Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 496
Alerts This Week
Warning Icon 1 496

Stay Secure with the Latest Linux Advisories

Filter%20icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 349 articles for you...
202

openSUSE gnutls Important Denial of Service Issue Fix 2026-3042-1

An update that solves one vulnerability can now be installed.. # Security update for gnutls Announcement ID: SUSE-SU-2026:3042-1 Release Date: 2026-07-15T11:50:16Z Rating: important References: * bsc#1263713 Cross-References: * CVE-2026-42014 CVSS scores: * CVE-2026-42014 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-42014 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-42014 ( NVD ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for gnutls fixes the following issue * Rebase the CVE-2026-42014 patch to include a missing call to `p11_kit_uri_free()` in `gnutls_pkcs11_token_set_pin()` (bsc#1263713). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-3042=1 * SUSE Linux Enterprise High PerformanceComputing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-3042=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2026-3042=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-3042=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2026-3042=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-3042=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-3042=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2026-3042=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-3042=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2026-3042=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-3042=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2026-3042=1 ## Package List: * openSUSE Leap 15.4 (aarch64 i586 ppc64le s390x x86_64) * libgnutls-devel-3.7.3-150400.4.62.1 * gnutls-guile-3.7.3-150400.4.62.1 * gnutls-debugsource-3.7.3-150400.4.62.1 * gnutls-guile-debuginfo-3.7.3-150400.4.62.1 * libgnutls30-debuginfo-3.7.3-150400.4.62.1 * gnutls-debuginfo-3.7.3-150400.4.62.1 * libgnutlsxx28-debuginfo-3.7.3-150400.4.62.1 * gnutls-3.7.3-150400.4.62.1 * libgnutlsxx-devel-3.7.3-150400.4.62.1 * libgnutlsxx28-3.7.3-150400.4.62.1 * libgnutls30-3.7.3-150400.4.62.1 * libgnutls30-hmac-3.7.3-150400.4.62.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libgnutls-devel-64bit-3.7.3-150400.4.62.1 * libgnutls30-64bit-debuginfo-3.7.3-150400.4.62.1 * libgnutls30-hmac-64bit-3.7.3-150400.4.62.1 * libgnutls30-64bit-3.7.3-150400.4.62.1 * openSUSE Leap 15.4 (x86_64) * libgnutls30-32bit-3.7.3-150400.4.62.1 * libgnutls30-hmac-32bit-3.7.3-150400.4.62.1 * libgnutls-devel-32bit-3.7.3-150400.4.62.1 * libgnutls30-32bit-debuginfo-3.7.3-150400.4.62.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libgnutls-devel-3.7.3-150400.4.62.1 * gnutls-guile-3.7.3-150400.4.62.1 * gnutls-debugsource-3.7.3-150400.4.62.1 * libgnutls30-debuginfo-3.7.3-150400.4.62.1 * gnutls-guile-debuginfo-3.7.3-150400.4.62.1 * gnutls-debuginfo-3.7.3-150400.4.62.1 * libgnutlsxx28-debuginfo-3.7.3-150400.4.62.1 * gnutls-3.7.3-150400.4.62.1 * libgnutlsxx-devel-3.7.3-150400.4.62.1 * libgnutlsxx28-3.7.3-150400.4.62.1 * libgnutls30-3.7.3-150400.4.62.1 * libgnutls30-hmac-3.7.3-150400.4.62.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64) * libgnutls30-32bit-3.7.3-150400.4.62.1 * libgnutls30-hmac-32bit-3.7.3-150400.4.62.1 * libgnutls30-32bit-debuginfo-3.7.3-150400.4.62.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libgnutls-devel-3.7.3-150400.4.62.1 * gnutls-debugsource-3.7.3-150400.4.62.1 * libgnutls30-debuginfo-3.7.3-150400.4.62.1 * gnutls-debuginfo-3.7.3-150400.4.62.1 * libgnutlsxx28-debuginfo-3.7.3-150400.4.62.1 * gnutls-3.7.3-150400.4.62.1 * libgnutlsxx-devel-3.7.3-150400.4.62.1 * libgnutlsxx28-3.7.3-150400.4.62.1 * libgnutls30-3.7.3-150400.4.62.1 * libgnutls30-hmac-3.7.3-150400.4.62.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * libgnutls30-32bit-3.7.3-150400.4.62.1 * libgnutls30-hmac-32bit-3.7.3-150400.4.62.1 * libgnutls30-32bit-debuginfo-3.7.3-150400.4.62.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libgnutls-devel-3.7.3-150400.4.62.1 * gnutls-debugsource-3.7.3-150400.4.62.1 * libgnutls30-debuginfo-3.7.3-150400.4.62.1 * gnutls-debuginfo-3.7.3-150400.4.62.1 *libgnutlsxx28-debuginfo-3.7.3-150400.4.62.1 * gnutls-3.7.3-150400.4.62.1 * libgnutlsxx-devel-3.7.3-150400.4.62.1 * libgnutlsxx28-3.7.3-150400.4.62.1 * libgnutls30-3.7.3-150400.4.62.1 * libgnutls30-hmac-3.7.3-150400.4.62.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * libgnutls30-32bit-3.7.3-150400.4.62.1 * libgnutls30-hmac-32bit-3.7.3-150400.4.62.1 * libgnutls30-32bit-debuginfo-3.7.3-150400.4.62.