Issued:: 2026-01-28
Updated:: 2026-01-28

RHSA-2026:1496 - Security Advisory

Overview
Updated Packages

Synopsis

Important: openssl security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for openssl is now available for Red Hat Enterprise Linux 10.0 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.

Security Fix(es):

openssl: OpenSSL: Arbitrary code execution or denial of service through crafted PKCS#12 file (CVE-2025-11187)
openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing (CVE-2025-15467)
openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing (CVE-2025-69419)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.0 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.0 s390x
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.0 ppc64le
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.0 aarch64
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.0 aarch64
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.0 s390x
Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.0 ppc64le
Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.0 x86_64

Fixes

BZ - 2430375 - CVE-2025-11187 openssl: OpenSSL: Arbitrary code execution or denial of service through crafted PKCS#12 file
BZ - 2430376 - CVE-2025-15467 openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing
BZ - 2430386 - CVE-2025-69419 openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing

CVEs

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.0

SRPM
openssl-3.2.2-16.el10_0.6.src.rpm	SHA-256: c40d61fec6b0523c8648d66907a7391164cb610842e1dc247b4fde213e4c80a0
x86_64
openssl-3.2.2-16.el10_0.6.x86_64.rpm	SHA-256: 6707442cc436a4ba1b7cbb3662a2c2ddbdfb7fe6927697862b3e57cd59e9eef1
openssl-debuginfo-3.2.2-16.el10_0.6.x86_64.rpm	SHA-256: 565a4f897e31793b69360bb327352c8ad06295152a7b73d00175dfc552a1193f
openssl-debuginfo-3.2.2-16.el10_0.6.x86_64.rpm	SHA-256: 565a4f897e31793b69360bb327352c8ad06295152a7b73d00175dfc552a1193f
openssl-debugsource-3.2.2-16.el10_0.6.x86_64.rpm	SHA-256: a799ee46ad259e872c642ea6b5ebc706abdaec06dae6872c867637d391b2b5e2
openssl-debugsource-3.2.2-16.el10_0.6.x86_64.rpm	SHA-256: a799ee46ad259e872c642ea6b5ebc706abdaec06dae6872c867637d391b2b5e2
openssl-devel-3.2.2-16.el10_0.6.x86_64.rpm	SHA-256: e42e13a687c2abe954159ccaf0199305817e5afff15c6f446884ac20103a10c3
openssl-libs-3.2.2-16.el10_0.6.x86_64.rpm	SHA-256: 4a3d2746b84d7ad7e2f80efee526c477b64c5ea4fd22ab3d0a265569fa432f32
openssl-libs-debuginfo-3.2.2-16.el10_0.6.x86_64.rpm	SHA-256: 84d2a8b124a67acc850538084b260ded2b024ec5c6e4727754e27fececcd9cc2
openssl-libs-debuginfo-3.2.2-16.el10_0.6.x86_64.rpm	SHA-256: 84d2a8b124a67acc850538084b260ded2b024ec5c6e4727754e27fececcd9cc2
openssl-perl-3.2.2-16.el10_0.6.x86_64.rpm	SHA-256: 402e3a199a7ed628f01d6972d066aaad2b21a111fe5875dbeeb6c54733a1acb2

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.0

SRPM
openssl-3.2.2-16.el10_0.6.src.rpm	SHA-256: c40d61fec6b0523c8648d66907a7391164cb610842e1dc247b4fde213e4c80a0
s390x
openssl-3.2.2-16.el10_0.6.s390x.rpm	SHA-256: 01d15a1d59117275942248f29ef1b5549db10c613a5b2f775b1923f8d56a41f5
openssl-debuginfo-3.2.2-16.el10_0.6.s390x.rpm	SHA-256: 4faa7e54975e2249f77efa26697e605881f2a0c5109a7146e2d1250901c86ef8
openssl-debuginfo-3.2.2-16.el10_0.6.s390x.rpm	SHA-256: 4faa7e54975e2249f77efa26697e605881f2a0c5109a7146e2d1250901c86ef8
openssl-debugsource-3.2.2-16.el10_0.6.s390x.rpm	SHA-256: d8bfc80812b94a47780813e6de555d8b8ee09ea3b44ff1cde416e296a8fd3ff7
openssl-debugsource-3.2.2-16.el10_0.6.s390x.rpm	SHA-256: d8bfc80812b94a47780813e6de555d8b8ee09ea3b44ff1cde416e296a8fd3ff7
openssl-devel-3.2.2-16.el10_0.6.s390x.rpm	SHA-256: d90e5466b105420ee2a141736bf8da28147aab2c3bd922ef5261aacbac95a066
openssl-libs-3.2.2-16.el10_0.6.s390x.rpm	SHA-256: 58570d89c6bd0f130d48bed7d13f311f842827e299865a31874de635567eeeef
openssl-libs-debuginfo-3.2.2-16.el10_0.6.s390x.rpm	SHA-256: 76c0fdbcd43482de0f18edcb0fc37d47d2f7753c940fb2793153427e80c93b35
openssl-libs-debuginfo-3.2.2-16.el10_0.6.s390x.rpm	SHA-256: 76c0fdbcd43482de0f18edcb0fc37d47d2f7753c940fb2793153427e80c93b35
openssl-perl-3.2.2-16.el10_0.6.s390x.rpm	SHA-256: 5d91f0bc519605d7fb7a0feaf187a576f657c11617f9a15afe40aaee660b3d20

