File _patchinfo of Package patchinfo.39718

<patchinfo incident="39718">
  <issue tracker="bnc" id="1246233">VUL-0: CVE-2025-32989: gnutls: heap buffer overread when handling the Certificate Transparency (CT) Signed Certificate Timestamp (SCT) extension during X.509 certificate parsing</issue>
  <issue tracker="bnc" id="1246232">VUL-0: CVE-2025-32988: gnutls: double-free due to incorrect ownership handling in the export logic of Subject Alternative Name (SAN) entries containing an otherName</issue>
  <issue tracker="bnc" id="1246267">VUL-0: CVE-2025-32990: gnutls: 1-byte heap buffer overflow when parsing templates with certtool</issue>
  <issue tracker="bnc" id="1246299">VUL-0: CVE-2025-6395: gnutls: NULL pointer dereference when 2nd Client Hello omits PSK</issue>
  <issue tracker="cve" id="2025-6395"/>
  <issue tracker="cve" id="2025-32988"/>
  <issue tracker="cve" id="2025-32989"/>
  <issue tracker="cve" id="2025-32990"/>
  <packager>lmulling</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for gnutls</summary>
  <description>This update for gnutls fixes the following issues:

- CVE-2025-6395: Fix NULL pointer dereference when 2nd Client Hello omits PSK (bsc#1246299)
- CVE-2025-32988: Fix double-free due to incorrect ownership handling in the export logic of SAN entries containing an otherName (bsc#1246232)
- CVE-2025-32989: Fix heap buffer overread when handling the CT SCT extension during X.509 certificate parsing (bsc#1246233)
- CVE-2025-32990: Fix 1-byte heap buffer overflow when parsing templates with certtool (bsc#1246267)
</description>
</patchinfo>