Release date:
2026-05-21 09:23:56 UTC
Description:
* SECURITY UPDATE: nameConstraints case-sensitive comparison bypass
- debian/patches/CVE-2026-3833.patch: perform case-insensitive comparison
of dNSName and rfc822Name domain labels in X.509 nameConstraints
processing, fixing excludedSubtrees / permittedSubtrees bypass via
letter-casing in the SAN.
- CVE-2026-3833
Updated packages:
-
gnutls-bin_3.5.18-1ubuntu1.6+tuxcare.els3_amd64.deb
sha:9fd5f8310d72036133ce0bce7d85ecfa262ff0fd
-
gnutls-doc_3.5.18-1ubuntu1.6+tuxcare.els3_all.deb
sha:eff0a27b930171cfbf1e8894d6f2ab0e5f25a721
-
libgnutls-dane0_3.5.18-1ubuntu1.6+tuxcare.els3_amd64.deb
sha:272ccd45fabe61cd9e40d28e7649da2e963e74c1
-
libgnutls-openssl27_3.5.18-1ubuntu1.6+tuxcare.els3_amd64.deb
sha:53ff3ce6710885e7b215c7345c1df7733a48b1bc
-
libgnutls28-dev_3.5.18-1ubuntu1.6+tuxcare.els3_amd64.deb
sha:87e2be0269a2db747600718161afef2d757a9e0b
-
libgnutls30_3.5.18-1ubuntu1.6+tuxcare.els3_amd64.deb
sha:bb4362ce62c1ea13b5b3f44c7547fa53ddd3f273
-
libgnutlsxx28_3.5.18-1ubuntu1.6+tuxcare.els3_amd64.deb
sha:2b61c7c04d833cca07249e1445dcc58ed21743b6
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