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * gnutls-debugsource-3.7.3-150400.4.62.1 * libgnutls30-debuginfo-3.7.3-150400.4.62.1 * gnutls-debuginfo-3.7.3-150400.4.62.1 * gnutls-3.7.3-150400.4.62.1 * libgnutls30-3.7.3-150400.4.62.1 * libgnutls30-hmac-3.7.3-150400.4.62.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64) * libgnutls30-32bit-3.7.3-150400.4.62.1 * libgnutls30-hmac-32bit-3.7.3-150400.4.62.1 * libgnutls30-32bit-debuginfo-3.7.3-150400.4.62.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * libgnutls-devel-3.7.3-150400.4.62.1 * gnutls-debugsource-3.7.3-150400.4.62.1 * libgnutls30-debuginfo-3.7.3-150400.4.62.1 * gnutls-debuginfo-3.7.3-150400.4.62.1 * libgnutlsxx28-debuginfo-3.7.3-150400.4.62.1 * gnutls-3.7.3-150400.4.62.1 * libgnutlsxx-devel-3.7.3-150400.4.62.1 * libgnutlsxx28-3.7.3-150400.4.62.1 * libgnutls30-3.7.3-150400.4.62.1 * libgnutls30-hmac-3.7.3-150400.4.62.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * libgnutls-devel-3.7.3-150400.4.62.1 * gnutls-guile-3.7.3-150400.4.62.1 * gnutls-debugsource-3.7.3-150400.4.62.1 * libgnutls30-debuginfo-3.7.3-150400.4.62.1 * gnutls-guile-debuginfo-3.7.3-150400.4.62.1 * gnutls-debuginfo-3.7.3-150400.4.62.1 * libgnutlsxx28-debuginfo-3.7.3-150400.4.62.1 * gnutls-3.7.3-150400.4.62.1 * libgnutlsxx-devel-3.7.3-150400.4.62.1 * libgnutlsxx28-3.7.3-150400.4.62.1 * libgnutls30-3.7.3-150400.4.62.1 *libgnutls30-hmac-3.7.3-150400.4.62.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64) * libgnutls30-32bit-3.7.3-150400.4.62.1 * libgnutls30-hmac-32bit-3.7.3-150400.4.62.1 * libgnutls30-32bit-debuginfo-3.7.3-150400.4.62.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64) * libgnutls30-32bit-3.7.3-150400.4.62.1 * libgnutls30-hmac-32bit-3.7.3-150400.4.62.1 * libgnutls30-32bit-debuginfo-3.7.3-150400.4.62.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * libgnutls-devel-3.7.3-150400.4.62.1 * gnutls-guile-3.7.3-150400.4.62.1 * gnutls-debugsource-3.7.3-150400.4.62.1 * gnutls-guile-debuginfo-3.7.3-150400.4.62.1 * libgnutls30-debuginfo-3.7.3-150400.4.62.1 * gnutls-debuginfo-3.7.3-150400.4.62.1 * libgnutlsxx28-debuginfo-3.7.3-150400.4.62.1 * gnutls-3.7.3-150400.4.62.1 * libgnutlsxx-devel-3.7.3-150400.4.62.1 * libgnutlsxx28-3.7.3-150400.4.62.1 * libgnutls30-3.7.3-150400.4.62.1 * libgnutls30-hmac-3.7.3-150400.4.62.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * libgnutls-devel-3.7.3-150400.4.62.1 * gnutls-guile-3.7.3-150400.4.62.1 * gnutls-debugsource-3.7.3-150400.4.62.1 * libgnutls30-debuginfo-3.7.3-150400.4.62.1 * gnutls-guile-debuginfo-3.7.3-150400.4.62.1 * gnutls-debuginfo-3.7.3-150400.4.62.1 * libgnutlsxx28-debuginfo-3.7.3-150400.4.62.1 * gnutls-3.7.3-150400.4.62.1 * libgnutlsxx-devel-3.7.3-150400.4.62.1 * libgnutlsxx28-3.7.3-150400.4.62.1 * libgnutls30-3.7.3-150400.4.62.1 * libgnutls30-hmac-3.7.3-150400.4.62.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64) * libgnutls30-32bit-3.7.3-150400.4.62.1 * libgnutls30-hmac-32bit-3.7.3-150400.4.62.1 * libgnutls30-32bit-debuginfo-3.7.3-150400.4.62.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * gnutls-debugsource-3.7.3-150400.4.62.1 *libgnutls30-debuginfo-3.7.3-150400.4.62.1 * gnutls-debuginfo-3.7.3-150400.4.62.1 * gnutls-3.7.3-150400.4.62.1 * libgnutls30-3.7.3-150400.4.62.1 * libgnutls30-hmac-3.7.3-150400.4.62.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * gnutls-debugsource-3.7.3-150400.4.62.1 * libgnutls30-debuginfo-3.7.3-150400.4.62.1 * gnutls-debuginfo-3.7.3-150400.4.62.1 * gnutls-3.7.3-150400.4.62.1 * libgnutls30-3.7.3-150400.4.62.1 * libgnutls30-hmac-3.7.3-150400.4.62.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libgnutls-devel-3.7.3-150400.4.62.1 * gnutls-debugsource-3.7.3-150400.4.62.1 * libgnutls30-debuginfo-3.7.3-150400.4.62.1 * gnutls-debuginfo-3.7.3-150400.4.62.1 * libgnutlsxx28-debuginfo-3.7.3-150400.4.62.1 * gnutls-3.7.3-150400.4.62.1 * libgnutlsxx-devel-3.7.3-150400.4.62.1 * libgnutlsxx28-3.7.3-150400.4.62.1 * libgnutls30-3.7.3-150400.4.62.1 * libgnutls30-hmac-3.7.3-150400.4.62.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * libgnutls30-32bit-3.7.3-150400.4.62.1 * libgnutls30-hmac-32bit-3.7.3-150400.4.62.1 * libgnutls30-32bit-debuginfo-3.7.3-150400.4.62.1 ## References: * https://www.suse.com/security/cve/CVE-2026-42014.html * https://bugzilla.suse.com/show_bug.cgi?id=1263713 . The gnutls security update for openSUSE fixes an important issue to enhance system protection. Install the patches today.. openSUSE gnutls security patch. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 15, 2026 Important OpenSUSE
172