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.0

SRPM
openssl-3.2.2-16.el10_0.6.src.rpm	SHA-256: c40d61fec6b0523c8648d66907a7391164cb610842e1dc247b4fde213e4c80a0
ppc64le
openssl-3.2.2-16.el10_0.6.ppc64le.rpm	SHA-256: 657d6cdd585878bb99ac8d517471169978995e212b6a30d8a7625db360aed85d
openssl-debuginfo-3.2.2-16.el10_0.6.ppc64le.rpm	SHA-256: a17230e1f50c8cc2fff7080599f17d2ec7f4e859e605a6ec17fab5e0b41ef5c3
openssl-debuginfo-3.2.2-16.el10_0.6.ppc64le.rpm	SHA-256: a17230e1f50c8cc2fff7080599f17d2ec7f4e859e605a6ec17fab5e0b41ef5c3
openssl-debugsource-3.2.2-16.el10_0.6.ppc64le.rpm	SHA-256: a4f4cf69c32a6cbaa905f7c7c6306a9ff8e744b10bb41f445a6d387cde6211cf
openssl-debugsource-3.2.2-16.el10_0.6.ppc64le.rpm	SHA-256: a4f4cf69c32a6cbaa905f7c7c6306a9ff8e744b10bb41f445a6d387cde6211cf
openssl-devel-3.2.2-16.el10_0.6.ppc64le.rpm	SHA-256: 10ed6fb53666642008e7125b0c570f7951fc1b2af00018191db20785760ea463
openssl-libs-3.2.2-16.el10_0.6.ppc64le.rpm	SHA-256: 9ac64e808cd380df1667f46870351d65dc436e29db29b687486834ad0e7623fa
openssl-libs-debuginfo-3.2.2-16.el10_0.6.ppc64le.rpm	SHA-256: 27818b3a5fca4fddd33bc2021bba876487f883d0eb8b2cfd5d6412dd3241ca08
openssl-libs-debuginfo-3.2.2-16.el10_0.6.ppc64le.rpm	SHA-256: 27818b3a5fca4fddd33bc2021bba876487f883d0eb8b2cfd5d6412dd3241ca08
openssl-perl-3.2.2-16.el10_0.6.ppc64le.rpm	SHA-256: 3125c810919087258ca635f15487f9f6e4f8ad194e07f42eadf34ba3ae7b660f

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.0

SRPM
openssl-3.2.2-16.el10_0.6.src.rpm	SHA-256: c40d61fec6b0523c8648d66907a7391164cb610842e1dc247b4fde213e4c80a0
aarch64
openssl-3.2.2-16.el10_0.6.aarch64.rpm	SHA-256: c5423b1bf3c69682557af5a455ef472ca9e98e7074013b09663a3579790aad5c
openssl-debuginfo-3.2.2-16.el10_0.6.aarch64.rpm	SHA-256: 6c273666274219a905ab4f41bbc4250c8a6daeb566c5e21d921e55d2b7341828
openssl-debuginfo-3.2.2-16.el10_0.6.aarch64.rpm	SHA-256: 6c273666274219a905ab4f41bbc4250c8a6daeb566c5e21d921e55d2b7341828
openssl-debugsource-3.2.2-16.el10_0.6.aarch64.rpm	SHA-256: 3de884d7cdb11835e600f0a261e9d57035111a11e4b8f964ef77900df1b4cef1
openssl-debugsource-3.2.2-16.el10_0.6.aarch64.rpm	SHA-256: 3de884d7cdb11835e600f0a261e9d57035111a11e4b8f964ef77900df1b4cef1
openssl-devel-3.2.2-16.el10_0.6.aarch64.rpm	SHA-256: 0a4e76580d0b6e21e6562a3ccf876e6b9636736d650a2e13e747d5ac0f10aac1
openssl-libs-3.2.2-16.el10_0.6.aarch64.rpm	SHA-256: 6ced53854f58f39f065e2f2d0b681a262a31fa20fb576bc8beb8fed19e5ad127
openssl-libs-debuginfo-3.2.2-16.el10_0.6.aarch64.rpm	SHA-256: 87bd567693c8d538045f4ddfa59097569148362e0cfd20953de18b90163e937d
openssl-libs-debuginfo-3.2.2-16.el10_0.6.aarch64.rpm	SHA-256: 87bd567693c8d538045f4ddfa59097569148362e0cfd20953de18b90163e937d
openssl-perl-3.2.2-16.el10_0.6.aarch64.rpm	SHA-256: 46cb62f39b0644d83b5bcd82dc562ce5be243c75060f272ea0ab228f38c37e4f

