ALSA-2026:19187 Moderate: compat-openssl11 security update

The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries from the 1.1.1 version and is provided for compatibility with previous releases. Security Fixes: openssl: OpenSSL: Arbitrary code execution due to...

Fedora 44 : rust-tealdeer (2026-acda6951c6)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-acda6951c6 advisory. Rebuild with version 0.10.79 of the openssl crate which includes fixes for the following security issues: - CVE-2026-41676 / GHSA-pqf5-4pqq-29f5 -...

Unity Linux 20.1060e / 20.1070e Security Update: openssl (UTSA-2026-017581)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017581 advisory. Calls to EVPCipherUpdate, EVPEncryptUpdate and EVPDecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum...

SUSE SLES15 Security Update : openssl-3 (SUSE-SU-2026:1711-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1711-1 advisory. This update for openssl-3 fixes the following issue: - CVE-2026-28390: NULL pointer dereference during processing of a crafted CMS...

Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: openssl: openssl-3.5.6-0.3.hum1 aarch64, x8664 openssl-config-fips-3.5.6-0.3.hum1 aarch64, x8664 openssl-devel-3.5.6-0.3.hum1 aarch64, x8664 openssl-devel-engine-3.5.6-0.3.hum1 aarch64, x8664...

Astra Linux - уязвимость в openssl1.0

The Raccoon attack exploits a flaw in the TLS specification, which allows an attacker to calculate the pre-master secret in connections that use a Diffie-Hellman DH-based ciphersuite. In such cases, the attacker can eavesdrop on all encrypted communications sent over that TLS connection. The atta...

[SECURITY] Fedora 43 Update: rust-openssl-0.10.78-1.fc43

OpenSSL bindings...

Fedora 42 : rust-openssl / rust-openssl-sys (2026-76f57efeef)

The remote Fedora 42 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2026-76f57efeef advisory. Update the openssl crate to version 0.10.78 and the openssl-sys crate to version 0.9.114. Release notes: - openssl 0.10.77 / openssl-sys 0.9.113:...

JLSEC-2026-239 Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them...

Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow. Impact summary: Applications that use OBJobj2txt directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience...

CVE-2026-41676 rust-openssl: Deriver::derive and PkeyCtxRef::derive can overflow short buffers on OpenSSL 1.1.1

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.27 to before 0.10.78, Deriver::derive and PkeyCtxRef::derive sets len = buf.len and passes it as the in/out length to EVPPKEYderive, relying on OpenSSL to honor it. On OpenSSL 1.1.x, X25519, X448, DH and HKDF-extra...

CVE-2026-41676

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.27 to before 0.10.78, Deriver::derive and PkeyCtxRef::derive sets len = buf.len and passes it as the in/out length to EVPPKEYderive, relying on OpenSSL to honor it. On OpenSSL 1.1.x, X25519, X448, DH and HKDF-extra...

GHSA-PQF5-4PQQ-29F5 rust-openssl: Deriver::derive and PkeyCtxRef::derive can overflow short buffers on OpenSSL 1.1.1

Deriver::derive and PkeyCtxRef::derive sets len = buf.len and passes it as the in/out length to EVPPKEYderive, relying on OpenSSL to honor it. On OpenSSL 1.1.x, X25519, X448, DH and HKDF-extract ignore the incoming keylen, unconditionally writing the full shared secret 32/56/prime-size bytes. A...

rust-openssl: Deriver::derive and PkeyCtxRef::derive can overflow short buffers on OpenSSL 1.1.1

Deriver::derive and PkeyCtxRef::derive sets len = buf.len and passes it as the in/out length to EVPPKEYderive, relying on OpenSSL to honor it. On OpenSSL 1.1.x, X25519, X448, DH and HKDF-extract ignore the incoming keylen, unconditionally writing the full shared secret 32/56/prime-size bytes. A...

SUSE SLED15 / SLES15 Security Update : openssl-1_1 (SUSE-SU-2026:1386-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1386-1 advisory. - CVE-2026-28387: Potential use-after-free in DANE client code bsc1260441. - CVE-2026-28388: NULL Pointer...

SUSE: Security Advisory (SUSE-SU-2026:1290-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OPENSUSE-SU-2026:10533-1 libopenssl-3-devel-3.5.3-4.1 on GA media

These are all security issues fixed in the libopenssl-3-devel-3.5.3-4.1 package on the GA media of openSUSE Tumbleweed...

OESA-2026-1731 pyOpenSSL security update

pyOpenSSL is a rather thin wrapper around a subset of the OpenSSL library. With thin wrapper we mean that a lot of the object methods do nothing more than calling a corresponding function in the OpenSSL library. Security Fixes: A security vulnerability exists in the PyOpenSSL library's...

OpenSSL 3.5.0 < 3.5.6 Multiple Vulnerabilities

The version of OpenSSL installed on the remote host is prior to 3.5.6. It is, therefore, affected by multiple vulnerabilities as referenced in the 3.5.6 advisory. - Issue summary: An OpenSSL TLS 1.3 server may fail to negotiate the expected preferred key exchange group when its key exchange group...

CVE-2025-69419 affecting package openssl for versions less than 1.1.1k-38

CVE-2025-69419 affecting package openssl for versions less than 1.1.1k-38. A patched version of the package is available...

Security Bulletin: OpenSSL stack buffer overflow vulnerability affect IBM Cloud Pak System [CVE-2025-15467]

Summary Stack buffer overflow vulnerability in OpenSSL shipped with OS Image for Red Hat Enterprise Linux System affect IBM Cloud Pak System. Stack buffer overflow that can be exploited by a remote attacker to cause a Denial of Service DoS or potentially allow for remote code execution...