Ubuntu GnuTLS Critical Machine-in-the-Middle Denial of Service Vuln 8539-1

Several security issues were fixed in GnuTLS.. ========================================================================== Ubuntu Security Notice USN-8539-1 July 14, 2026 gnutls28 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Several security issues were fixed in GnuTLS. Software Description: - gnutls28: GNU TLS library Details: Haruto Kimura discovered that GnuTLS did not properly apply permitted name constraints in certain certificate validation paths. A remote attacker could possibly use this issue to bypass certificate validation, leading to a machine-in-the-middle attack. (CVE-2026-42011) Oleh Konko discovered that GnuTLS incorrectly fell back to Common Name checks for certain URI and SRV subject alternative names. A remote attacker could possibly use this issue to bypass certificate validation, leading to a machine-in-the-middle attack. (CVE-2026-42012) Haruto Kimura and Joshua Rogers discovered that GnuTLS incorrectly fell back to Common Name checks when subject alternative names were oversized. A remote attacker could possibly use this issue to bypass certificate validation, leading to a machine-in-the-middle attack. (CVE-2026-42013) Luigino Camastra and Joshua Rogers discovered that GnuTLS had a use-after-free issue when changing PKCS#11 token security officer PINs in certain cases. An attacker could possibly use this issue to cause GnuTLS to crash, resulting in a denial of service, or execute arbitrary code. (CVE-2026-42014) Zou Dikai discovered that GnuTLS did not properly validate PKCS#12 bag sizes in certain cases. An attacker could possibly use this issue to cause GnuTLS to crash, resulting in a denial of service, or execute arbitrary code. (CVE-2026-42015) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS libgnutls30 3.6.13-2ubuntu1.12+esm3 Available with Ubuntu Pro Ubuntu 18.04 LTS libgnutls30 3.5.18-1ubuntu1.6+esm4 Available with Ubuntu Pro Ubuntu 16.04 LTS libgnutls30 3.4.10-4ubuntu1.9+esm4 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8539-1 CVE-2026-42011, CVE-2026-42012, CVE-2026-42013, CVE-2026-42014, CVE-2026-42015 . Several security issues were fixed in GnuTLS affecting Ubuntu 20.04, 18.04, and 16.04, allowing potential machine-in-the-middle attacks.. GnuTLS Security, Ubuntu Advisory, Certificate Validation Issues, Denial of Service, Remote Attacks. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jul 14, 2026 Critical Ubuntu
100

