ELSA-2026-20612

ULN >
Oracle Linux Errata repository >
ELSA-2026-20612

ELSA-2026-20612 - gnutls security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2026-06-24

Description

[3.8.10-4]
- Fix CVE-2026-33846 (DTLS fragment reassembly, High, heap overwrite)
- Fix CVE-2026-42009 (DTLS fragment reassembly, High, undefined behaviour)
- Fix CVE-2026-33845 (DTLS fragment reassembly, High, heap overread)
- Fix CVE-2026-42010 (PSK authentication, High, authentication bypass)
- Fix CVE-2026-3833 (Name constraints, Medium, name constraint bypass)
- Fix CVE-2026-42011 (Name constraints, Medium, name constraint bypass)
- Fix CVE-2026-42012 (CN fallback, Medium, certificate misuse)
- Fix CVE-2026-42013 (CN fallback, Medium, certificate misuse)
- Fix CVE-2026-42014 (PKCS#11 PIN change, Medium, use-after-free)
- Fix CVE-2026-5260 (PKCS#11 RSA, Medium, heap overread)
- Fix CVE-2026-42015 (PKCS#12 appending, Low, heap overwrite)
- Fix CVE-2026-3832 (OCSP, Low, revocation bypass)
- Fix CVE-2026-5419 (PKCS#7, Low, timing side-channel)
- Fix upstream security issue #1808 (PSK rehandshake)
- Fix upstream security issue #1810 (EKU OID prefix match)
- Fix upstream security issue #1813 (pkcs11-provider persistent keys)
- Fix upstream security issue #1818 (RSA correctness, OpenSSL format import)
- Fix upstream security issue #1819 (PKCS#11 trust removal error path)
- Fix upstream security issue #1822 (SCT extension parser OOB read)
- Fix upstream security issue #1841 (key zeroization in hybrid kex)
- Fix upstream security issue #1823 (malformed certtool template)
- Fix upstream security issue #1817 (session parameter loading robustness)
- Fix upstream security issue #1820 (PKCS#11 KDF succeeding w/o deriving)
- gnutls-3.8.10-CVE-2025-9820.patch: update Makefile.in

Related CVEs

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 9 (aarch64)	gnutls-3.8.10-4.el9_8.src.rpm	9ce26f7af7e3ae209444d6f62a5f4935ca6dae491705dab76f44fd60d7cf7da9	-	ol9_aarch64_appstream
	gnutls-3.8.10-4.el9_8.src.rpm	9ce26f7af7e3ae209444d6f62a5f4935ca6dae491705dab76f44fd60d7cf7da9	-	ol9_aarch64_baseos_latest
	gnutls-3.8.10-4.el9_8.src.rpm	9ce26f7af7e3ae209444d6f62a5f4935ca6dae491705dab76f44fd60d7cf7da9	-	ol9_aarch64_u8_baseos_patch
	gnutls-3.8.10-4.el9_8.aarch64.rpm	a7257e5a83e0af2e0912430d2bbe6157c7d9a08bb3f0b11ff7d92ec36d090d56	-	ol9_aarch64_baseos_latest
	gnutls-3.8.10-4.el9_8.aarch64.rpm	a7257e5a83e0af2e0912430d2bbe6157c7d9a08bb3f0b11ff7d92ec36d090d56	-	ol9_aarch64_u8_baseos_patch
	gnutls-c++-3.8.10-4.el9_8.aarch64.rpm	bf843d3426b4c75ce7e4f936eb06debac425c0473df54e2c1383242b184b5781	-	ol9_aarch64_appstream
	gnutls-dane-3.8.10-4.el9_8.aarch64.rpm	25fc429fbe9f85a7407295efd3258c9668e242b6a9cbca2b26641b657b3aa6ee	-	ol9_aarch64_appstream
	gnutls-devel-3.8.10-4.el9_8.aarch64.rpm	683a360070f3362e8161e2df9df4855c35ac38b6bab562e7128df9798202ffce	-	ol9_aarch64_appstream
	gnutls-utils-3.8.10-4.el9_8.aarch64.rpm	e6ab7c0171d05c6638c1ee78a3dab181562ab6b7a4ae6939e0abd6a9137eced7	-	ol9_aarch64_appstream

Oracle Linux 9 (x86_64)	gnutls-3.8.10-4.el9_8.src.rpm	9ce26f7af7e3ae209444d6f62a5f4935ca6dae491705dab76f44fd60d7cf7da9	-	ol9_x86_64_appstream
	gnutls-3.8.10-4.el9_8.src.rpm	9ce26f7af7e3ae209444d6f62a5f4935ca6dae491705dab76f44fd60d7cf7da9	-	ol9_x86_64_baseos_latest
	gnutls-3.8.10-4.el9_8.src.rpm	9ce26f7af7e3ae209444d6f62a5f4935ca6dae491705dab76f44fd60d7cf7da9	-	ol9_x86_64_u8_baseos_patch
	gnutls-3.8.10-4.el9_8.i686.rpm	d6f9037f530e8f18cb095a4e27891255eeac45720c4ea41212417837deaa0a69	-	ol9_x86_64_baseos_latest
	gnutls-3.8.10-4.el9_8.i686.rpm	d6f9037f530e8f18cb095a4e27891255eeac45720c4ea41212417837deaa0a69	-	ol9_x86_64_u8_baseos_patch
	gnutls-3.8.10-4.el9_8.x86_64.rpm	f1ba17146f11a67101b13275c4aa162ce2e74cffcb25f27b93f35e9a804c04e2	-	ol9_x86_64_baseos_latest
	gnutls-3.8.10-4.el9_8.x86_64.rpm	f1ba17146f11a67101b13275c4aa162ce2e74cffcb25f27b93f35e9a804c04e2	-	ol9_x86_64_u8_baseos_patch
	gnutls-c++-3.8.10-4.el9_8.i686.rpm	221f13a8cdd1f9ce58777b6cbdff5d0b5ee4091f0bfa83360002245eb4e38ce2	-	ol9_x86_64_appstream
	gnutls-c++-3.8.10-4.el9_8.x86_64.rpm	0bd25c1ba08ecedb743bd10e06a31695b6dd60a9d82171c806fb1511e577fa7b	-	ol9_x86_64_appstream
	gnutls-dane-3.8.10-4.el9_8.i686.rpm	532879296af4f6136b4ca0e828d6f8131834b6ee9c7ff381274dc1a6f5878538	-	ol9_x86_64_appstream
	gnutls-dane-3.8.10-4.el9_8.x86_64.rpm	c2308f50407e1416047d8f6694ac0a2243e74c686d043c43835f2c53908d90bd	-	ol9_x86_64_appstream
	gnutls-devel-3.8.10-4.el9_8.i686.rpm	45979922ae994a29291c1783c8d35e7eba9f3bcca4ce7971418b7d106bca675b	-	ol9_x86_64_appstream
	gnutls-devel-3.8.10-4.el9_8.x86_64.rpm	901ac2260299c3c8867e6b41dced7c53872fed9bf62c4504b2686d906d7805ce	-	ol9_x86_64_appstream
	gnutls-utils-3.8.10-4.el9_8.x86_64.rpm	ace4638f09a9ea89c908cae316dc36b1fabb30080384a97c5ad13889e2182822	-	ol9_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691