gnutls28 - Debian Package Tracker

general

source: gnutls28 (main)
version: 3.8.13-1
maintainer: Debian GnuTLS Maintainers (archive) (DMD)
uploaders: Eric Dorland [DMD] – Andreas Metzler [DMD] – James Westby [DMD] – Simon Josefsson [DMD]
arch: all any
std-ver: 4.7.3
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 3.7.1-5+deb11u5
o-o-sec: 3.7.1-5+deb11u9
oldstable: 3.7.9-2+deb12u5
old-sec: 3.7.9-2+deb12u6
old-p-u: 3.7.9-2+deb12u6
stable: 3.8.9-3+deb13u2
stable-sec: 3.8.9-3+deb13u2
stable-p-u: 3.8.9-3+deb13u3
testing: 3.8.12-3
unstable: 3.8.13-1

versioned links

3.7.1-5+deb11u5: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.7.1-5+deb11u9: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.7.9-2+deb12u5: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.7.9-2+deb12u6: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.8.9-3+deb13u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.8.9-3+deb13u3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.8.12-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.8.13-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

gnutls-bin (9 bugs: 0, 6, 3, 0)
gnutls-doc
libgnutls-dane0t64
libgnutls28-dev
libgnutls30t64

action needed

13 security issues in trixie high

There are 13 open security issues in trixie.

13 important issues:

CVE-2026-3832: A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted Online Certificate Status Protocol (OCSP) response during a TLS handshake. Due to a logic error in how gnutls processes multi-record OCSP responses, a client with OCSP verification enabled may incorrectly accept a revoked server certificate, potentially leading to a compromise of trust.
CVE-2026-3833: A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of `nameConstraints` labels, specifically for `dNSName` (DNS) or `rfc822Name` (email) constraints within `excludedSubtrees` or `permittedSubtrees`. A remote attacker can exploit this by crafting a leaf certificate with casing differences in the Subject Alternative Name (SAN), leading to a policy bypass where a certificate that should be rejected is instead accepted. This could result in unauthorized access or information disclosure.
CVE-2026-5260:
CVE-2026-5419:
CVE-2026-33845: A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service.
CVE-2026-33846: A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS. The issue arises in merge_handshake_packet() where incoming handshake fragments are matched and merged based solely on handshake type, without validating that the message_length field remains consistent across all fragments of the same logical message. An attacker can exploit this by sending crafted DTLS fragments with conflicting message_length values, causing the implementation to allocate a buffer based on a smaller initial fragment and subsequently write beyond its bounds using larger, inconsistent fragments. Because the merge operation does not enforce proper bounds checking against the allocated buffer size, this results in an out-of-bounds write on the heap. The vulnerability is remotely exploitable without authentication via the DTLS handshake path and can lead to application crashes or potential memory corruption.
CVE-2026-42009:
CVE-2026-42010: A flaw was found in gnutls. Servers configured with RSA-PSK (Rivest–Shamir–Adleman – Pre-Shared Key) wrongfully matched usernames containing a NUL character with truncated usernames. A remote attacker could exploit this by sending a specially crafted username, leading to an authentication bypass. This vulnerability allows an attacker to gain unauthorized access by circumventing the authentication process.
CVE-2026-42011: A flaw was found in gnutls. This vulnerability occurs because permitted name constraints were incorrectly ignored when previous Certificate Authorities (CAs) only had excluded name constraints. A remote attacker could exploit this to bypass critical name constraint checks during certificate validation. This bypass could lead to the acceptance of invalid certificates, potentially enabling spoofing or man-in-the-middle attacks against affected systems.
CVE-2026-42012:
CVE-2026-42013:
CVE-2026-42014:
CVE-2026-42015:

Created: 2026-04-30 Last update: 2026-05-08 07:00

13 security issues in forky high

There are 13 open security issues in forky.

