| Package | gnutls28 |
|---|---|
| Version | 3.5.8-5+deb9u9 (stretch) |
| Related CVEs | CVE-2025-32988 CVE-2025-32990 |
Multiple vulnerabilities have been fixed in GnuTLS, a library implementing the SSL, TLS and DTLS protocols.
CVE-2025-32988
Double-free upon error when exporting otherName in SAN
CVE-2025-32990
1-byte write buffer overrun in certtool
For Debian 9 stretch, these problems have been fixed in version 3.5.8-5+deb9u9.
We recommend that you upgrade your gnutls28 packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.