Alerts This Week
Warning Icon 1 938
Alerts This Week
Warning Icon 1 938

SUSE Linux Micro 6.1 Major GnuTLS Security Update Addressing 17 Issues

suse
Calendar Grey June 2, 2026
Dist Suse Esm H88
Critical update available for gnutls addressing 17 security issues on SUSE Linux with important fixes and mitigations.
An update that solves 17 vulnerabilities and has one fix can now be installed.

Summary

### This update for gnutls fixes the following issues * CVE-2026-3833: x509/name-constraints: compare domain names case-insensitive (bsc#1263707). * CVE-2026-5260: lib/pkcs11_privkey: guard against overreading on short ciphertexts (bsc#1263715). * CVE-2026-5419: gnutls_cipher_decrypt3: make PKCS#7 unpadding branch free (bsc#1263716). * CVE-2026-33845: buffers: switch from end_offset over to frag_length (bsc#1263704). * CVE-2026-33846: buffers: add more checks to DTLS reassembly (bsc#1263705). * CVE-2026-42009: lib/buffers: ensure packets have differing sequence numbers (bsc#1263708). * CVE-2026-42010: lib/auth/rsa_psk: fix binary PSK identity lookup (bsc#1263709). * CVE-2026-42011: x509/name_constraints: fix intersecting empty constraints (bsc#1263710).

Topics%20covered

Topics Covered

security advisory security fix important SuSE Linux gnutls attack vector

References

* bsc#1262395

* bsc#1263704

* bsc#1263705

* bsc#1263707

* bsc#1263708

* bsc#1263709

* bsc#1263710

* bsc#1263711

* bsc#1263712

* bsc#1263713

* bsc#1263714

* bsc#1263715

* bsc#1263716

* bsc#1264706

* bsc#1264707

* bsc#1264708

* bsc#1265349

* bsc#1265360

Cross-

* CVE-2026-33845

* CVE-2026-33846

* CVE-2026-3833

* CVE-2026-42009

* CVE-2026-42010

* CVE-2026-42011

* CVE-2026-42012

* CVE-2026-42013

* CVE-2026-42014

* CVE-2026-42015

* CVE-2026-42307

* CVE-2026-43961

* CVE-2026-44656

* CVE-2026-45130

* CVE-2026-46483

* CVE-2026-5260

* CVE-2026-5419

CVSS scores:

* CVE-2026-33845 ( SUSE ): 8.8

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N

* CVE-2026-33845 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2026:21867-1
Release Date: 2026-05-22T09:55:27Z
Rating: important

Topics%20covered

Topics Covered

security advisory security fix important SuSE Linux gnutls attack vector

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here