13 important issues:

CVE-2026-3832: A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted Online Certificate Status Protocol (OCSP) response during a TLS handshake. Due to a logic error in how gnutls processes multi-record OCSP responses, a client with OCSP verification enabled may incorrectly accept a revoked server certificate, potentially leading to a compromise of trust.
CVE-2026-3833: A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of `nameConstraints` labels, specifically for `dNSName` (DNS) or `rfc822Name` (email) constraints within `excludedSubtrees` or `permittedSubtrees`. A remote attacker can exploit this by crafting a leaf certificate with casing differences in the Subject Alternative Name (SAN), leading to a policy bypass where a certificate that should be rejected is instead accepted. This could result in unauthorized access or information disclosure.
CVE-2026-5260:
CVE-2026-5419:
CVE-2026-33845: A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service.
CVE-2026-33846: A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS. The issue arises in merge_handshake_packet() where incoming handshake fragments are matched and merged based solely on handshake type, without validating that the message_length field remains consistent across all fragments of the same logical message. An attacker can exploit this by sending crafted DTLS fragments with conflicting message_length values, causing the implementation to allocate a buffer based on a smaller initial fragment and subsequently write beyond its bounds using larger, inconsistent fragments. Because the merge operation does not enforce proper bounds checking against the allocated buffer size, this results in an out-of-bounds write on the heap. The vulnerability is remotely exploitable without authentication via the DTLS handshake path and can lead to application crashes or potential memory corruption.
CVE-2026-42009:
CVE-2026-42010: A flaw was found in gnutls. Servers configured with RSA-PSK (Rivest–Shamir–Adleman – Pre-Shared Key) wrongfully matched usernames containing a NUL character with truncated usernames. A remote attacker could exploit this by sending a specially crafted username, leading to an authentication bypass. This vulnerability allows an attacker to gain unauthorized access by circumventing the authentication process.
CVE-2026-42011: A flaw was found in gnutls. This vulnerability occurs because permitted name constraints were incorrectly ignored when previous Certificate Authorities (CAs) only had excluded name constraints. A remote attacker could exploit this to bypass critical name constraint checks during certificate validation. This bypass could lead to the acceptance of invalid certificates, potentially enabling spoofing or man-in-the-middle attacks against affected systems.
CVE-2026-42012:
CVE-2026-42013:
CVE-2026-42014:
CVE-2026-42015:

Created: 2026-04-30 Last update: 2026-05-08 07:00

13 security issues in bullseye high

There are 13 open security issues in bullseye.

13 important issues:

CVE-2026-3832: A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted Online Certificate Status Protocol (OCSP) response during a TLS handshake. Due to a logic error in how gnutls processes multi-record OCSP responses, a client with OCSP verification enabled may incorrectly accept a revoked server certificate, potentially leading to a compromise of trust.
CVE-2026-3833: A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of `nameConstraints` labels, specifically for `dNSName` (DNS) or `rfc822Name` (email) constraints within `excludedSubtrees` or `permittedSubtrees`. A remote attacker can exploit this by crafting a leaf certificate with casing differences in the Subject Alternative Name (SAN), leading to a policy bypass where a certificate that should be rejected is instead accepted. This could result in unauthorized access or information disclosure.
CVE-2026-5260:
CVE-2026-5419:
CVE-2026-33845: A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service.
CVE-2026-33846: A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS. The issue arises in merge_handshake_packet() where incoming handshake fragments are matched and merged based solely on handshake type, without validating that the message_length field remains consistent across all fragments of the same logical message. An attacker can exploit this by sending crafted DTLS fragments with conflicting message_length values, causing the implementation to allocate a buffer based on a smaller initial fragment and subsequently write beyond its bounds using larger, inconsistent fragments. Because the merge operation does not enforce proper bounds checking against the allocated buffer size, this results in an out-of-bounds write on the heap. The vulnerability is remotely exploitable without authentication via the DTLS handshake path and can lead to application crashes or potential memory corruption.
CVE-2026-42009:
CVE-2026-42010: A flaw was found in gnutls. Servers configured with RSA-PSK (Rivest–Shamir–Adleman – Pre-Shared Key) wrongfully matched usernames containing a NUL character with truncated usernames. A remote attacker could exploit this by sending a specially crafted username, leading to an authentication bypass. This vulnerability allows an attacker to gain unauthorized access by circumventing the authentication process.
CVE-2026-42011: A flaw was found in gnutls. This vulnerability occurs because permitted name constraints were incorrectly ignored when previous Certificate Authorities (CAs) only had excluded name constraints. A remote attacker could exploit this to bypass critical name constraint checks during certificate validation. This bypass could lead to the acceptance of invalid certificates, potentially enabling spoofing or man-in-the-middle attacks against affected systems.
CVE-2026-42012:
CVE-2026-42013:
CVE-2026-42014:
CVE-2026-42015:

