| Package | gnutls28 |
|---|---|
| Version | 3.6.7-4+deb10u14 (buster) |
| Related CVEs | CVE-2025-6395 CVE-2025-32988 CVE-2025-32990 |
Multiple vulnerabilities have been fixed in GnuTLS, a library implementing the SSL, TLS and DTLS protocols.
CVE-2025-6395
NULL dereference when 2nd Client Hello omits PSK
CVE-2025-32988
Double-free upon error when exporting otherName in SAN
CVE-2025-32990
1-byte write buffer overrun in certtool
For Debian 10 buster, these problems have been fixed in version 3.6.7-4+deb10u14.
We recommend that you upgrade your gnutls28 packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.