SUSE gnutls Important DoS Memory Corruption Vulnern 2026-2822-1

An update that solves 12 vulnerabilities can now be installed.. # Security update for gnutls Announcement ID: SUSE-SU-2026:2822-1 Release Date: 2026-07-09T18:07:13Z Rating: important References: * bsc#1257960 * bsc#1263704 * bsc#1263705 * bsc#1263707 * bsc#1263708 * bsc#1263709 * bsc#1263710 * bsc#1263711 * bsc#1263712 * bsc#1263713 * bsc#1263714 * bsc#1263715 Cross-References: * CVE-2025-14831 * CVE-2026-33845 * CVE-2026-33846 * CVE-2026-3833 * CVE-2026-42009 * CVE-2026-42010 * CVE-2026-42011 * CVE-2026-42012 * CVE-2026-42013 * CVE-2026-42014 * CVE-2026-42015 * CVE-2026-5260 CVSS scores: * CVE-2025-14831 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-14831 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-14831 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-33845 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-33845 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-33845 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33845 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-33845 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33846 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-33846 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33846 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33846 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-3833 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-3833 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-3833 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-3833 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-42009 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-42009 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42009 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42009 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42010 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-42010 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N * CVE-2026-42010 ( NVD ): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N * CVE-2026-42010 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2026-42010 ( NVD ): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N * CVE-2026-42011 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2026-42011 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2026-42011 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2026-42012 ( SUSE ): 5.9 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-42012 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N * CVE-2026-42012 ( NVD ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N * CVE-2026-42013 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2026-42013 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N * CVE-2026-42013 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N * CVE-2026-42014 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2026-42014 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-42014 ( NVD ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2026-42015 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2026-42015 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H * CVE-2026-42015 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-5260 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-5260 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-5260 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H Affected Products: * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro for Rancher 5.3 An update that solves 12 vulnerabilities can now be installed. ## Description: This update for gnutls fixes the following issues * CVE-2025-14831: excessive resource consumption when verifying specially crafted malicious certificates containing a large number of name constraints and SANs (bsc#1257960). * CVE-2026-3833: incorrectly accepted domain names due to comparison during name constraints processing being case-sensitive (bsc#1263707). * CVE-2026-5260: heap overread when processing extremely short premaster secret as part of an RSA key exchange (bsc#1263715). * CVE-2026-33845: integer overflow and heap overrun when parsing fragments with zero length and non-zero offset during DTLS handshake (bsc#1263704). * CVE-2026-33846: heap overwrite during DTLS handshake fragment reassembly due to missing validations and checks (bsc#1263705). * CVE-2026-42009: undefined behavior resulting in a DoS when handling DTLS packets with duplicate sequence numbers (bsc#1263708). * CVE-2026-42010: authentication bypass when processing a PSK username with a NUL-character (bsc#1263709). * CVE-2026-42011: name constraint bypass leading to acceptance of invalid certificates during certificate validation (bsc#1263710). * CVE-2026-42012: spoofing of legitimate services and sensitive information interception via specially crafted certificates containing URIs or SRV SANs. (bsc#1263711). * CVE-2026-42013: certificate validation bypass when validating certificates with an oversized SAN (bsc#1263712). * CVE-2026-42014: use-after-free when an attacker attempts to change the PIN with a NULL old PIN for a token that lacks a protectedauthentication path (bsc#1263713). * CVE-2026-42015: memory corruption when appending to a PKCS#12 bag that already contains 32 elements (bsc#1263714). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2822=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2026-2822=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libgnutls30-3.7.3-150400.24.2 * gnutls-3.7.3-150400.24.2 * libgnutls30-hmac-3.7.3-150400.24.2 * libgnutls30-debuginfo-3.7.3-150400.24.2 * gnutls-debuginfo-3.7.3-150400.24.2 * gnutls-debugsource-3.7.3-150400.24.2 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libgnutls30-3.7.3-150400.24.2 * gnutls-3.7.3-150400.24.2 * libgnutls30-hmac-3.7.3-150400.24.2 * libgnutls30-debuginfo-3.7.3-150400.24.2 * gnutls-debuginfo-3.7.3-150400.24.2 * gnutls-debugsource-3.7.3-150400.24.2 ## References: * https://www.suse.com/security/cve/CVE-2025-14831.html * https://www.suse.com/security/cve/CVE-2026-33845.html * https://www.suse.com/security/cve/CVE-2026-33846.html * https://www.suse.com/security/cve/CVE-2026-3833.html * https://www.suse.com/security/cve/CVE-2026-42009.html * https://www.suse.com/security/cve/CVE-2026-42010.html * https://www.suse.com/security/cve/CVE-2026-42011.html * https://www.suse.com/security/cve/CVE-2026-42012.html * https://www.suse.com/security/cve/CVE-2026-42013.html * https://www.suse.com/security/cve/CVE-2026-42014.html * https://www.suse.com/security/cve/CVE-2026-42015.html * https://www.suse.com/security/cve/CVE-2026-5260.html * https://bugzilla.suse.com/show_bug.cgi?id=1257960 * https://bugzilla.suse.com/show_bug.cgi?id=1263704 *https://bugzilla.suse.com/show_bug.cgi?id=1263705 * https://bugzilla.suse.com/show_bug.cgi?id=1263707 * https://bugzilla.suse.com/show_bug.cgi?id=1263708 * https://bugzilla.suse.com/show_bug.cgi?id=1263709 * https://bugzilla.suse.com/show_bug.cgi?id=1263710 * https://bugzilla.suse.com/show_bug.cgi?id=1263711 * https://bugzilla.suse.com/show_bug.cgi?id=1263712 * https://bugzilla.suse.com/show_bug.cgi?id=1263713 * https://bugzilla.suse.com/show_bug.cgi?id=1263714 * https://bugzilla.suse.com/show_bug.cgi?id=1263715 . Stay updated on important security patches for the gnutls application in SUSE, addressing various vulnerabilities.. SUSE gnutls security patch critical vulnerabilities update. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jul 10, 2026 Important SuSE
172

