Release date:
2025-09-26 19:41:59 UTC
Description:
* SECURITY UPDATE: double-free when exporting SAN otherName
- debian/patches/CVE-2025-32988.patch: fix double-free triggered when
exporting certificates with multiple SAN otherName entries.
- CVE-2025-32988
* SECURITY UPDATE: 1-byte heap write in certtool template parsing
- debian/patches/CVE-2025-32990.patch: prevent 1-byte heap overwrite caused
by malformed certificate template input in certtool.
- CVE-2025-32990
Updated packages:
-
gnutls-bin_3.5.18-1ubuntu1.6+tuxcare.els2_amd64.deb
sha:9cb4ac3d51f4d55f71e84080c9cf1567bbb79351
-
gnutls-doc_3.5.18-1ubuntu1.6+tuxcare.els2_all.deb
sha:e3382e1498c8ab5b170781e40b79ecdd672a82e4
-
libgnutls-dane0_3.5.18-1ubuntu1.6+tuxcare.els2_amd64.deb
sha:579475207a5c949336cbff6ce40696d15233fe49
-
libgnutls-openssl27_3.5.18-1ubuntu1.6+tuxcare.els2_amd64.deb
sha:4c91187f289417153d41baa8597a80e2506f6dd2
-
libgnutls28-dev_3.5.18-1ubuntu1.6+tuxcare.els2_amd64.deb
sha:bbe31003c31e5dd8be053a5cb8ad5e0e173e896f
-
libgnutls30_3.5.18-1ubuntu1.6+tuxcare.els2_amd64.deb
sha:05e70f6f15b79d602e22e28e2ab6aa0cf69b9627
-
libgnutlsxx28_3.5.18-1ubuntu1.6+tuxcare.els2_amd64.deb
sha:1c804e78b2f29a7a83bc25e756b4b7dde6788b57
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
