| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: gnutls-c++ | Distribution: CentOS |
| Version: 3.8.10 | Vendor: CentOS |
| Release: 4.el9 | Build date: Thu Apr 30 14:32:44 2026 |
| Group: Unspecified | Build host: ppc64le-09.stream.rdu2.redhat.com |
| Size: 268160 | Source RPM: gnutls-3.8.10-4.el9.src.rpm |
| Packager: builder@centos.org | |
| Url: http://www.gnutls.org/ | |
| Summary: The C++ interface to GnuTLS | |
GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols as well as APIs to parse and write X.509, PKCS #12, OpenPGP and other required structures.
GPLv3+ and LGPLv2+
* Thu Apr 30 2026 Alexander Sosedkin <asosedkin@redhat.com> - 3.8.10-4 - Fix CVE-2026-33846 (DTLS fragment reassembly, High, heap overwrite) - Fix CVE-2026-42009 (DTLS fragment reassembly, High, undefined behaviour) - Fix CVE-2026-33845 (DTLS fragment reassembly, High, heap overread) - Fix CVE-2026-42010 (PSK authentication, High, authentication bypass) - Fix CVE-2026-3833 (Name constraints, Medium, name constraint bypass) - Fix CVE-2026-42011 (Name constraints, Medium, name constraint bypass) - Fix CVE-2026-42012 (CN fallback, Medium, certificate misuse) - Fix CVE-2026-42013 (CN fallback, Medium, certificate misuse) - Fix CVE-2026-42014 (PKCS#11 PIN change, Medium, use-after-free) - Fix CVE-2026-5260 (PKCS#11 RSA, Medium, heap overread) - Fix CVE-2026-42015 (PKCS#12 appending, Low, heap overwrite) - Fix CVE-2026-3832 (OCSP, Low, revocation bypass) - Fix CVE-2026-5419 (PKCS#7, Low, timing side-channel) - Fix upstream security issue #1808 (PSK rehandshake) - Fix upstream security issue #1810 (EKU OID prefix match) - Fix upstream security issue #1813 (pkcs11-provider persistent keys) - Fix upstream security issue #1818 (RSA correctness, OpenSSL format import) - Fix upstream security issue #1819 (PKCS#11 trust removal error path) - Fix upstream security issue #1822 (SCT extension parser OOB read) - Fix upstream security issue #1841 (key zeroization in hybrid kex) - Fix upstream security issue #1823 (malformed certtool template) - Fix upstream security issue #1817 (session parameter loading robustness) - Fix upstream security issue #1820 (PKCS#11 KDF succeeding w/o deriving) - gnutls-3.8.10-CVE-2025-9820.patch: update Makefile.in * Fri Feb 06 2026 Alexander Sosedkin <asosedkin@redhat.com> - 3.8.10-3 - Fix PKCS#11 token initialization label overflow (CVE-2025-9820) - Fix name constraint processing performance issue (CVE-2025-14831) * Wed Jan 14 2026 Alexander Sosedkin <asosedkin@redhat.com> - 3.8.10-2 - Reinstate and update the prematurely dropped rekeying patch * Thu Nov 06 2025 Alexander Sosedkin <asosedkin@redhat.com> - 3.8.10-1 - Rebase to 3.8.10 - Revert defaulting to PBMAC1 in FIPS mode - Revert unapproving 1024-, 1280-, 1536- and 1792-bit RSA verification * Tue Aug 05 2025 Daiki Ueno <dueno@redhat.com> - 3.8.3-9 - key_update: rework the rekeying logic (RHEL-107499) * Fri Jul 18 2025 Daiki Ueno <dueno@redhat.com> - 3.8.3-8 - Add missing changelog entry * Fri Jul 18 2025 Daiki Ueno <dueno@redhat.com> - 3.8.3-7 - Fix CVE-2025-32988, CVE-2025-32989, CVE-2025-32990, and CVE-2025-6395 * Mon Feb 17 2025 Daiki Ueno <dueno@redhat.com> - 3.8.3-6 - Bump nettle dependency to 3.10.1 (RHEL-52740) * Wed Feb 12 2025 Alexander Sosedkin <asosedki@redhat.com> - 3.8.3-5 - Backport the fix for CVE-2024-12243 (RHEL-78580)
/usr/lib/.build-id /usr/lib/.build-id/1d /usr/lib/.build-id/1d/ee3d0085d1073bef3ec780dee734fa6f10431b /usr/lib/.build-id/70 /usr/lib/.build-id/70/ddeda06de7aec35c5631b941f396c690bfeea1 /usr/lib64/libgnutlsxx.so.28 /usr/lib64/libgnutlsxx.so.28.1.0 /usr/lib64/libgnutlsxx.so.30 /usr/lib64/libgnutlsxx.so.30.0.0
Generated by rpm2html 1.8.1
Fabrice Bellet, Fri May 8 03:14:09 2026