Ubuntu GnuTLS Critical Denial of Service and Security Issues 2026-8502-1

Several security issues were fixed in GnuTLS.. ========================================================================== Ubuntu Security Notice USN-8502-1 July 06, 2026 gnutls28 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Several security issues were fixed in GnuTLS. Software Description: - gnutls28: GNU TLS library Details: It was discovered that GnuTLS had a timing side-channel when processing malformed ciphertexts in RSA-PSK ClientKeyExchange. A remote attacker could possibly use this issue to recover sensitive information. This issue only affected Ubuntu 18.04 LTS. (CVE-2024-0553) Bing Shi discovered that GnuTLS incorrectly handled decoding certain DER-encoded certificates. A remote attacker could possibly use this issue to cause GnuTLS to consume resources, leading to a denial of service. This issue only affected Ubuntu 18.04 LTS. (CVE-2024-12243) Luigino Camastra discovered that GnuTLS incorrectly handled certain PKCS11 token labels. A remote attacker could use this issue to cause GnuTLS to crash, resulting in a denial of service, or possibly execute arbitrary code. The default compiler options for affected releases should reduce the vulnerability to a denial of service. (CVE-2025-9820) Tim Scheckenbach discovered that GnuTLS incorrectly handled malicious certificates containing a large number of name constraints and subject alternative names. A remote attacker could possibly use this issue to cause GnuTLS to consume resources, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2025-14831) Oleh Konko and Joshua Rogers discovered that GnuTLS did not properly handle case-insensitive name constraints in certain cases. A remote attacker could possibly use this issue to bypass certificate validation, leading to a machine-in-the-middle attack.(CVE-2026-3833) Joshua Rogers discovered that GnuTLS did not properly handle very short premaster secrets in certain RSA key exchange cases with PKCS#11-backed server keys. A remote attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2026-5260) Joshua Rogers discovered that GnuTLS did not properly handle malformed DTLS handshake fragments in certain cases. A remote attacker could possibly use this issue to obtain sensitive information, or cause a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2026-33845) Haruto Kimura, Oscar Reparaz, and Zou Dikai discovered that GnuTLS did not properly validate DTLS handshake fragment lengths in certain cases. A remote attacker could possibly use this issue to cause GnuTLS to crash, resulting in a denial of service, or execute arbitrary code. (CVE-2026-33846) Joshua Rogers discovered that GnuTLS did not properly order DTLS packets with duplicate sequence numbers in certain cases. A remote attacker could possibly use this issue to cause GnuTLS to crash, resulting in a denial of service. (CVE-2026-42009) Joshua Rogers discovered that GnuTLS did not properly handle usernames containing NUL characters in certain RSA-PSK configurations. A remote attacker could possibly use this issue to bypass authentication and gain unintended access to services. This issue only affected Ubuntu 20.04 LTS. (CVE-2026-42010) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS gnutls-bin 3.6.13-2ubuntu1.12+esm2 Available with Ubuntu Pro guile-gnutls 3.6.13-2ubuntu1.12+esm2 Available with Ubuntu Pro libgnutls-dane0 3.6.13-2ubuntu1.12+esm2 Available with Ubuntu Pro libgnutls-openssl27 3.6.13-2ubuntu1.12+esm2 Available with Ubuntu Pro libgnutls28-dev 3.6.13-2ubuntu1.12+esm2 Available with Ubuntu Pro libgnutls30 3.6.13-2ubuntu1.12+esm2 Available with Ubuntu Pro libgnutlsxx28 3.6.13-2ubuntu1.12+esm2 Available with Ubuntu Pro Ubuntu 18.04 LTS gnutls-bin 3.5.18-1ubuntu1.6+esm3 Available with Ubuntu Pro libgnutls-dane0 3.5.18-1ubuntu1.6+esm3 Available with Ubuntu Pro libgnutls-openssl27 3.5.18-1ubuntu1.6+esm3 Available with Ubuntu Pro libgnutls28-dev 3.5.18-1ubuntu1.6+esm3 Available with Ubuntu Pro libgnutls30 3.5.18-1ubuntu1.6+esm3 Available with Ubuntu Pro libgnutlsxx28 3.5.18-1ubuntu1.6+esm3 Available with Ubuntu Pro Ubuntu 16.04 LTS gnutls-bin 3.4.10-4ubuntu1.9+esm3 Available with Ubuntu Pro guile-gnutls 3.4.10-4ubuntu1.9+esm3 Available with Ubuntu Pro libgnutls-dev 3.4.10-4ubuntu1.9+esm3 Available with Ubuntu Pro libgnutls-openssl27 3.4.10-4ubuntu1.9+esm3 Available with Ubuntu Pro libgnutls28-dev 3.4.10-4ubuntu1.9+esm3 Available with Ubuntu Pro libgnutls30 3.4.10-4ubuntu1.9+esm3 Available with Ubuntu Pro libgnutlsxx28 3.4.10-4ubuntu1.9+esm3 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8502-1 CVE-2024-0553, CVE-2024-12243, CVE-2025-14831, CVE-2025-9820, CVE-2026-33845, CVE-2026-33846, CVE-2026-3833, CVE-2026-42009, CVE-2026-42010, CVE-2026-5260 . GnuTLS vulnerabilities in Ubuntu require urgent updates to prevent potential remote attacks and service disruption.. Ubuntu GnuTLS security update, GnuTLS vulnerabilities, Ubuntu security advisories. . Severity: Critical. LinuxSecurity.com Team

