Bug#1135319: gnutls28: CVE-2026-3832 CVE-2026-3833 CVE-2026-5260 CVE-2026-5419 CVE-2026-33845 CVE-2026-33846 CVE-2026-42009 CVE-2026-42010 CVE-2026-42011 CVE-2026-42012 CVE-2026-42013 CVE-2026-42014 CVE-2026-42015

Salvatore Bonaccorso carnil at debian.org
Fri May 1 06:56:26 BST 2026 

Source: gnutls28
Version: 3.8.12-3
Severity: important
Tags: security upstream
X-Debbugs-Cc: carnil at debian.org, Debian Security Team <team at security.debian.org>

Hi,

The following vulnerabilities were published for gnutls28.

CVE-2026-3832[0], CVE-2026-3833[1], CVE-2026-5260[2],
CVE-2026-5419[3], CVE-2026-33845[4], CVE-2026-33846[5],
CVE-2026-42009[6], CVE-2026-42010[7], CVE-2026-42011[8],
CVE-2026-42012[9], CVE-2026-42013[10], CVE-2026-42014[11],
CVE-2026-42015[12].

Sorry Andreas for the very unspecific bug, it is merely to bring it on
to your readar, probably was not needed though. We will have to decide
how important the set of issues is for DSA or point release update.

If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2026-3832
    https://www.cve.org/CVERecord?id=CVE-2026-3832
[1] https://security-tracker.debian.org/tracker/CVE-2026-3833
    https://www.cve.org/CVERecord?id=CVE-2026-3833
[2] https://security-tracker.debian.org/tracker/CVE-2026-5260
    https://www.cve.org/CVERecord?id=CVE-2026-5260
[3] https://security-tracker.debian.org/tracker/CVE-2026-5419
    https://www.cve.org/CVERecord?id=CVE-2026-5419
[4] https://security-tracker.debian.org/tracker/CVE-2026-33845
    https://www.cve.org/CVERecord?id=CVE-2026-33845
[5] https://security-tracker.debian.org/tracker/CVE-2026-33846
    https://www.cve.org/CVERecord?id=CVE-2026-33846
[6] https://security-tracker.debian.org/tracker/CVE-2026-42009
    https://www.cve.org/CVERecord?id=CVE-2026-42009
[7] https://security-tracker.debian.org/tracker/CVE-2026-42010
    https://www.cve.org/CVERecord?id=CVE-2026-42010
[8] https://security-tracker.debian.org/tracker/CVE-2026-42011
    https://www.cve.org/CVERecord?id=CVE-2026-42011
[9] https://security-tracker.debian.org/tracker/CVE-2026-42012
    https://www.cve.org/CVERecord?id=CVE-2026-42012
[10] https://security-tracker.debian.org/tracker/CVE-2026-42013
    https://www.cve.org/CVERecord?id=CVE-2026-42013
[11] https://security-tracker.debian.org/tracker/CVE-2026-42014
    https://www.cve.org/CVERecord?id=CVE-2026-42014
[12] https://security-tracker.debian.org/tracker/CVE-2026-42015
    https://www.cve.org/CVERecord?id=CVE-2026-42015

Regards,
Salvatore

More information about the Pkg-gnutls-maint mailing list