Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 584
Alerts This Week
Warning Icon 1 584

SUSE Linux Micro 6.1 Major GnuTLS Security Update Addressing 17 Issues

suse
Calendar Grey June 2, 2026
Scroller Suse
Critical update available for gnutls addressing 17 security issues on SUSE Linux with important fixes and mitigations.
An update that solves 17 vulnerabilities and has one fix can now be installed.

Summary

### This update for gnutls fixes the following issues * CVE-2026-3833: x509/name-constraints: compare domain names case-insensitive (bsc#1263707). * CVE-2026-5260: lib/pkcs11_privkey: guard against overreading on short ciphertexts (bsc#1263715). * CVE-2026-5419: gnutls_cipher_decrypt3: make PKCS#7 unpadding branch free (bsc#1263716). * CVE-2026-33845: buffers: switch from end_offset over to frag_length (bsc#1263704). * CVE-2026-33846: buffers: add more checks to DTLS reassembly (bsc#1263705). * CVE-2026-42009: lib/buffers: ensure packets have differing sequence numbers (bsc#1263708). * CVE-2026-42010: lib/auth/rsa_psk: fix binary PSK identity lookup (bsc#1263709). * CVE-2026-42011: x509/name_constraints: fix intersecting empty constraints (bsc#1263710).

References

* bsc#1262395

* bsc#1263704

* bsc#1263705

* bsc#1263707

* bsc#1263708

* bsc#1263709

* bsc#1263710

* bsc#1263711

* bsc#1263712

* bsc#1263713

* bsc#1263714

* bsc#1263715

* bsc#1263716

* bsc#1264706

* bsc#1264707

* bsc#1264708

* bsc#1265349

* bsc#1265360

Cross-

* CVE-2026-33845

* CVE-2026-33846

* CVE-2026-3833

* CVE-2026-42009

* CVE-2026-42010

* CVE-2026-42011

* CVE-2026-42012

* CVE-2026-42013

* CVE-2026-42014

* CVE-2026-42015

* CVE-2026-42307

* CVE-2026-43961

* CVE-2026-44656

* CVE-2026-45130

* CVE-2026-46483

* CVE-2026-5260

* CVE-2026-5419

CVSS scores:

* CVE-2026-33845 ( SUSE ): 8.8

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N

* CVE-2026-33845 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2026:21867-1
Release Date: 2026-05-22T09:55:27Z
Rating: important

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.