oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

gnutls 3.8.12 fixes CVE-2026-1584 & CVE-2025-14831

From: Alan Coopersmith <alan.coopersmith () oracle com>
Date: Mon, 9 Feb 2026 13:36:00 -0800
[https://gnutls.org/security-new.html does not yet seem to be updated with
information on GNUTLS-SA-2026-02-09-1 & GNUTLS-SA-2026-02-09-2.]


-------- Forwarded Message --------
Subject: gnutls 3.8.12
Date: Mon, 9 Feb 2026 10:25:10 -0600
From: Alexander Sosedkin <asosedkin () redhat com>
To: gnutls-help () lists gnutls org
CC: info-gnu () gnu org

Hello,

We have just released gnutls-3.8.12. This is a bug fix, security and
enhancement release on the 3.8.x branch.

We would like to thank everyone who contributed in this release:
Alexander Sosedkin, Daiki Ueno, Mikhail Dmitrichenko, František Krenželok,
Jan Palus, Julien Olivain, Markus Theil, Maxim Cournoyer, xinpeng wang.

The detailed list of changes follows:

* Version 3.8.12 (released 2026-02-09)

** libgnutls: Fix NULL pointer dereference in PSK binder verification
   A TLS 1.3 resumption attempt with an invalid PSK binder value in ClientHello
   could lead to a denial of service attack via crashing the server.
   The updated code guards against the problematic dereference.
   Reported by Jaehun Lee.
   [Fixes: GNUTLS-SA-2026-02-09-1, CVSS: high] [CVE-2026-1584]

** libgnutls: Fix name constraint processing performance issue
   Verifying certificates with pathological amounts of name constraints
   could lead to a denial of service attack via resource exhaustion.
   Reworked processing algorithms exhibit better performance characteristics.
   Reported by Tim Scheckenbach.
   [Fixes: GNUTLS-SA-2026-02-09-2, CVSS: medium] [CVE-2025-14831]

** libgnutls: Fix multiple unexploitable overflows
   Reported by Tim Rühsen (#1783, #1786).

** libgnutls: Fall back to thread-unsafe module initialization
   Improve fallback handling for PKCS#11 modules that
   don't support thread-safe initialization (#1774).
   Also return filename from p11_kit_module_get_name() for unconfigured modules.

** libgnutls: Accept NULL as digest argument for gnutls_hash_output
   The accelerated implementation of gnutls_hash_output() now
   properly accepts NULL as the digest argument, matching the
   behavior of the reference implementation (#1769).

** srptool: Avoid a stack buffer overflow when processing large SRP groups.
   Reported and fixed by Mikhail Dmitrichenko (#1777).

** API and ABI modifications:
No changes since last version.


Getting the Software
================

GnuTLS may be downloaded directly from
https://www.gnupg.org/ftp/gcrypt/
A list of GnuTLS mirrors can be found at
http://www.gnutls.org/download.html

Here are the XZ compressed sources:
https://www.gnupg.org/ftp/gcrypt/gnutls/v3.8/gnutls-3.8.12.tar.xz

Here are OpenPGP detached signatures signed using keys:
5D46CB0F763405A7053556F47A75A648B3F9220C
and
E987AB7F7E89667776D05B3BB0E9DD20B29F1432
https://www.gnupg.org/ftp/gcrypt/gnutls/v3.8/gnutls-3.8.12.tar.xz.sig

Note that it has been signed with the following openpgp keys:

pub   ed25519 2021-12-23 [SC] [expires: 2027-01-01]
      5D46CB0F763405A7053556F47A75A648B3F9220C
uid           [ultimate] Zoltan Fridrich <zfridric () redhat com>
sub   cv25519 2021-12-23 [E] [expires: 2027-01-01]

pub   rsa4096 2016-09-27 [SC]
      E987AB7F7E89667776D05B3BB0E9DD20B29F1432
uid           [ultimate] Alexander Sosedkin <monk () unboiled info>
sub   rsa4096 2021-08-21 [A]
sub   rsa4096 2016-09-27 [E]
sub   rsa4096 2016-09-27 [S]


Regards,
Alexander Sosedkin
Previous By Date Next
Previous By Thread Next

Current thread: