ALSA-2025:16116

[ALSA-2025:16116] Moderate: gnutls security, bug fix, and enhancement update

Type:

security

Severity:

moderate

Release date:

2025-09-29

Description:

The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS.  

Security Fix(es):  

  * gnutls: Vulnerability in GnuTLS certtool template parsing (CVE-2025-32990)
  * gnutls: Vulnerability in GnuTLS SCT extension parsing (CVE-2025-32989)
  * gnutls: Vulnerability in GnuTLS otherName SAN export (CVE-2025-32988)
  * gnutls: NULL pointer dereference in _gnutls_figure_common_ciphersuite() (CVE-2025-6395)


Bug Fix(es) and Enhancement(s):  

  * gnutls: Vulnerability in GnuTLS certtool template parsing (BZ#2359620)
  * gnutls: Vulnerability in GnuTLS SCT extension parsing (BZ#2359621)
  * gnutls: Vulnerability in GnuTLS otherName SAN export (BZ#2359622)
  * gnutls: NULL pointer dereference in _gnutls_figure_common_ciphersuite() (BZ#2376755)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	gnutls-3.8.3-6.el9_6.2.aarch64.rpm	220fee586fc9bb801f90443a8ebd690489c9b87e71ba7b72af8e08cbe0b0e1b8
aarch64	gnutls-dane-3.8.3-6.el9_6.2.aarch64.rpm	355d8fd6e812454187f0e53eb6761dfab32029dbc29781c1f994325700a564e1
aarch64	gnutls-devel-3.8.3-6.el9_6.2.aarch64.rpm	aa54d53fbbc77f82fbccc35d4f2f39734413a1e9adbbf2ffd880a0ffae3dd309
aarch64	gnutls-c++-3.8.3-6.el9_6.2.aarch64.rpm	c5a5ecc86581d717618ca06ca2a6dcc6b7108649326e46d92f096581f6296abc
aarch64	gnutls-utils-3.8.3-6.el9_6.2.aarch64.rpm	ffb4823c9d4d0f698cb03acb02b83a76cb5df03f95116f69e02c36758617fdd0
i686	gnutls-devel-3.8.3-6.el9_6.2.i686.rpm	296e3764c4cfc5a8eb169e869c49e2134af246543e2052dfae73cc7214e7530c
i686	gnutls-dane-3.8.3-6.el9_6.2.i686.rpm	d88c96e2d1e410c5f3431aecb4fb91879af01be7e63e9f98afbebf06d1164a7b
i686	gnutls-c++-3.8.3-6.el9_6.2.i686.rpm	e4769e91966fb9886e74c4adb95359c78e7c8fde09d25bd92c8c8c43a44b124d
i686	gnutls-3.8.3-6.el9_6.2.i686.rpm	eab218d1ae661b6e6ce83bc2156714c9481aebd833934de6baa34ed2d6fc7714
ppc64le	gnutls-c++-3.8.3-6.el9_6.2.ppc64le.rpm	0ed2b16f8c533f1799dee6529e1e1917432d564fdc07e10cc30dbddf48d3d41b
ppc64le	gnutls-dane-3.8.3-6.el9_6.2.ppc64le.rpm	172798364aadfe92927790ab0f097303c092468ea8c7f5fad9065b5fdcf3bc6c
ppc64le	gnutls-utils-3.8.3-6.el9_6.2.ppc64le.rpm	2182f78d2c0d32c1b271277b426ba4d90e76c370eb6d64a479eb80191bd646ea
ppc64le	gnutls-devel-3.8.3-6.el9_6.2.ppc64le.rpm	63f240ade800eec2565d5b9bf34f5d738ed10e1e8d384f3d9d03354b1ac3a836
ppc64le	gnutls-3.8.3-6.el9_6.2.ppc64le.rpm	d0a9932db0b56655c9ed86c66d2b03de6a3dde6ecbca612a0e52e817d7af8af4
s390x	gnutls-dane-3.8.3-6.el9_6.2.s390x.rpm	0b2cae36a163bbba971aed531194ae79a9a799d2c701917190199b25e07df22e
s390x	gnutls-c++-3.8.3-6.el9_6.2.s390x.rpm	a61c1305420def423e09b261b743ac1976890a8c49e8d1e24ff1087531799071
s390x	gnutls-devel-3.8.3-6.el9_6.2.s390x.rpm	aef80a336f54495c98097a0e4c14110c71efed2ceead3fff21cc2a1164098eaf
s390x	gnutls-3.8.3-6.el9_6.2.s390x.rpm	e6c495d838eb9d9a8359253c60e2881f611c887d0f8daa44b1c818cab4965016
s390x	gnutls-utils-3.8.3-6.el9_6.2.s390x.rpm	ea4eac035958d263b76e1439d6525602bda9473fd7d516e4922035d283dcc4b3
x86_64	gnutls-c++-3.8.3-6.el9_6.2.x86_64.rpm	1a9a7334983362e14076c2e4bb23c1d20115d8aaec3aaa8c8123107a5fdf0cca
x86_64	gnutls-dane-3.8.3-6.el9_6.2.x86_64.rpm	43e090ecf65518cd6e163466a6f50ada60d6a4b6c65df8727ce184fb05817bc3
x86_64	gnutls-utils-3.8.3-6.el9_6.2.x86_64.rpm	4a3a0448f3f8d65f68cee8b74eaad5b34efe67a4520fc53de77ced20fe262964
x86_64	gnutls-devel-3.8.3-6.el9_6.2.x86_64.rpm	5cadf1325c3721ac449b070f1f81f966d065d414f82cf8acec6eb08332ebcb49
x86_64	gnutls-3.8.3-6.el9_6.2.x86_64.rpm	e43afba5f9918c4e4020d1e1f3c6c76541f9b08354d8dfa9c0f4db4a93014890

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.