Created: 2026-04-30 Last update: 2026-05-08 07:00

13 security issues in bookworm high

There are 13 open security issues in bookworm.

13 important issues:

CVE-2026-3832: A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted Online Certificate Status Protocol (OCSP) response during a TLS handshake. Due to a logic error in how gnutls processes multi-record OCSP responses, a client with OCSP verification enabled may incorrectly accept a revoked server certificate, potentially leading to a compromise of trust.
CVE-2026-3833: A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of `nameConstraints` labels, specifically for `dNSName` (DNS) or `rfc822Name` (email) constraints within `excludedSubtrees` or `permittedSubtrees`. A remote attacker can exploit this by crafting a leaf certificate with casing differences in the Subject Alternative Name (SAN), leading to a policy bypass where a certificate that should be rejected is instead accepted. This could result in unauthorized access or information disclosure.
CVE-2026-5260:
CVE-2026-5419:
CVE-2026-33845: A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service.
CVE-2026-33846: A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS. The issue arises in merge_handshake_packet() where incoming handshake fragments are matched and merged based solely on handshake type, without validating that the message_length field remains consistent across all fragments of the same logical message. An attacker can exploit this by sending crafted DTLS fragments with conflicting message_length values, causing the implementation to allocate a buffer based on a smaller initial fragment and subsequently write beyond its bounds using larger, inconsistent fragments. Because the merge operation does not enforce proper bounds checking against the allocated buffer size, this results in an out-of-bounds write on the heap. The vulnerability is remotely exploitable without authentication via the DTLS handshake path and can lead to application crashes or potential memory corruption.
CVE-2026-42009:
CVE-2026-42010: A flaw was found in gnutls. Servers configured with RSA-PSK (Rivest–Shamir–Adleman – Pre-Shared Key) wrongfully matched usernames containing a NUL character with truncated usernames. A remote attacker could exploit this by sending a specially crafted username, leading to an authentication bypass. This vulnerability allows an attacker to gain unauthorized access by circumventing the authentication process.
CVE-2026-42011: A flaw was found in gnutls. This vulnerability occurs because permitted name constraints were incorrectly ignored when previous Certificate Authorities (CAs) only had excluded name constraints. A remote attacker could exploit this to bypass critical name constraint checks during certificate validation. This bypass could lead to the acceptance of invalid certificates, potentially enabling spoofing or man-in-the-middle attacks against affected systems.
CVE-2026-42012:
CVE-2026-42013:
CVE-2026-42014:
CVE-2026-42015:

Created: 2026-04-30 Last update: 2026-05-08 07:00

lintian reports 13 warnings high

Lintian reports 13 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2025-11-24 Last update: 2026-02-21 17:30

The package has not entered testing even though the delay is over normal

The package has not entered testing even though the 5-day delay is over. Check why.

Created: 2026-05-06 Last update: 2026-05-09 05:04

3 bugs tagged patch in the BTS normal

The BTS contains patches fixing 3 bugs, consider including or untagging them.

Created: 2026-04-06 Last update: 2026-05-09 05:00

Fails to build during reproducibility testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2024-09-01 Last update: 2026-05-08 23:01

1 new commit since last upload, is it time to release? normal

vcswatch reports that this package seems to have new commits in its VCS but has not yet updated debian/changelog. You should consider updating the Debian changelog and uploading this new version into the archive.

