Release date:
2026-02-09 20:02:36 UTC
Description:
- CVE-2025-69418: fix OCB AES-NI/HW stream path leaving trailing bytes
unauthenticated/unencrypted by advancing pointers after stream processing
- CVE-2025-69420: fix missing ASN1_TYPE validation in TS_RESP_verify_response
for signing certificate attributes
- CVE-2025-15468: add a NULL guard before dereferencing SSL_CIPHER to prevent abnormal
termination of the running process causing Denial of Service
Updated packages:
-
openssl-3.2.2-6.el9_6.1.tuxcare.6.els5.x86_64.rpm
sha:e3334f1f6a34fbcb546a3e7ab5333e057f7effc457916f77d4a65d6fbea75321
-
openssl-devel-3.2.2-6.el9_6.1.tuxcare.6.els5.i686.rpm
sha:b06643b7bc72120fab00f6d54d03ba9dd74d74fd12cfa573482561310e61c2fa
-
openssl-devel-3.2.2-6.el9_6.1.tuxcare.6.els5.x86_64.rpm
sha:6af5621c8e5d8552f1df8d9e0c22303a669f9db16df62c3728d45688ecf8b897
-
openssl-libs-3.2.2-6.el9_6.1.tuxcare.6.els5.i686.rpm
sha:6e0b61f71bb89970423a47adb85f9378b48eb0926ef28a4ec8d2be12d9799afc
-
openssl-libs-3.2.2-6.el9_6.1.tuxcare.6.els5.x86_64.rpm
sha:120415980096287367e94cf3356129cc5bbb97f45c8432747945181ef2965802
-
openssl-perl-3.2.2-6.el9_6.1.tuxcare.6.els5.x86_64.rpm
sha:0cce5f2f69031c3cc500f952c2e209e6f46f13284da5a7f4d78359a975b654ae
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
