[ALSA-2026:20612] Important: gnutls security update
Type:
security
Severity:
important
Release date:
2026-07-02
Description:
The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fix(es): * gnutls: Fix qsort comparator in DTLS reassembly (CVE-2026-42009) * gnutls: Fix crashing on an underflow with a DTLS datagram (CVE-2026-33845) * gnutls: Fix RSA-PSK identity truncation (CVE-2026-42010) * gnutls: Fix case-sensitivity of domain name comparison in name constraints (CVE-2026-3833) * gnutls: Fix intersecting empty name constraints (CVE-2026-42011) * gnutls: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly (CVE-2026-33846) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
Architecture Package Checksum
aarch64 gnutls-3.8.10-4.el9_8.aarch64.rpm 4ab0ea8b87305b6b3c2f767b5113ff7f75125efd4abcd66c0801e19415f0daf6
aarch64 gnutls-utils-3.8.10-4.el9_8.aarch64.rpm bbe8144414b8156044000eace13301119bad2bfa75c8ff3ed894c8d771679fd0
aarch64 gnutls-devel-3.8.10-4.el9_8.aarch64.rpm e02e97a8cfe497687661e206a64fd5b47d20955c797114375f59a2574524f67a
aarch64 gnutls-dane-3.8.10-4.el9_8.aarch64.rpm eb50264f08d44e339d209ad6f460378b0950958494b0f46a219d07747df227e8
aarch64 gnutls-c++-3.8.10-4.el9_8.aarch64.rpm fc0d0d4ddce091a083e2df4c10e880c4a1dc2cd64cc5230d6c7c256edb0f0d97
i686 gnutls-dane-3.8.10-4.el9_8.i686.rpm 2421e3ed612ddc73d8d68dea1703f5ed704a0c15b70309950f42cad6315f9b1e
i686 gnutls-c++-3.8.10-4.el9_8.i686.rpm 4870db39f4adca553373f034417cdaf726ccbef3af1379420ce49100626f4765
i686 gnutls-devel-3.8.10-4.el9_8.i686.rpm 9d09e24dd682d603975e98dbc059765b715c9f60bfffca2737f03633e9eaeceb
i686 gnutls-3.8.10-4.el9_8.i686.rpm a07367358c321ebb714d95f9f7a5a2805a55a910908541277240b5a064f2ff2e
ppc64le gnutls-c++-3.8.10-4.el9_8.ppc64le.rpm 089472caa31a88590580494b1c8b54bc09867b026477103868fdedda092e9291
ppc64le gnutls-utils-3.8.10-4.el9_8.ppc64le.rpm 5304df60bd8d04429efa9ae067a2ee207ecbadc84d9f0ba951605265cefd7d71
ppc64le gnutls-devel-3.8.10-4.el9_8.ppc64le.rpm 6b55c59f3dee8ddf3f53dba8c88e7b7fd0f81a294d8e69ef90ef598f44aa18cc
ppc64le gnutls-dane-3.8.10-4.el9_8.ppc64le.rpm d294a7552f13f5ab8824aaa198ab5ad512e3abd335c254cb3a68bab3bbb8b687
ppc64le gnutls-3.8.10-4.el9_8.ppc64le.rpm ec8f42740e4edd647e68e157cbcbfe497990e29cd32ebc09742d65f3e4544da4
s390x gnutls-c++-3.8.10-4.el9_8.s390x.rpm 098acaaf0db18fd616ca306397b48cf9bd38334e406e9e5541fe1f4a3522595f
s390x gnutls-utils-3.8.10-4.el9_8.s390x.rpm 1241ecf92c27b18b6aa19ac0e87f98409b31a9658eff09119019cc7ea294079b
s390x gnutls-dane-3.8.10-4.el9_8.s390x.rpm 1d4c7eac713b6102eadc3ba52b3fead501313a7cc3599ed9f69da5bacabb2477
s390x gnutls-3.8.10-4.el9_8.s390x.rpm 744f37c1b35e2c211c52190b38bc4b70a18262f39b72a3930298f668c6689ef3
s390x gnutls-devel-3.8.10-4.el9_8.s390x.rpm 7e57a7551b8f19234b94227ea2c5a85954e751ef35697cba3ffc56ec748ad813
x86_64 gnutls-utils-3.8.10-4.el9_8.x86_64.rpm 321f41c7b28116d5fec5ee42c2d20802a4be68651c7cba57acb69435c78b89ce
x86_64 gnutls-3.8.10-4.el9_8.x86_64.rpm 39b87fb04566ff4930e5ec06495f614ab9071502801834fac0c0d327ef152377
x86_64 gnutls-c++-3.8.10-4.el9_8.x86_64.rpm a2a6f09ef512c5e5392c142f9f2e48d680e115ff5fc06dc846e4f74fe268f79a
x86_64 gnutls-devel-3.8.10-4.el9_8.x86_64.rpm c271a9f60529286c6b7bd0acb7e53705ff81bd17238aee59deba3fdc01c77a45
x86_64 gnutls-dane-3.8.10-4.el9_8.x86_64.rpm ed1e3da5300dc3b8144219c58126a3ca6586b6713af24c1fe9b5b344e4dd54ac
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.