Here are the relevant commit logs:

commit c7c579b0013d4a5b2913b1798ae045be79c6f01f
Author: Andreas Metzler <ametzler@bebt.de>
Date:   Fri May 1 11:39:50 2026 +0200

    Retroactively add CVE-number and bug-closer to changelog.

Created: 2026-05-01 Last update: 2026-05-06 12:32

1 open merge request in Salsa normal

There is 1 open merge request for this package on Salsa. You should consider reviewing and/or merging these merge requests.

Created: 2025-09-21 Last update: 2026-03-14 07:04

debian/patches: 1 patch to forward upstream low

Among the 3 debian patches available in version 3.8.13-1 of the package, we noticed the following issues:

1 patch where the metadata indicates that the patch has not yet been forwarded upstream. You should either forward the patch upstream or update the metadata to document its real status.

Created: 2023-02-26 Last update: 2026-05-01 15:34

Issues found with some translations low

Automatic checks made by the Debian l10n team found some issues with the translations contained in this package. You should check the l10n status report for more information.

Issues can be things such as missing translations, problematic translated strings, outdated PO files, unknown languages, etc.

Created: 2026-02-22 Last update: 2026-02-22 09:33

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.7.4 instead of 4.7.3).

Created: 2026-03-31 Last update: 2026-05-01 10:51

testing migrations

excuses:
- Migration status for gnutls28 (3.8.12-3 to 3.8.13-1): Waiting for test results or another package, or too young (no action required now - check later)
- Issues preventing migration:
- ∙ ∙ Autopkgtest for exim4/4.99.1-1: amd64: Pass ♻, arm64: Pass ♻, i386: Pass ♻, ppc64el: Pass ♻, riscv64: Pass ♻
- ∙ ∙ Autopkgtest for gnutls28/3.8.13-1: amd64: Pass, arm64: Pass, i386: Pass, ppc64el: Pass, riscv64: Pass, s390x: Pass
- ∙ ∙ Autopkgtest for haproxy/3.2.16-1: amd64: Pass ♻, arm64: Pass ♻, i386: Pass ♻, ppc64el: Pass ♻, riscv64: Pass ♻, s390x: Pass ♻
- ∙ ∙ Autopkgtest for librist/0.2.14+dfsg-1: amd64: Pass, arm64: Test triggered, i386: Test triggered, ppc64el: Test triggered, riscv64: Pass, s390x: Test triggered
- ∙ ∙ Autopkgtest for network-manager/1.56.0-6: arm64: No tests, superficial or marked flaky ♻, i386: No tests, superficial or marked flaky ♻, ppc64el: No tests, superficial or marked flaky ♻, riscv64: No tests, superficial or marked flaky ♻, s390x: No tests, superficial or marked flaky ♻
- ∙ ∙ Autopkgtest for wireshark/4.6.4-1: amd64: Pass ♻, arm64: Pass ♻, i386: Pass ♻, ppc64el: Pass ♻, riscv64: Pass ♻, s390x: Pass ♻
- Additional info (not blocking):
- ∙ ∙ Piuparts tested OK - https://piuparts.debian.org/sid/source/g/gnutls28.html
- ∙ ∙ Reproduced on amd64
- ∙ ∙ Reproduced on arm64
- ∙ ∙ Reproduced on armhf
- ∙ ∙ Reproduced on i386
- ∙ ∙ Reproducibility check waiting for results on ppc64el
- ∙ ∙ 8 days old (needed 5 days)
- Not considered

news

[rss feed]

