Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update

An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: openssl: openssl-3.5.6-0.3.hum1 aarch64, x8664 openssl-config-fips-3.5.6-0.3.hum1 aarch64, x8664 openssl-devel-3.5.6-0.3.hum1 aarch64, x8664 openssl-devel-engine-3.5.6-0.3.hum1 aarch64, x8664...

EUVD-2026-19958

Issue summary: Applications using AES-CFB128 encryption or decryption on systems with AVX-512 and VAES support can trigger an out-of-bounds read of up to 15 bytes when processing partial cipher blocks. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service fo...

SUSE CVE-2026-28386

Issue summary: Applications using AES-CFB128 encryption or decryption on systems with AVX-512 and VAES support can trigger an out-of-bounds read of up to 15 bytes when processing partial cipher blocks. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service fo...

DEBIAN-CVE-2026-28386

Issue summary: Applications using AES-CFB128 encryption or decryption on systems with AVX-512 and VAES support can trigger an out-of-bounds read of up to 15 bytes when processing partial cipher blocks. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service fo...

PT-2026-31035

Name of the Vulnerable Software and Affected Versions OpenSSL FIPS Module version 3.6 Description Applications utilizing AES-CFB128 encryption or decryption on systems equipped with AVX-512 and VAES support may experience an out-of-bounds read of up to 15 bytes when handling partial cipher blocks...

openssl security update

3.5.1-7.0.1fips - Update additional upstream references - Add FIPS package change: add fips suffix to Release and set Epoch to 10 Orabug: 35824276 - Update FIPS module name Orabug: 35824276 3.5.1-7.0.1 - Enable openssl-fips-provider dependency Orabug: 36504822 - Temporary disable...

AZL-78552 CVE-2026-22795 affecting package openssl-fips-provider 3.1.2-1

Issue summary: An invalid or NULL pointer dereference can happen in an application processing a malformed PKCS12 file. Impact summary: An application processing a malformed PKCS12 file can be caused to dereference an invalid or NULL pointer on memory read, resulting in a Denial of Service. A type...

AZL-78546 CVE-2025-69418 affecting package openssl-fips-provider 3.1.2-1

Issue summary: When using the low-level OCB API directly with AES-NI orother hardware-accelerated code paths, inputs whose length is not a multipleof 16 bytes can leave the final partial block unencrypted and unauthenticated.Impact summary: The trailing 1-15 bytes of a message may be exposed...

Moderate: Red Hat Security Advisory: openssl and openssl-fips-provider security update

An update for multiple packages is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity ratin...

Oracle Linux 9 : openssl (ELSA-2025-21255)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-21255 advisory. 3.5.1-4.0.1 - Enable openssl-fips-provider dependency Orabug: 36504822 - Temporary disable openssl-fips-provider dependency Orabug: 36504822 - Replace upstream...

AZL-78576 CVE-2025-9230 affecting package openssl-fips-provider 3.1.2-1

Issue summary: An application trying to decrypt CMS messages encrypted using password based encryption can trigger an out-of-bounds read and write. Impact summary: This out-of-bounds read may trigger a crash which leads to Denial of Service for an application. The out-of-bounds write can cause a...

AZL-78588 CVE-2025-9232 affecting package openssl-fips-provider 3.1.2-1

Issue summary: An application using the OpenSSL HTTP client API functions may trigger an out-of-bounds read if the 'noproxy' environment variable is set and the host portion of the authority component of the HTTP URL is an IPv6 address. Impact summary: An out-of-bounds read can trigger a crash...

AZL-78591 CVE-2024-12797 affecting package openssl-fips-provider 3.1.2-1

Issue summary: Clients using RFC7250 Raw Public Keys RPKs to authenticate a server may fail to notice that the server was not authenticated, because handshakes don't abort as expected when the SSLVERIFYPEER verification mode is set. Impact summary: TLS and DTLS connections using raw public keys m...

ruby security update

3.0.7-163 - Fix REXML ReDoS vulnerability. CVE-2024-49761 Resolves: rbhz2322153 3.0.7-162 - Upgrade to Ruby 3.0.7. Resolves: RHEL-35740 - Fix HTTP response splitting in CGI. Resolves: RHEL-35741 - Fix ReDoS vulnerability in URI. Resolves: RHEL-35742 - Fix ReDoS vulnerability in Time. Resolves:...

ruby:3.1 security update

ruby 3.1.5-145 - Fix REXML ReDoS vulnerability. CVE-2024-49761 Resolves: RHEL-68530 3.1.5-144 - Upgrade to Ruby 3.1.5. Resolves: RHEL-33978 - Fix buffer overread vulnerability in StringIO. Resolves: RHEL-34129 - Fix RCE vulnerability with .rdocoptions in RDoc. Resolves: RHEL-34121 - Fix arbitrary...

openssl and openssl-fips-provider security update

openssl 1:3.2.2-6.0.1 - Enable openssl-fips-provider dependency Orabug: 36504822 - Temporary disable openssl-fips-provider dependency Orabug: 36504822 - Replace upstream references Orabug: 34340177 1:3.2.2-6 - rebuilt Related: RHEL-55339 1:3.2.2-5 - Fix CVE-2024-6119: Possible denial of service i...

RHSA-2024:9333 Red Hat Security Advisory: openssl and openssl-fips-provider security update

Bulletin has no description...

Low: Red Hat Security Advisory: openssl and openssl-fips-provider security update

An update for openssl and openssl-fips-provider is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

openssl security update

3.0.7-28.0.1 - Drop OpenELA branding, apply Oracle branding patches - Enable openssl-fips-provider dependency Orabug: 36504822 - Temporary disable openssl-fips-provider dependency Orabug: 36504822 - Replace upstream references Orabug: 34340177 1:3.0.7-28 - Patch for CVE-2024-6119 Resolves:...

openssl security update

3.0.7-28.0.1 - Drop OpenELA branding, apply Oracle branding patches - Enable openssl-fips-provider dependency Orabug: 36504822 - Temporary disable openssl-fips-provider dependency Orabug: 36504822 - Replace upstream references Orabug: 34340177 1:3.0.7-28 - Patch for CVE-2024-6119 Resolves:...