Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Lightspeed
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Lightspeed
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2026:34372 - Security Advisory
Issued:
2026-07-01
Updated:
2026-07-01

RHSA-2026:34372 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: gnutls security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for gnutls is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS.

Security Fix(es):

  • gnutls: GnuTLS: Denial of Service via DTLS zero-length fragment (CVE-2026-33845)
  • gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly (CVE-2026-33846)
  • gnutls: Fix qsort comparator in DTLS reassembly (CVE-2026-42009)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux Server - Extended Life Cycle Support 7 x86_64
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 7 s390x
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, big endian 7 ppc64
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, little endian 7 ppc64le

Fixes

  • BZ - 2450624 - CVE-2026-33845 gnutls: GnuTLS: Denial of Service via DTLS zero-length fragment
  • BZ - 2450625 - CVE-2026-33846 gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly
  • BZ - 2467279 - CVE-2026-42009 gnutls: gnutls: Denial of Service via DTLS packet reordering vulnerability

CVEs

  • CVE-2026-33845
  • CVE-2026-33846
  • CVE-2026-42009

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - Extended Life Cycle Support 7

SRPM
gnutls-3.3.29-9.el7_9.1.src.rpm SHA-256: ce39c5b13fe559eb00062934e5e2d38704f25904d84f50f359c46af226625932
x86_64
gnutls-3.3.29-9.el7_9.1.i686.rpm SHA-256: 5803a56961fd1c66f51da31bb7cd53f77c0668a1cc5d2d9e99530f41c16bf66d
gnutls-3.3.29-9.el7_9.1.x86_64.rpm SHA-256: a0d9f6f682572f472f329ba9cb49b3e221fb8b9479403c82c6259170c2bcae05
gnutls-c++-3.3.29-9.el7_9.1.i686.rpm SHA-256: 16b7301b693b81b7d1fcf7cd1194342d73f85f8c8014db8c4743f7c162d708b0
gnutls-c++-3.3.29-9.el7_9.1.x86_64.rpm SHA-256: c26425fc782d525e41d401b80100a00f8ba188f076ed2d70342612186c9d80b7
gnutls-dane-3.3.29-9.el7_9.1.i686.rpm SHA-256: 5f58760cc2750d0b53ab6036d4dab574b16eb10c6ea4b1d3b681023abe1ea0cb
gnutls-dane-3.3.29-9.el7_9.1.x86_64.rpm SHA-256: a6221e49e34d57c5ccaf7252699fb9994d284171d11a68a0339ac0968f869cae
gnutls-debuginfo-3.3.29-9.el7_9.1.i686.rpm SHA-256: b99f2b75c13521c4b09e80f2bbee5d6c3931bc021c71840ae585f91dd8c840a6
gnutls-debuginfo-3.3.29-9.el7_9.1.x86_64.rpm SHA-256: 9d96bafe3a91db0439b6f38f126255adc139f114c3f0e20e16bdd45d3f7406e3
gnutls-devel-3.3.29-9.el7_9.1.i686.rpm SHA-256: bf9d5297c68b88eeae76d13fc1fa0f674f773f1b509e4a3f7d5e2ca5741c0654
gnutls-devel-3.3.29-9.el7_9.1.x86_64.rpm SHA-256: f4ff6feff7fd2b7bf2b267c73ae8b27399d387bab9edcf2671871c5d1daac747
gnutls-utils-3.3.29-9.el7_9.1.x86_64.rpm SHA-256: 88e5e279555fd3d7372f365b6244dfa2d93ac4723e55fb02f8c84d9bceb7da17

Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 7

SRPM
gnutls-3.3.29-9.el7_9.1.src.rpm SHA-256: ce39c5b13fe559eb00062934e5e2d38704f25904d84f50f359c46af226625932
s390x
gnutls-3.3.29-9.el7_9.1.s390.rpm SHA-256: e8374222e839770da14d87cc5d09f4a62894371b015a27c5304b6b6fdc07c724
gnutls-3.3.29-9.el7_9.1.s390x.rpm SHA-256: 5ee768231e913b16ad2c175e354e62448d7e27d4e669b0841f969404dbd9e66c
gnutls-c++-3.3.29-9.el7_9.1.s390.rpm SHA-256: 57f8abeed244232b96e802fd597ddd4212e8626b9ea56797ac56683311392d72
gnutls-c++-3.3.29-9.el7_9.1.s390x.rpm SHA-256: ad9eeb25d1d3769e0227ec211779a029149497d0752e91c25bbc9e6822a0addb
gnutls-dane-3.3.29-9.el7_9.1.s390.rpm SHA-256: 966a08b2ef470fcbbb9de54f94cd6ef62318b444925933188fe14288e4b593b4
gnutls-dane-3.3.29-9.el7_9.1.s390x.rpm SHA-256: 5c56cd32c4798a3027605d882de985534afcd8f3f0379001d521e76997600ca5
gnutls-debuginfo-3.3.29-9.el7_9.1.s390.rpm SHA-256: 666ad50095b471092a743483a70c1071148efe465e90b6dbcd37bd911788530a
gnutls-debuginfo-3.3.29-9.el7_9.1.s390x.rpm SHA-256: ae6544bf67ea933d98770d5bcb561d539b6408ae4b55674811e095a6024ccfa4
gnutls-devel-3.3.29-9.el7_9.1.s390.rpm SHA-256: cf68f8c184a6c61ba1f4dd1d47e72c39b7d8763af50f6e57c08c604d38a28b20
gnutls-devel-3.3.29-9.el7_9.1.s390x.rpm SHA-256: 87047a478140bf9457de440b7e182cbcd931bbb998a2083be3b9146346f2313c
gnutls-utils-3.3.29-9.el7_9.1.s390x.rpm SHA-256: 59bcdeff4345655e83dbdfcb2c82dc00532eadb837445ed6f180433dfc621379

Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, big endian 7

SRPM
gnutls-3.3.29-9.el7_9.1.src.rpm SHA-256: ce39c5b13fe559eb00062934e5e2d38704f25904d84f50f359c46af226625932
ppc64
gnutls-3.3.29-9.el7_9.1.ppc.rpm SHA-256: 1b14167a86a526ab7bb1de8d9d4d672e10ef433941bde11aa0bf59d526414af2
gnutls-3.3.29-9.el7_9.1.ppc64.rpm SHA-256: b4b7b2973cb87f6c82809c8d79efc3a0697becb9f1dba66e3c0e4d93b72b46ff
gnutls-c++-3.3.29-9.el7_9.1.ppc.rpm SHA-256: 8726dac4b07df8731867375aa8181b3ded9be3eb58b0fb9b7cdf24e3bdae76f4
gnutls-c++-3.3.29-9.el7_9.1.ppc64.rpm SHA-256: 9ca76ed1693b7c2b2ce1d4e5e5a70aae523a4b7cc2a805522df9af525debe0b9
gnutls-dane-3.3.29-9.el7_9.1.ppc.rpm SHA-256: bc52c7595b8bd512e27a92c353d27dfa748e4637113fdaa5a0a46bcf8c3abafd
gnutls-dane-3.3.29-9.el7_9.1.ppc64.rpm SHA-256: 86d2769f67dd67a1951a9400fdbf00df0530799958e854e42371efa44cf13029
gnutls-debuginfo-3.3.29-9.el7_9.1.ppc.rpm SHA-256: 2488b2365e7cddf3cd2eb32687f5d4d1f7f524cb4ab5d7ba4ee9e4d7032d5918
gnutls-debuginfo-3.3.29-9.el7_9.1.ppc64.rpm SHA-256: 27401f2e81dc7ee385e57bab896516fd546349e488b33dfd950e62f166636fcd
gnutls-devel-3.3.29-9.el7_9.1.ppc.rpm SHA-256: ab59d6e846b5aa67558171f977283fd688bd1946e5f04a668acf3a2b3ed88c5a
gnutls-devel-3.3.29-9.el7_9.1.ppc64.rpm SHA-256: aaf6c146a839d1fd3ee4c59a5ea502c33e2ebbf596325c50088e7ecd90faf08f
gnutls-utils-3.3.29-9.el7_9.1.ppc64.rpm SHA-256: 79fd18ddac29bccf9355857436404513996f40ae6f396278d6139aad7020083c

Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, little endian 7

SRPM
gnutls-3.3.29-9.el7_9.1.src.rpm SHA-256: ce39c5b13fe559eb00062934e5e2d38704f25904d84f50f359c46af226625932
ppc64le
gnutls-3.3.29-9.el7_9.1.ppc64le.rpm SHA-256: 5f3f8c590666a8f2c10f105bac10c28f3aa3734eca840ed06d10818a9c6b837f
gnutls-c++-3.3.29-9.el7_9.1.ppc64le.rpm SHA-256: 55adcf284705928b4ebc602ac5f5647bec9fd94aca1e425574d6fa8e267f50c3
gnutls-dane-3.3.29-9.el7_9.1.ppc64le.rpm SHA-256: 33f0bd16a5ef5f960797ee8410f16ff1f158db620a54779d524e5a77ae46cb7d
gnutls-debuginfo-3.3.29-9.el7_9.1.ppc64le.rpm SHA-256: a312dd407f64ceaae8d82454009a887ec5ee345a59ce9e9288b6da732484d35b
gnutls-devel-3.3.29-9.el7_9.1.ppc64le.rpm SHA-256: 27433c4b1956a33c1998d9a700f8ab7b14bf458a997b872c977817308588b295
gnutls-utils-3.3.29-9.el7_9.1.ppc64le.rpm SHA-256: d735ee107ced1c2db8afd614aebca85ff6a06a9bdf9a42cd3924575c0b37a271

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2026 Red Hat

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility