ALSA-2026:1472

[ALSA-2026:1472] Important: openssl security update

Type:

security

Severity:

important

Release date:

2026-01-28

Description:

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.  

Security Fix(es):  

  * openssl: OpenSSL: Arbitrary code execution or denial of service through crafted PKCS#12 file (CVE-2025-11187)
  * openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing (CVE-2025-15467)
  * openssl: OpenSSL: Denial of Service via NULL pointer dereference in QUIC protocol handling (CVE-2025-15468)
  * openssl: OpenSSL: Data integrity bypass in `openssl dgst` command due to silent truncation (CVE-2025-15469)
  * openssl: OpenSSL: Denial of Service due to excessive memory allocation in TLS 1.3 certificate compression (CVE-2025-66199)
  * openssl: OpenSSL: Denial of Service due to out-of-bounds write in BIO filter (CVE-2025-68160)
  * openssl: OpenSSL: Information disclosure and data tampering via specific low-level OCB encryption/decryption calls (CVE-2025-69418)
  * openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing (CVE-2025-69419)
  * openssl: OpenSSL: Denial of Service via malformed PKCS#12 file processing (CVE-2025-69421)
  * openssl: OpenSSL: Denial of Service via malformed TimeStamp Response (CVE-2025-69420)
  * openssl: OpenSSL: Denial of Service due to type confusion in PKCS#12 file processing (CVE-2026-22795)
  * openssl: OpenSSL: Denial of Service via type confusion in PKCS#7 signature verification (CVE-2026-22796)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	openssl-devel-3.5.1-7.el10_1.alma.1.aarch64.rpm	3523f929691232e0eb1e627d3cf45c6f548ddb5b13a11a64b569d11497a988cf
aarch64	openssl-3.5.1-7.el10_1.alma.1.aarch64.rpm	5600edd73b876692803321b1a5c4ed7470dbf8e47d5289080081e41f02d0790b
aarch64	openssl-perl-3.5.1-7.el10_1.alma.1.aarch64.rpm	917611d59595fd28bd2bb61c0b4293579baf2e1c6495c00500c005aeeb9403c0
aarch64	openssl-libs-3.5.1-7.el10_1.alma.1.aarch64.rpm	be956851803f7a37188ac52dfdcdcba56b2a2c7806be5a88fcb67619b5132b2e
ppc64le	openssl-libs-3.5.1-7.el10_1.alma.1.ppc64le.rpm	247a6f7366157b922fdfdd91549fa12915fc80dc30cf85f21a4ef5154322234f
ppc64le	openssl-devel-3.5.1-7.el10_1.alma.1.ppc64le.rpm	2729e26795c7e8af78eb3ba4b135985439964694f891a6ed469cca8fe1276828
ppc64le	openssl-perl-3.5.1-7.el10_1.alma.1.ppc64le.rpm	45f72bffe71f9ab751e3ee2562106ff3c7cd31e4a3c48724225234cf5589f0d2
ppc64le	openssl-3.5.1-7.el10_1.alma.1.ppc64le.rpm	70658de7c21785e728d56ff5c103c4fc9d7a6951822bcb0ee45ac2a4c9a6a840
s390x	openssl-libs-3.5.1-7.el10_1.alma.1.s390x.rpm	24e1c1dd7c66b58a81bf78130350c6afe650230fc55fee5f22b8091d1ecc0161
s390x	openssl-devel-3.5.1-7.el10_1.alma.1.s390x.rpm	4e42736073762a9cd10d382440e5b1741f2542571681214114e232c2b617d48f
s390x	openssl-perl-3.5.1-7.el10_1.alma.1.s390x.rpm	77f694ae5197a53b840c37389a7aea3eec90ee75270c4824b1f6215856ddd575
s390x	openssl-3.5.1-7.el10_1.alma.1.s390x.rpm	a22560ca8a8aeb0e62890e27efab12b0d623ca3b3566230490d682007c5f6c28
x86_64	openssl-libs-3.5.1-7.el10_1.alma.1.x86_64.rpm	5e441746b6e0d9feae04d208d0e1d6da1af461a4a3321c8eca63d8f71dcb1d85
x86_64	openssl-3.5.1-7.el10_1.alma.1.x86_64.rpm	6e057e5914ff657625256e6e25604a16d826c800954d41b05941e32d3444ae13
x86_64	openssl-perl-3.5.1-7.el10_1.alma.1.x86_64.rpm	d07c705e095c1c210c5ba7c6b4e93a6f7db96a56b2dcc05c69fe026f0890e0f9
x86_64	openssl-devel-3.5.1-7.el10_1.alma.1.x86_64.rpm	f766d96d4506514ca6466a031c4cfb0b49758ea3407d268afef4ee6fe777ac0e
x86_64_v2	openssl-perl-3.5.1-7.el10_1.alma.1.x86_64_v2.rpm	422aa2e6605423d705390bbb677cf4dce053e71c02d1e770532682cd6329b1ad
x86_64_v2	openssl-libs-3.5.1-7.el10_1.alma.1.x86_64_v2.rpm	a52bfa06973e8a6a1a553ea1ef6e5ca3a7dc5317104c23365614f1268ff48677
x86_64_v2	openssl-3.5.1-7.el10_1.alma.1.x86_64_v2.rpm	e1f4d6d0227e7a9b385fc32056fa1351159bbcf9bdbd3e8b046b6fd67199eeb7
x86_64_v2	openssl-devel-3.5.1-7.el10_1.alma.1.x86_64_v2.rpm	efec8233a78c48beed3859e4fdc1988d5abe67b5270241a8ea1943bf047fad5d

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.