-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-6140-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 18, 2026 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : gnutls28 CVE ID : CVE-2025-14831 Tim Scheckenbach reported a flaw in GnuTLS, a library implementing the TLS and SSL protocols. Processing of specially crafted certificates containing a large number of name constraints may result in denial of service (resource exhaustion). For the oldstable distribution (bookworm), this problem has been fixed in version 3.7.9-2+deb12u6. This update also includes a fix for CVE-2025-9820. For the stable distribution (trixie), this problem has been fixed in version 3.8.9-3+deb13u2. We recommend that you upgrade your gnutls28 packages. For the detailed security status of gnutls28 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/gnutls28 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: [email protected] -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmmVqHVfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0Rgjw//cD2I2WzI2NDzSSXhsZUHuQpY7jXah4tiHheJjnckxISB9G8PL/mprHyE 5EuO+Gvv/gN7qxdc1iEQH8ttkzp+kluEcC+Cx/fXSmMgNjnyTKHL9i8Q6zKE3Uo5 BpTga1FkuRv/PwxYC+TdOCGVDfHmd5b8JgXBN9oi9VCs+FbSEQfcRdff8oeKCy3Y vKn4woMEIY+TXdGxcNuv+rUUzFTZr77GepCDxjuGOyoCtEI4k5CFo7p4g9rfijU6 4YkbM/cZClKbz97knIH4DnuUB8Di5DrVCsK/HDWpoD6ZUhMhU+zIG1pAISZGYKMe mGjDiQa0MXuUNy9+omK7/PkNmX0nRafTaa1uWyIo5CnxUG4N8jzAOshGZ5ucaH5k qvEsTEZyaEM6GDpTqO+uN3SFtyGgrarCmMlCAOGyalWWQGoSUyBcmo6OybnwIAHv HzZeVfTJW68gJP02q8EIBsYwO6QRLq0nzFV4W9SS/x4jdf+Ux/rKIbLW3+FS2Kzr 774Z2q9ZrXmEaKJ7WrT+Tvg1HnDd9PGJCLYfh9Hz9l20hwBB5X50Wg15QH+jttUC Mv/AKl6QrxHrasCQMM7n1Zt0elHjgfUNYo18n8CzbdRjfm1n3nYasLwwzeXLq18m PuYTnb0O+/kbraBocX/0F29bBnIVGQaw8uHOM7mPghi9l2WiuzA= =M6c9 -----END PGP SIGNATURE-----