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.0

SRPM
openssl-3.2.2-16.el10_0.6.src.rpm	SHA-256: c40d61fec6b0523c8648d66907a7391164cb610842e1dc247b4fde213e4c80a0
aarch64
openssl-3.2.2-16.el10_0.6.aarch64.rpm	SHA-256: c5423b1bf3c69682557af5a455ef472ca9e98e7074013b09663a3579790aad5c
openssl-debuginfo-3.2.2-16.el10_0.6.aarch64.rpm	SHA-256: 6c273666274219a905ab4f41bbc4250c8a6daeb566c5e21d921e55d2b7341828
openssl-debuginfo-3.2.2-16.el10_0.6.aarch64.rpm	SHA-256: 6c273666274219a905ab4f41bbc4250c8a6daeb566c5e21d921e55d2b7341828
openssl-debugsource-3.2.2-16.el10_0.6.aarch64.rpm	SHA-256: 3de884d7cdb11835e600f0a261e9d57035111a11e4b8f964ef77900df1b4cef1
openssl-debugsource-3.2.2-16.el10_0.6.aarch64.rpm	SHA-256: 3de884d7cdb11835e600f0a261e9d57035111a11e4b8f964ef77900df1b4cef1
openssl-devel-3.2.2-16.el10_0.6.aarch64.rpm	SHA-256: 0a4e76580d0b6e21e6562a3ccf876e6b9636736d650a2e13e747d5ac0f10aac1
openssl-libs-3.2.2-16.el10_0.6.aarch64.rpm	SHA-256: 6ced53854f58f39f065e2f2d0b681a262a31fa20fb576bc8beb8fed19e5ad127
openssl-libs-debuginfo-3.2.2-16.el10_0.6.aarch64.rpm	SHA-256: 87bd567693c8d538045f4ddfa59097569148362e0cfd20953de18b90163e937d
openssl-libs-debuginfo-3.2.2-16.el10_0.6.aarch64.rpm	SHA-256: 87bd567693c8d538045f4ddfa59097569148362e0cfd20953de18b90163e937d
openssl-perl-3.2.2-16.el10_0.6.aarch64.rpm	SHA-256: 46cb62f39b0644d83b5bcd82dc562ce5be243c75060f272ea0ab228f38c37e4f

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.0

SRPM
openssl-3.2.2-16.el10_0.6.src.rpm	SHA-256: c40d61fec6b0523c8648d66907a7391164cb610842e1dc247b4fde213e4c80a0
s390x
openssl-3.2.2-16.el10_0.6.s390x.rpm	SHA-256: 01d15a1d59117275942248f29ef1b5549db10c613a5b2f775b1923f8d56a41f5
openssl-debuginfo-3.2.2-16.el10_0.6.s390x.rpm	SHA-256: 4faa7e54975e2249f77efa26697e605881f2a0c5109a7146e2d1250901c86ef8
openssl-debuginfo-3.2.2-16.el10_0.6.s390x.rpm	SHA-256: 4faa7e54975e2249f77efa26697e605881f2a0c5109a7146e2d1250901c86ef8
openssl-debugsource-3.2.2-16.el10_0.6.s390x.rpm	SHA-256: d8bfc80812b94a47780813e6de555d8b8ee09ea3b44ff1cde416e296a8fd3ff7
openssl-debugsource-3.2.2-16.el10_0.6.s390x.rpm	SHA-256: d8bfc80812b94a47780813e6de555d8b8ee09ea3b44ff1cde416e296a8fd3ff7
openssl-devel-3.2.2-16.el10_0.6.s390x.rpm	SHA-256: d90e5466b105420ee2a141736bf8da28147aab2c3bd922ef5261aacbac95a066
openssl-libs-3.2.2-16.el10_0.6.s390x.rpm	SHA-256: 58570d89c6bd0f130d48bed7d13f311f842827e299865a31874de635567eeeef
openssl-libs-debuginfo-3.2.2-16.el10_0.6.s390x.rpm	SHA-256: 76c0fdbcd43482de0f18edcb0fc37d47d2f7753c940fb2793153427e80c93b35
openssl-libs-debuginfo-3.2.2-16.el10_0.6.s390x.rpm	SHA-256: 76c0fdbcd43482de0f18edcb0fc37d47d2f7753c940fb2793153427e80c93b35
openssl-perl-3.2.2-16.el10_0.6.s390x.rpm	SHA-256: 5d91f0bc519605d7fb7a0feaf187a576f657c11617f9a15afe40aaee660b3d20

Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.0

SRPM
openssl-3.2.2-16.el10_0.6.src.rpm	SHA-256: c40d61fec6b0523c8648d66907a7391164cb610842e1dc247b4fde213e4c80a0
ppc64le
openssl-3.2.2-16.el10_0.6.ppc64le.rpm	SHA-256: 657d6cdd585878bb99ac8d517471169978995e212b6a30d8a7625db360aed85d
openssl-debuginfo-3.2.2-16.el10_0.6.ppc64le.rpm	SHA-256: a17230e1f50c8cc2fff7080599f17d2ec7f4e859e605a6ec17fab5e0b41ef5c3
openssl-debuginfo-3.2.2-16.el10_0.6.ppc64le.rpm	SHA-256: a17230e1f50c8cc2fff7080599f17d2ec7f4e859e605a6ec17fab5e0b41ef5c3
openssl-debugsource-3.2.2-16.el10_0.6.ppc64le.rpm	SHA-256: a4f4cf69c32a6cbaa905f7c7c6306a9ff8e744b10bb41f445a6d387cde6211cf
openssl-debugsource-3.2.2-16.el10_0.6.ppc64le.rpm	SHA-256: a4f4cf69c32a6cbaa905f7c7c6306a9ff8e744b10bb41f445a6d387cde6211cf
openssl-devel-3.2.2-16.el10_0.6.ppc64le.rpm	SHA-256: 10ed6fb53666642008e7125b0c570f7951fc1b2af00018191db20785760ea463
openssl-libs-3.2.2-16.el10_0.6.ppc64le.rpm	SHA-256: 9ac64e808cd380df1667f46870351d65dc436e29db29b687486834ad0e7623fa
openssl-libs-debuginfo-3.2.2-16.el10_0.6.ppc64le.rpm	SHA-256: 27818b3a5fca4fddd33bc2021bba876487f883d0eb8b2cfd5d6412dd3241ca08
openssl-libs-debuginfo-3.2.2-16.el10_0.6.ppc64le.rpm	SHA-256: 27818b3a5fca4fddd33bc2021bba876487f883d0eb8b2cfd5d6412dd3241ca08
openssl-perl-3.2.2-16.el10_0.6.ppc64le.rpm	SHA-256: 3125c810919087258ca635f15487f9f6e4f8ad194e07f42eadf34ba3ae7b660f

Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.0

SRPM
openssl-3.2.2-16.el10_0.6.src.rpm	SHA-256: c40d61fec6b0523c8648d66907a7391164cb610842e1dc247b4fde213e4c80a0
x86_64
openssl-3.2.2-16.el10_0.6.x86_64.rpm	SHA-256: 6707442cc436a4ba1b7cbb3662a2c2ddbdfb7fe6927697862b3e57cd59e9eef1
openssl-debuginfo-3.2.2-16.el10_0.6.x86_64.rpm	SHA-256: 565a4f897e31793b69360bb327352c8ad06295152a7b73d00175dfc552a1193f
openssl-debuginfo-3.2.2-16.el10_0.6.x86_64.rpm	SHA-256: 565a4f897e31793b69360bb327352c8ad06295152a7b73d00175dfc552a1193f
openssl-debugsource-3.2.2-16.el10_0.6.x86_64.rpm	SHA-256: a799ee46ad259e872c642ea6b5ebc706abdaec06dae6872c867637d391b2b5e2
openssl-debugsource-3.2.2-16.el10_0.6.x86_64.rpm	SHA-256: a799ee46ad259e872c642ea6b5ebc706abdaec06dae6872c867637d391b2b5e2
openssl-devel-3.2.2-16.el10_0.6.x86_64.rpm	SHA-256: e42e13a687c2abe954159ccaf0199305817e5afff15c6f446884ac20103a10c3
openssl-libs-3.2.2-16.el10_0.6.x86_64.rpm	SHA-256: 4a3d2746b84d7ad7e2f80efee526c477b64c5ea4fd22ab3d0a265569fa432f32
openssl-libs-debuginfo-3.2.2-16.el10_0.6.x86_64.rpm	SHA-256: 84d2a8b124a67acc850538084b260ded2b024ec5c6e4727754e27fececcd9cc2
openssl-libs-debuginfo-3.2.2-16.el10_0.6.x86_64.rpm	SHA-256: 84d2a8b124a67acc850538084b260ded2b024ec5c6e4727754e27fececcd9cc2
openssl-perl-3.2.2-16.el10_0.6.x86_64.rpm	SHA-256: 402e3a199a7ed628f01d6972d066aaad2b21a111fe5875dbeeb6c54733a1acb2

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation