RLSA-2026:5585

Security

Mirrored from RHSA-2026:5585

Issued at: 2026-04-07

Updated at: 2026-04-07

Synopsis

Moderate: gnutls security update

Description

The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS.

Security Fix(es):

* gnutls: Stack-based Buffer Overflow in gnutls_pkcs11_token_init() Function (CVE-2025-9820)

* gnutls: GnuTLS: Denial of Service via excessive resource consumption during certificate verification (CVE-2025-14831)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected products

Rocky Linux 8 aarch64

Rocky Linux 8 x86_64

Fixes

2392528

2423177

CVEs

CVE-2025-14831

CVE-2025-9820

Affected packages

Rocky Linux 8 aarch64 - BaseOS

gnutls-0:3.6.16-8.el8_10.5.aarch64.rpm

gnutls-0:3.6.16-8.el8_10.5.src.rpm

gnutls-debuginfo-0:3.6.16-8.el8_10.5.aarch64.rpm

gnutls-debugsource-0:3.6.16-8.el8_10.5.aarch64.rpm

Rocky Linux 8 x86_64 - BaseOS

gnutls-0:3.6.16-8.el8_10.5.i686.rpm

gnutls-0:3.6.16-8.el8_10.5.src.rpm

gnutls-0:3.6.16-8.el8_10.5.x86_64.rpm

gnutls-debuginfo-0:3.6.16-8.el8_10.5.i686.rpm

gnutls-debuginfo-0:3.6.16-8.el8_10.5.x86_64.rpm

gnutls-debugsource-0:3.6.16-8.el8_10.5.i686.rpm

gnutls-debugsource-0:3.6.16-8.el8_10.5.x86_64.rpm

Rocky Linux 8 aarch64 - AppStream

gnutls-c++-0:3.6.16-8.el8_10.5.aarch64.rpm

gnutls-c++-debuginfo-0:3.6.16-8.el8_10.5.aarch64.rpm

gnutls-dane-0:3.6.16-8.el8_10.5.aarch64.rpm

gnutls-dane-debuginfo-0:3.6.16-8.el8_10.5.aarch64.rpm

gnutls-devel-0:3.6.16-8.el8_10.5.aarch64.rpm

gnutls-utils-0:3.6.16-8.el8_10.5.aarch64.rpm

gnutls-utils-debuginfo-0:3.6.16-8.el8_10.5.aarch64.rpm

Rocky Linux 8 x86_64 - AppStream

gnutls-c++-0:3.6.16-8.el8_10.5.i686.rpm

gnutls-c++-0:3.6.16-8.el8_10.5.x86_64.rpm

gnutls-c++-debuginfo-0:3.6.16-8.el8_10.5.i686.rpm

gnutls-c++-debuginfo-0:3.6.16-8.el8_10.5.x86_64.rpm

gnutls-dane-0:3.6.16-8.el8_10.5.i686.rpm

gnutls-dane-0:3.6.16-8.el8_10.5.x86_64.rpm

gnutls-dane-debuginfo-0:3.6.16-8.el8_10.5.i686.rpm

gnutls-dane-debuginfo-0:3.6.16-8.el8_10.5.x86_64.rpm

gnutls-devel-0:3.6.16-8.el8_10.5.i686.rpm

gnutls-devel-0:3.6.16-8.el8_10.5.x86_64.rpm

gnutls-utils-0:3.6.16-8.el8_10.5.x86_64.rpm

gnutls-utils-debuginfo-0:3.6.16-8.el8_10.5.x86_64.rpm