[2026-05-01] Accepted gnutls28 3.8.13-1 (source) into unstable (Andreas Metzler)
[2026-04-03] Accepted gnutls28 3.8.9-3+deb13u3 (source) into proposed-updates (Debian FTP Masters) (signed by: Andreas Metzler)
[2026-03-15] gnutls28 3.8.12-3 MIGRATED to testing (Debian testing watch)
[2026-02-28] Accepted gnutls28 3.8.12-4 (source) into experimental (Andreas Metzler)
[2026-02-25] Accepted gnutls28 3.7.1-5+deb11u9 (source) into oldoldstable-security (Guilhem Moulin)
[2026-02-21] Accepted gnutls28 3.7.9-2+deb12u6 (source) into oldstable-proposed-updates (Debian FTP Masters) (signed by: Andreas Metzler)
[2026-02-21] Accepted gnutls28 3.8.12-3 (source) into unstable (Andreas Metzler)
[2026-02-20] gnutls28 3.8.12-2 MIGRATED to testing (Debian testing watch)
[2026-02-19] Accepted gnutls28 3.8.9-3+deb13u2 (source) into proposed-updates (Debian FTP Masters) (signed by: Andreas Metzler)
[2026-02-18] Accepted gnutls28 3.7.9-2+deb12u6 (source) into oldstable-security (Debian FTP Masters) (signed by: Andreas Metzler)
[2026-02-18] Accepted gnutls28 3.8.9-3+deb13u2 (source) into stable-security (Debian FTP Masters) (signed by: Andreas Metzler)
[2026-02-12] Accepted gnutls28 3.8.12-2 (source amd64 all) into unstable (Debian FTP Masters) (signed by: Andreas Metzler)
[2026-02-09] Accepted gnutls28 3.8.12-1 (source) into unstable (Andreas Metzler)
[2025-12-20] Accepted gnutls28 3.8.9-3+deb13u1 (source) into proposed-updates (Debian FTP Masters) (signed by: Andreas Metzler)
[2025-12-11] gnutls28 3.8.11-3 MIGRATED to testing (Debian testing watch)
[2025-11-23] Accepted gnutls28 3.8.11-3 (source) into unstable (Andreas Metzler)
[2025-11-23] Accepted gnutls28 3.8.11-2 (source) into experimental (Andreas Metzler)
[2025-11-22] Accepted gnutls28 3.8.11-1 (source) into experimental (Andreas Metzler)
[2025-10-29] gnutls28 3.8.10-3 MIGRATED to testing (Debian testing watch)
[2025-10-26] Accepted gnutls28 3.8.10-3 (source) into unstable (Andreas Metzler)
[2025-10-03] gnutls28 3.8.10-2 MIGRATED to testing (Debian testing watch)
[2025-08-11] Accepted gnutls28 3.8.10-2 (source) into unstable (Andreas Metzler)
[2025-08-09] Accepted gnutls28 3.7.1-5+deb11u8 (source) into oldstable-security (Adrian Bunk)
[2025-07-26] Accepted gnutls28 3.7.9-2+deb12u5 (source) into proposed-updates (Debian FTP Masters) (signed by: Andreas Metzler)
[2025-07-16] Accepted gnutls28 3.7.9-2+deb12u5 (source) into stable-security (Debian FTP Masters) (signed by: Andreas Metzler)
[2025-07-15] gnutls28 3.8.9-3 MIGRATED to testing (Debian testing watch)
[2025-07-09] Accepted gnutls28 3.8.10-1 (source) into experimental (Andreas Metzler)
[2025-07-09] Accepted gnutls28 3.8.9-3 (source) into unstable (Andreas Metzler)
[2025-02-21] Accepted gnutls28 3.7.1-5+deb11u7 (source) into oldstable-security (Guilhem Moulin)
[2025-02-18] Accepted gnutls28 3.7.9-2+deb12u4 (source) into proposed-updates (Debian FTP Masters) (signed by: Andreas Metzler)

bugs [bug history graph]

all: 20
RC: 0
I&N: 14
M&W: 6
F&P: 0
patch: 3

links

homepage
lintian (0, 13)
buildd: logs, reproducibility, cross
popcon
browse source code
other distros
security tracker
l10n (-, 86)
debian patches
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 3.8.12-2ubuntu1
9 bugs (1 patch)
patches for 3.8.12-2ubuntu1