Debian Package Tracker
Register | Log in
Subscribe

p11-kit

p11-glue utilities

Choose email to subscribe with

general
  • source: p11-kit (main)
  • version: 0.26.2-3
  • maintainer: Debian GnuTLS Maintainers (archive) (DMD)
  • uploaders: Andreas Metzler [DMD]
  • arch: all any
  • std-ver: 4.7.3
  • VCS: Git (Browse, QA)
versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]
[pool directory]
  • o-o-stable: 0.23.22-1
  • oldstable: 0.24.1-2
  • stable: 0.25.5-3
  • testing: 0.26.2-3
  • unstable: 0.26.2-3
versioned links
  • 0.23.22-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 0.24.1-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 0.25.5-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
  • 0.26.2-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
binaries
  • libp11-kit-dev
  • libp11-kit0 (2 bugs: 0, 1, 1, 0)
  • p11-kit (2 bugs: 0, 1, 1, 0)
  • p11-kit-doc
  • p11-kit-modules
action needed
1 security issue in sid high

There is 1 open security issue in sid.

1 important issue:
  • CVE-2026-13757: A flaw was found in p11-kit. The RPC message attribute parsing functions p11_rpc_message_get_attribute() and p11_rpc_message_get_attribute_array_value() form a mutually-recursive call chain with no recursion depth limit when processing nested CKA_WRAP_TEMPLATE, CKA_UNWRAP_TEMPLATE, and CKA_DERIVE_TEMPLATE attributes. An unauthenticated attacker with local access to the p11-kit RPC Unix domain socket can send a specially crafted request with deeply nested template attributes, causing stack exhaustion and crashing the p11-kit server process and its dependent services.
Created: 2026-06-30 Last update: 2026-07-01 00:00
1 security issue in forky high

There is 1 open security issue in forky.

1 important issue:
  • CVE-2026-13757: A flaw was found in p11-kit. The RPC message attribute parsing functions p11_rpc_message_get_attribute() and p11_rpc_message_get_attribute_array_value() form a mutually-recursive call chain with no recursion depth limit when processing nested CKA_WRAP_TEMPLATE, CKA_UNWRAP_TEMPLATE, and CKA_DERIVE_TEMPLATE attributes. An unauthenticated attacker with local access to the p11-kit RPC Unix domain socket can send a specially crafted request with deeply nested template attributes, causing stack exhaustion and crashing the p11-kit server process and its dependent services.
Created: 2026-06-30 Last update: 2026-07-01 00:00
1 security issue in bullseye high

There is 1 open security issue in bullseye.

1 important issue:
  • CVE-2026-13757: A flaw was found in p11-kit. The RPC message attribute parsing functions p11_rpc_message_get_attribute() and p11_rpc_message_get_attribute_array_value() form a mutually-recursive call chain with no recursion depth limit when processing nested CKA_WRAP_TEMPLATE, CKA_UNWRAP_TEMPLATE, and CKA_DERIVE_TEMPLATE attributes. An unauthenticated attacker with local access to the p11-kit RPC Unix domain socket can send a specially crafted request with deeply nested template attributes, causing stack exhaustion and crashing the p11-kit server process and its dependent services.
Created: 2026-06-30 Last update: 2026-07-01 00:00
1 security issue in bookworm high

There is 1 open security issue in bookworm.

1 important issue:
  • CVE-2026-13757: A flaw was found in p11-kit. The RPC message attribute parsing functions p11_rpc_message_get_attribute() and p11_rpc_message_get_attribute_array_value() form a mutually-recursive call chain with no recursion depth limit when processing nested CKA_WRAP_TEMPLATE, CKA_UNWRAP_TEMPLATE, and CKA_DERIVE_TEMPLATE attributes. An unauthenticated attacker with local access to the p11-kit RPC Unix domain socket can send a specially crafted request with deeply nested template attributes, causing stack exhaustion and crashing the p11-kit server process and its dependent services.
Created: 2026-06-30 Last update: 2026-07-01 00:00
2 bugs tagged patch in the BTS normal
The BTS contains patches fixing 2 bugs, consider including or untagging them.
Created: 2026-06-02 Last update: 2026-07-01 11:30
1 low-priority security issue in trixie low

There is 1 open security issue in trixie.

1 issue left for the package maintainer to handle:
  • CVE-2026-13757: (needs triaging) A flaw was found in p11-kit. The RPC message attribute parsing functions p11_rpc_message_get_attribute() and p11_rpc_message_get_attribute_array_value() form a mutually-recursive call chain with no recursion depth limit when processing nested CKA_WRAP_TEMPLATE, CKA_UNWRAP_TEMPLATE, and CKA_DERIVE_TEMPLATE attributes. An unauthenticated attacker with local access to the p11-kit RPC Unix domain socket can send a specially crafted request with deeply nested template attributes, causing stack exhaustion and crashing the p11-kit server process and its dependent services.

You can find information about how to handle this issue in the security team's documentation.

