Release date:
2025-09-26 19:39:09 UTC
Description:
* SECURITY UPDATE: double-free when exporting SAN otherName
- debian/patches/CVE-2025-32988.patch: fix double-free triggered when
exporting certificates with multiple SAN otherName entries.
- CVE-2025-32988
* SECURITY UPDATE: 1-byte heap write in certtool template parsing
- debian/patches/CVE-2025-32990.patch: prevent 1-byte heap overwrite caused
by malformed certificate template input in certtool.
- CVE-2025-32990
Updated packages:
-
gnutls-bin_3.4.10-4ubuntu1.9+tuxcare.els1_amd64.deb
sha:e6f90ed56b21328ac31715a8451789bd1df0f79b
-
gnutls-doc_3.4.10-4ubuntu1.9+tuxcare.els1_all.deb
sha:68d06def009d39e4d61a987b9fefc57c42ced60d
-
guile-gnutls_3.4.10-4ubuntu1.9+tuxcare.els1_amd64.deb
sha:b82a4d3b22fccc6bab267a17d873cd4e42a15abd
-
libgnutls-dev_3.4.10-4ubuntu1.9+tuxcare.els1_amd64.deb
sha:a75a297102e52893c311dbc02eaca27a8a3cfc57
-
libgnutls-openssl27_3.4.10-4ubuntu1.9+tuxcare.els1_amd64.deb
sha:727f4f4571d329ef3c6c6786812accdec9835ae8
-
libgnutls28-dev_3.4.10-4ubuntu1.9+tuxcare.els1_amd64.deb
sha:7d653320082683269c589f775674e4be1132a4a5
-
libgnutls30_3.4.10-4ubuntu1.9+tuxcare.els1_amd64.deb
sha:70b6b569a1281d0cb53a463e6b98010dce1be510
-
libgnutlsxx28_3.4.10-4ubuntu1.9+tuxcare.els1_amd64.deb
sha:6df701e2ae32c786d728f970a2263728dc1dbe9b
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
