tuxcare.els3_amd64.deb
sha:658d85372470d7578ff0916cd8935eac4aafd649
-
libgnutls-dev_3.4.10-4ubuntu1.9+tuxcare.els3_amd64.deb
sha:54e802bec9f2413f0252dbd26444be19c3d1cc92
-
libgnutls-openssl27_3.4.10-4ubuntu1.9+tuxcare.els3_amd64.deb
sha:29a95fa04a065bd9f9909bcd1b82b9ee0be11ae4
-
libgnutls28-dev_3.4.10-4ubuntu1.9+tuxcare.els3_amd64.deb
sha:bdec54d5c37ceae2a0e18732aeb3beafa2a8ab5c
-
libgnutls30_3.4.10-4ubuntu1.9+tuxcare.els3_amd64.deb
sha:6709ae6da7ea9ad510e1dc1f1a3748623c4f9c70
-
libgnutlsxx28_3.4.10-4ubuntu1.9+tuxcare.els3_amd64.deb
sha:a0a71bb05951c42e8df9db53af431ecbb4b3d04b
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.