Calendar%202 Jul 06, 2026 Critical Ubuntu
217

Oracle Linux 9 ELSA-2026-20612 GnuTLS Important Heap Overwrite

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-20612 http://linux.oracle.com/errata/ELSA-2026-20612.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: gnutls-3.8.10-4.el9_8.i686.rpm gnutls-3.8.10-4.el9_8.x86_64.rpm gnutls-c++-3.8.10-4.el9_8.i686.rpm gnutls-c++-3.8.10-4.el9_8.x86_64.rpm gnutls-dane-3.8.10-4.el9_8.i686.rpm gnutls-dane-3.8.10-4.el9_8.x86_64.rpm gnutls-devel-3.8.10-4.el9_8.i686.rpm gnutls-devel-3.8.10-4.el9_8.x86_64.rpm gnutls-utils-3.8.10-4.el9_8.x86_64.rpm aarch64: gnutls-3.8.10-4.el9_8.aarch64.rpm gnutls-c++-3.8.10-4.el9_8.aarch64.rpm gnutls-dane-3.8.10-4.el9_8.aarch64.rpm gnutls-devel-3.8.10-4.el9_8.aarch64.rpm gnutls-utils-3.8.10-4.el9_8.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates/gnutls-3.8.10-4.el9_8.src.rpm Related CVEs: CVE-2026-3832 CVE-2026-3833 CVE-2026-5260 CVE-2026-5419 CVE-2026-33845 CVE-2026-33846 CVE-2026-42009 CVE-2026-42010 CVE-2026-42011 CVE-2026-42012 CVE-2026-42013 CVE-2026-42014 CVE-2026-42015 Description of changes: [3.8.10-4] - Fix CVE-2026-33846 (DTLS fragment reassembly, High, heap overwrite) - Fix CVE-2026-42009 (DTLS fragment reassembly, High, undefined behaviour) - Fix CVE-2026-33845 (DTLS fragment reassembly, High, heap overread) - Fix CVE-2026-42010 (PSK authentication, High, authentication bypass) - Fix CVE-2026-3833 (Name constraints, Medium, name constraint bypass) - Fix CVE-2026-42011 (Name constraints, Medium, name constraint bypass) - Fix CVE-2026-42012 (CN fallback, Medium, certificate misuse) - Fix CVE-2026-42013 (CN fallback, Medium, certificate misuse) - Fix CVE-2026-42014 (PKCS#11 PIN change, Medium, use-after-free) - Fix CVE-2026-5260 (PKCS#11 RSA, Medium, heap overread) - Fix CVE-2026-42015 (PKCS#12 appending, Low, heap overwrite) - Fix CVE-2026-3832 (OCSP, Low, revocation bypass) - Fix CVE-2026-5419 (PKCS#7, Low, timing side-channel) - Fix upstream security issue #1808(PSK rehandshake) - Fix upstream security issue #1810 (EKU OID prefix match) - Fix upstream security issue #1813 (pkcs11-provider persistent keys) - Fix upstream security issue #1818 (RSA correctness, OpenSSL format import) - Fix upstream security issue #1819 (PKCS#11 trust removal error path) - Fix upstream security issue #1822 (SCT extension parser OOB read) - Fix upstream security issue #1841 (key zeroization in hybrid kex) - Fix upstream security issue #1823 (malformed certtool template) - Fix upstream security issue #1817 (session parameter loading robustness) - Fix upstream security issue #1820 (PKCS#11 KDF succeeding w/o deriving) - gnutls-3.8.10-CVE-2025-9820.patch: update Makefile.in _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Critical updates for Oracle Linux 9 addressing important vulnerabilities in gnutls, ensuring security improvements and bug fixes.. Oracle Linux 9 Updates, GnuTLS Security Fixes, Important Oracle Alerts. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 26, 2026 Important Oracle
100

SUSE GnuTLS Important Buffers Vulnerability Fix Advisory 2026-2366-1

An update that solves three vulnerabilities can now be installed.. # Security update for gnutls Announcement ID: SUSE-SU-2026:2366-1 Release Date: 2026-06-11T09:12:43Z Rating: important References: * bsc#1263704 * bsc#1263705 * bsc#1263708 Cross-References: * CVE-2026-33845 * CVE-2026-33846 * CVE-2026-42009 CVSS scores: * CVE-2026-33845 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-33845 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-33845 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-33845 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33846 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-33846 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33846 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42009 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-42009 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42009 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for gnutls fixes the following issues * CVE-2026-33845: buffers: switch from end_offset over to frag_length (bsc#1263704). * CVE-2026-33846: buffers: add more checks to DTLS reassembly (bsc#1263705). * CVE-2026-42009: lib/buffers: ensure packets have differing sequence numbers (bsc#1263708). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypperpatch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2026-2366=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-2366=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libgnutls30-3.4.17-8.23.1 * libgnutls30-debuginfo-3.4.17-8.23.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (ppc64le s390x x86_64) * gnutls-debugsource-3.4.17-8.23.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x x86_64) * libgnutls30-debuginfo-32bit-3.4.17-8.23.1 * libgnutls30-32bit-3.4.17-8.23.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libgnutls30-3.4.17-8.23.1 * libgnutls30-32bit-3.4.17-8.23.1 * libgnutls30-debuginfo-3.4.17-8.23.1 * libgnutls30-debuginfo-32bit-3.4.17-8.23.1 * gnutls-debugsource-3.4.17-8.23.1 ## References: * https://www.suse.com/security/cve/CVE-2026-33845.html * https://www.suse.com/security/cve/CVE-2026-33846.html * https://www.suse.com/security/cve/CVE-2026-42009.html * https://bugzilla.suse.com/show_bug.cgi?id=1263704 * https://bugzilla.suse.com/show_bug.cgi?id=1263705 * https://bugzilla.suse.com/show_bug.cgi?id=1263708 . Crucial update for SUSE GnuTLS addressing multiple issues; recommended installation for system security.. SUSE GnuTLS Update, Security Patch, Important Security Advisory, SUSE Linux Enterprise. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 11, 2026 Important SuSE
100

SUSE Linux Enterprise gnutls Important Update Advisories 2026-2367-1

An update that solves four vulnerabilities can now be installed.. # Security update for gnutls Announcement ID: SUSE-SU-2026:2367-1 Release Date: 2026-06-11T09:12:53Z Rating: important References: * bsc#1263704 * bsc#1263705 * bsc#1263708 Cross-References: * CVE-2025-9820 * CVE-2026-33845 * CVE-2026-33846 * CVE-2026-42009 CVSS scores: * CVE-2025-9820 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2025-9820 ( NVD ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2026-33845 ( SUSE ): 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-33845 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2026-33845 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2026-33845 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33846 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-33846 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-33846 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42009 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2026-42009 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2026-42009 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for gnutls fixes the following issues * CVE-2026-33845: buffers: switch from end_offset over to frag_length (bsc#1263704). * CVE-2026-33846: buffers: add more checks to DTLS reassembly (bsc#1263705). * CVE-2026-42009: lib/buffers: ensure packets have differingsequence numbers (bsc#1263708). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2026-2367=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2026-2367=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libgnutlsxx-devel-3.3.27-3.18.1 * libgnutls-openssl-devel-3.3.27-3.18.1 * libgnutls28-debuginfo-3.3.27-3.18.1 * libgnutls-openssl27-3.3.27-3.18.1 * gnutls-debugsource-3.3.27-3.18.1 * gnutls-3.3.27-3.18.1 * libgnutls28-3.3.27-3.18.1 * libgnutls-openssl27-debuginfo-3.3.27-3.18.1 * gnutls-debuginfo-3.3.27-3.18.1 * libgnutls-devel-3.3.27-3.18.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x x86_64) * libgnutls28-debuginfo-32bit-3.3.27-3.18.1 * libgnutls28-32bit-3.3.27-3.18.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libgnutlsxx-devel-3.3.27-3.18.1 * libgnutls-openssl-devel-3.3.27-3.18.1 * libgnutls28-debuginfo-32bit-3.3.27-3.18.1 * libgnutls28-debuginfo-3.3.27-3.18.1 * libgnutls-openssl27-3.3.27-3.18.1 * gnutls-debugsource-3.3.27-3.18.1 * gnutls-3.3.27-3.18.1 * libgnutls28-3.3.27-3.18.1 * libgnutls-openssl27-debuginfo-3.3.27-3.18.1 * libgnutls28-32bit-3.3.27-3.18.1 * gnutls-debuginfo-3.3.27-3.18.1 * libgnutls-devel-3.3.27-3.18.1 ## References: * https://www.suse.com/security/cve/CVE-2025-9820.html * https://www.suse.com/security/cve/CVE-2026-33845.html * https://www.suse.com/security/cve/CVE-2026-33846.html * https://www.suse.com/security/cve/CVE-2026-42009.html * https://bugzilla.suse.com/show_bug.cgi?id=1263704 * https://bugzilla.suse.com/show_bug.cgi?id=1263705 *https://bugzilla.suse.com/show_bug.cgi?id=1263708 . A critical update is available to address four important security issues in gnutls, enhancing system protection for SUSE users.. SUSE security update, gnutls patch, important security issues, Linux vulnerabilities, system protection. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 11, 2026 Important SuSE
217

