gnutls is vulnerable to Denial of Service(DoS). The vulnerability is due to excessive resource consumption caused by the “certtool --verify-chain” command when verifying a specially crafted .pem bundle, leading to an application crash.
www.openwall.com/lists/oss-security/2024/03/22/1
www.openwall.com/lists/oss-security/2024/03/22/2
access.redhat.com/errata/RHSA-2024:1879
access.redhat.com/errata/RHSA-2024:2570
access.redhat.com/errata/RHSA-2024:2889
access.redhat.com/security/cve/CVE-2024-28835
bugzilla.redhat.com/show_bug.cgi?id=2269084
lists.gnupg.org/pipermail/gnutls-help/2024-March/004845.html
secdb.alpinelinux.org/v3.18/main.yaml
secdb.alpinelinux.org/v3.19/main.yaml