Created: 2026-06-30 Last update: 2026-07-01 00:00
debian/patches: 2 patches to forward upstream low

Among the 2 debian patches available in version 0.26.2-3 of the package, we noticed the following issues:

  • 2 patches where the metadata indicates that the patch has not yet been forwarded upstream. You should either forward the patch upstream or update the metadata to document its real status.
Created: 2023-02-26 Last update: 2026-06-11 07:00
Issues found with some translations low

Automatic checks made by the Debian l10n team found some issues with the translations contained in this package. You should check the l10n status report for more information.

Issues can be things such as missing translations, problematic translated strings, outdated PO files, unknown languages, etc.

Created: 2026-02-22 Last update: 2026-02-22 09:33
Standards version of the package is outdated. wishlist
The package should be updated to follow the last version of Debian Policy (Standards-Version 4.7.4 instead of 4.7.3).
Created: 2026-03-31 Last update: 2026-06-11 00:01
news
[rss feed]
  • [2026-06-16] p11-kit 0.26.2-3 MIGRATED to testing (Debian testing watch)
  • [2026-06-10] Accepted p11-kit 0.26.2-3 (source) into unstable (Andreas Metzler)
  • [2026-02-26] p11-kit 0.26.2-2 MIGRATED to testing (Debian testing watch)
  • [2026-02-21] Accepted p11-kit 0.26.2-2 (source) into unstable (Andreas Metzler)
  • [2026-02-08] Accepted p11-kit 0.26.2-1 (source) into experimental (Andreas Metzler)
  • [2025-11-26] p11-kit 0.25.10-1 MIGRATED to testing (Debian testing watch)
  • [2025-11-15] Accepted p11-kit 0.25.10-1 (source) into unstable (Andreas Metzler)
  • [2025-09-26] p11-kit 0.25.9-2 MIGRATED to testing (Debian testing watch)
  • [2025-09-21] Accepted p11-kit 0.25.9-2 (source) into unstable (Andreas Metzler)
  • [2025-09-20] Accepted p11-kit 0.25.9-1 (source) into experimental (Andreas Metzler)
  • [2024-12-29] p11-kit 0.25.5-3 MIGRATED to testing (Debian testing watch)
  • [2024-12-24] Accepted p11-kit 0.25.5-3 (source) into unstable (Andreas Metzler)
  • [2024-07-12] p11-kit 0.25.5-2 MIGRATED to testing (Debian testing watch)
  • [2024-07-07] Accepted p11-kit 0.25.5-2 (source) into unstable (Andreas Metzler)
  • [2024-07-06] Accepted p11-kit 0.25.5-1 (source) into experimental (Andreas Metzler)
  • [2024-05-06] p11-kit 0.25.3-5 MIGRATED to testing (Debian testing watch)
  • [2024-05-01] Accepted p11-kit 0.25.3-5 (source) into unstable (Andreas Metzler)
  • [2023-12-27] p11-kit 0.25.3-4 MIGRATED to testing (Debian testing watch)
  • [2023-12-27] p11-kit 0.25.3-4 MIGRATED to testing (Debian testing watch)
  • [2023-12-21] Accepted p11-kit 0.25.3-4 (source) into unstable (Andreas Metzler)
  • [2023-12-17] Accepted p11-kit 0.25.3-3 (source) into unstable (Andreas Metzler)
  • [2023-12-06] p11-kit 0.25.3-2 MIGRATED to testing (Debian testing watch)
  • [2023-12-01] Accepted p11-kit 0.25.3-2 (source) into unstable (Andreas Metzler)
  • [2023-11-30] Accepted p11-kit 0.25.3-1 (source) into experimental (Andreas Metzler)
  • [2023-11-01] Accepted p11-kit 0.25.2-1 (source) into experimental (Andreas Metzler)
  • [2023-10-26] Accepted p11-kit 0.25.1-1 (source) into experimental (Andreas Metzler)
  • [2023-10-20] p11-kit 0.25.0-5 MIGRATED to testing (Debian testing watch)
  • [2023-10-15] Accepted p11-kit 0.25.0-5 (source) into unstable (Andreas Metzler)
  • [2023-08-04] p11-kit 0.25.0-4 MIGRATED to testing (Debian testing watch)
  • [2023-07-29] Accepted p11-kit 0.25.0-4 (source) into unstable (Andreas Metzler)
  • 1
  • 2
bugs [bug history graph]
  • all: 6
  • RC: 0
  • I&N: 4
  • M&W: 2
  • F&P: 0
  • patch: 2
links
  • homepage
  • lintian
  • buildd: logs, reproducibility, cross
  • popcon
  • browse source code
  • other distros
  • security tracker
  • screenshots
  • l10n (-, 27)
  • debian patches
ubuntu Ubuntu logo [Information about Ubuntu for Debian Developers]
  • version: 0.26.2-3

Debian Package Tracker — Copyright 2013-2025 The Distro Tracker Developers
Report problems to the tracker.debian.org pseudo-package in the Debian BTS.
Documentation — Bugs — Git Repository — Contributing