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:. Oracle Linux Security Advisory ELSA-2026-20611 http://linux.oracle.com/errata/ELSA-2026-20611.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: gnutls-3.6.16-8.el8_10.6.i686.rpm gnutls-3.6.16-8.el8_10.6.x86_64.rpm gnutls-c++-3.6.16-8.el8_10.6.i686.rpm gnutls-c++-3.6.16-8.el8_10.6.x86_64.rpm gnutls-dane-3.6.16-8.el8_10.6.i686.rpm gnutls-dane-3.6.16-8.el8_10.6.x86_64.rpm gnutls-devel-3.6.16-8.el8_10.6.i686.rpm gnutls-devel-3.6.16-8.el8_10.6.x86_64.rpm gnutls-utils-3.6.16-8.el8_10.6.x86_64.rpm aarch64: gnutls-3.6.16-8.el8_10.6.aarch64.rpm gnutls-c++-3.6.16-8.el8_10.6.aarch64.rpm gnutls-dane-3.6.16-8.el8_10.6.aarch64.rpm gnutls-devel-3.6.16-8.el8_10.6.aarch64.rpm gnutls-utils-3.6.16-8.el8_10.6.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/gnutls-3.6.16-8.el8_10.6.src.rpm Related CVEs: CVE-2026-3833 CVE-2026-5260 CVE-2026-33845 CVE-2026-33846 CVE-2026-42009 CVE-2026-42010 CVE-2026-42011 CVE-2026-42012 CVE-2026-42013 CVE-2026-42014 CVE-2026-42015 Description of changes: [3.6.16-8.6] - Fix CVE-2026-33846 (DTLS fragment reassembly, High, heap overwrite) - Fix CVE-2026-42009 (DTLS fragment reassembly, High, undefined behaviour) - Fix CVE-2026-33845 (DTLS fragment reassembly, High, heap overread) - Fix CVE-2026-42010 (PSK authentication, High, authentication bypass) - Fix CVE-2026-3833 (Name constraints, Medium, name constraint bypass) - Fix CVE-2026-42011 (Name constraints, Medium, name constraint bypass) - Fix CVE-2026-42012 (CN fallback, Medium, certificate misuse) - Fix CVE-2026-42013 (CN fallback, Medium, certificate misuse) - Fix CVE-2026-42014 (PKCS#11 PIN change, Medium, use-after-free) - Fix CVE-2026-5260 (PKCS#11 RSA, Medium, heap overread) - Fix CVE-2026-42015 (PKCS#12 appending, Low, heap overwrite) - Fix upstream security issue #1808 (PSK rehandshake) - Fix upstream security issue #1810 (EKU OID prefix match) - Fixupstream security issue #1818 (RSA correctness, OpenSSL format import) - Fix upstream security issue #1819 (PKCS#11 trust removal error path) - Fix upstream security issue #1817 (session parameter loading robustness) _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux Security Advisory ELSA-2026-20611 http://linux.oracle.com/errata/ELSA-2026-20611.html T. linux, updated, oracle, unbreakable, network. . Severity: Important. LinuxSecurity.com Team

Calendar%202 Jun 03, 2026 Important Oracle
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

Is continuous patching actually viable?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/156-is-continuous-patching-actually-viable?task=poll.vote&format=json
156
radio
0
[{"id":503,"title":"Delayed updates invite catastrophic breaches.","votes":1,"type":"x","order":1,"pct":50,"resources":[]},{"id":504,"title":"Automated fixes break production environments.","votes":1,"type":"x","order":2,"pct":50,"resources":[]},{"id":505,"title":"Manual approvals cannot keep pace.","votes":0,"type":"x","order":3,"pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200