On Mon Jun 22, 2026 at 4:58 PM CEST, Yoann Congal wrote:
> On Sat Jun 13, 2026 at 12:25 PM CEST, Sudhir Dumbhare via 
> lists.openembedded.org wrote:
>> From: Sudhir Dumbhare <[email protected]>
>>
>> Analysis:
>>   - CVE-2026-3832 affects GnuTLS OCSP multi-record response handling.
>>   - The vulnerable OCSP response handling code was introduced in GnuTLS 
>> 3.8.8.
>>   - This vulnerable code is not present in the current GnuTLS 3.8.4.
>>   - Hence ignoring the CVE for this version.
>>
>> Reference:
>> https://nvd.nist.gov/vuln/detail/CVE-2026-3832
>> https://security-tracker.debian.org/tracker/CVE-2026-3832
>> https://gitlab.com/gnutls/gnutls/-/issues/1801
>>
>> Signed-off-by: Sudhir Dumbhare <[email protected]>
>> ---
>
> I think the CVE applies to wrynose. Can you send a fix there, and then,
> ping back here?

Hello,

Gentle ping for this series. Do you plan to send the needed wrynose
patches?

Regards,

>
> Thanks!
>
>>  meta/recipes-support/gnutls/gnutls_3.8.4.bb | 2 ++
>>  1 file changed, 2 insertions(+)
>>
>> diff --git a/meta/recipes-support/gnutls/gnutls_3.8.4.bb 
>> b/meta/recipes-support/gnutls/gnutls_3.8.4.bb
>> index ccb6a2b4b2..6d43c58df2 100644
>> --- a/meta/recipes-support/gnutls/gnutls_3.8.4.bb
>> +++ b/meta/recipes-support/gnutls/gnutls_3.8.4.bb
>> @@ -124,3 +124,5 @@ pkg_postinst_ontarget:${PN}-fips () {
>>          ${bindir}/fipshmac ${libdir}/libhogweed.so.6.* > 
>> ${libdir}/.libhogweed.so.6.hmac
>>      fi
>>  }
>> +
>> +CVE_STATUS[CVE-2026-3832] = "fixed-version: vulnerable multi-record OCSP 
>> response handling was introduced in 3.8.8 and is not present in 3.8.4"


-- 
Yoann Congal
Smile ECS

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#240333): 
https://lists.openembedded.org/g/openembedded-core/message/240333
Mute This Topic: https://lists.openembedded.org/mt/119786186/21656
Group Owner: [email protected]
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to