[Apollo] Advisories Statistics light light Login

RLSA-2026:20613

Security Mirrored from RHSA-2026:20613
Issued at: 2026-06-05
Updated at: 2026-06-05

Synopsis

Important: gnutls security update



Description

The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library,

which implements cryptographic algorithms and protocols such as SSL, TLS, and

DTLS.

Security Fix(es):

* gnutls: Fix qsort comparator in DTLS reassembly (CVE-2026-42009)

* gnutls: Fix crashing on an underflow with a DTLS datagram (CVE-2026-33845)

* gnutls: Fix RSA-PSK identity truncation (CVE-2026-42010)

* gnutls: Fix case-sensitivity of domain name comparison in name constraints (CVE-2026-3833)

* gnutls: Fix intersecting empty name constraints (CVE-2026-42011)

* gnutls: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly (CVE-2026-33846)

For more details about the security issue(s), including the impact, a CVSS

score, acknowledgments, and other related information, refer to the CVE page(s)

listed in the References section.



Affected products

Rocky Linux 10 aarch64 Rocky Linux 10 ppc64le Rocky Linux 10 riscv64 Rocky Linux 10 s390x Rocky Linux 10 x86_64

Fixes

2467437 2450624 2467448 2467678 2467686 2450625 2467279 2445763 2467450 2445762 2467451 2467289 2467441

CVEs

CVE-2026-33845 CVE-2026-33846 CVE-2026-3832 CVE-2026-3833 CVE-2026-42009 CVE-2026-42010 CVE-2026-42011 CVE-2026-42012 CVE-2026-42013 CVE-2026-42014 CVE-2026-42015 CVE-2026-5260 CVE-2026-5419

Affected packages

Rocky Linux 10 x86_64 - AppStream

gnutls-devel-0:3.8.10-4.el10_2.x86_64.rpm gnutls-dane-debuginfo-0:3.8.10-4.el10_2.x86_64.rpm gnutls-utils-0:3.8.10-4.el10_2.x86_64.rpm gnutls-utils-debuginfo-0:3.8.10-4.el10_2.x86_64.rpm gnutls-c++-0:3.8.10-4.el10_2.x86_64.rpm gnutls-fips-0:3.8.10-4.el10_2.x86_64.rpm gnutls-dane-0:3.8.10-4.el10_2.x86_64.rpm gnutls-c++-debuginfo-0:3.8.10-4.el10_2.x86_64.rpm

Rocky Linux 10 ppc64le - AppStream

gnutls-utils-0:3.8.10-4.el10_2.ppc64le.rpm gnutls-fips-0:3.8.10-4.el10_2.ppc64le.rpm gnutls-utils-debuginfo-0:3.8.10-4.el10_2.ppc64le.rpm gnutls-dane-debuginfo-0:3.8.10-4.el10_2.ppc64le.rpm gnutls-dane-0:3.8.10-4.el10_2.ppc64le.rpm gnutls-c++-0:3.8.10-4.el10_2.ppc64le.rpm gnutls-devel-0:3.8.10-4.el10_2.ppc64le.rpm gnutls-c++-debuginfo-0:3.8.10-4.el10_2.ppc64le.rpm

Rocky Linux 10 aarch64 - AppStream

gnutls-dane-debuginfo-0:3.8.10-4.el10_2.aarch64.rpm gnutls-devel-0:3.8.10-4.el10_2.aarch64.rpm gnutls-c++-debuginfo-0:3.8.10-4.el10_2.aarch64.rpm gnutls-dane-0:3.8.10-4.el10_2.aarch64.rpm gnutls-utils-debuginfo-0:3.8.10-4.el10_2.aarch64.rpm gnutls-utils-0:3.8.10-4.el10_2.aarch64.rpm gnutls-c++-0:3.8.10-4.el10_2.aarch64.rpm gnutls-fips-0:3.8.10-4.el10_2.aarch64.rpm

Rocky Linux 10 s390x - AppStream

gnutls-utils-0:3.8.10-4.el10_2.s390x.rpm gnutls-utils-debuginfo-0:3.8.10-4.el10_2.s390x.rpm gnutls-fips-0:3.8.10-4.el10_2.s390x.rpm gnutls-dane-0:3.8.10-4.el10_2.s390x.rpm gnutls-dane-debuginfo-0:3.8.10-4.el10_2.s390x.rpm gnutls-c++-0:3.8.10-4.el10_2.s390x.rpm gnutls-c++-debuginfo-0:3.8.10-4.el10_2.s390x.rpm gnutls-devel-0:3.8.10-4.el10_2.s390x.rpm

Rocky Linux 10 x86_64 - BaseOS

gnutls-debugsource-0:3.8.10-4.el10_2.x86_64.rpm gnutls-0:3.8.10-4.el10_2.src.rpm gnutls-debuginfo-0:3.8.10-4.el10_2.x86_64.rpm gnutls-0:3.8.10-4.el10_2.x86_64.rpm

Rocky Linux 10 s390x - BaseOS

gnutls-0:3.8.10-4.el10_2.s390x.rpm gnutls-debuginfo-0:3.8.10-4.el10_2.s390x.rpm gnutls-0:3.8.10-4.el10_2.src.rpm gnutls-debugsource-0:3.8.10-4.el10_2.s390x.rpm

Rocky Linux 10 aarch64 - BaseOS

gnutls-0:3.8.10-4.el10_2.src.rpm gnutls-debuginfo-0:3.8.10-4.el10_2.aarch64.rpm gnutls-0:3.8.10-4.el10_2.aarch64.rpm gnutls-debugsource-0:3.8.10-4.el10_2.aarch64.rpm

Rocky Linux 10 ppc64le - BaseOS

gnutls-0:3.8.10-4.el10_2.src.rpm gnutls-debugsource-0:3.8.10-4.el10_2.ppc64le.rpm gnutls-debuginfo-0:3.8.10-4.el10_2.ppc64le.rpm gnutls-0:3.8.10-4.el10_2.ppc64le.rpm

Rocky Linux 10 riscv64 - BaseOS

gnutls-0:3.8.10-4.el10_2.src.rpm