Issued:: 2026-05-19
Updated:: 2026-05-19

RHSA-2026:19187 - Security Advisory

Overview
Updated Packages

Synopsis

Moderate: compat-openssl11 security update

Type/Severity

Security Advisory: Moderate

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for compat-openssl11 is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries from the 1.1.1 version and is provided for compatibility with previous releases.

Security Fix(es):

openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing (CVE-2025-69419)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux for x86_64 9 x86_64
Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.8 x86_64
Red Hat Enterprise Linux for IBM z Systems 9 s390x
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.8 s390x
Red Hat Enterprise Linux for Power, little endian 9 ppc64le
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.8 ppc64le
Red Hat Enterprise Linux for ARM 64 9 aarch64
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.8 aarch64
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.8 ppc64le
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.8 x86_64
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.8 aarch64
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.8 s390x
Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.8 x86_64
Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.8 aarch64
Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.8 ppc64le
Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.8 s390x

Fixes

BZ - 2430386 - CVE-2025-69419 openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing

CVEs

CVE-2025-69419

References

https://access.redhat.com/security/updates/classification/#moderate

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 9

SRPM
compat-openssl11-1.1.1k-5.el9_8.2.src.rpm	SHA-256: fa2f6537fddd6ee5362fbfbc91eed83e234ae5cffc6a8e1245bcd2fbb15994fc
x86_64
compat-openssl11-1.1.1k-5.el9_8.2.i686.rpm	SHA-256: 7e519b6b86b0490b83bf0ecf31021270529df1d16bcfe837920e765a650a5b07
compat-openssl11-1.1.1k-5.el9_8.2.x86_64.rpm	SHA-256: 4e211d72aa7681c80a7c8fb8c135cae6256b9c529421ea9b9d7641aa0ebf77cd
compat-openssl11-debuginfo-1.1.1k-5.el9_8.2.i686.rpm	SHA-256: c53b77c06792d3d272d1dd3d6ca62e29a48cef5588cee80cd2f7316980bec2a3
compat-openssl11-debuginfo-1.1.1k-5.el9_8.2.x86_64.rpm	SHA-256: 34e800fde9400a5771ce26f34bb8df5e247a0416955fdebc95b627b5fcd2ae4d
compat-openssl11-debugsource-1.1.1k-5.el9_8.2.i686.rpm	SHA-256: 929c1579301233fa648a5c6725d486efdc4b39894d2cf8341fbd9a2f6638660a
compat-openssl11-debugsource-1.1.1k-5.el9_8.2.x86_64.rpm	SHA-256: 452d7ec2042ea32091e5ad006225662441f152d2ad66225ddf9309ec8a35c2d7

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.8

SRPM
compat-openssl11-1.1.1k-5.el9_8.2.src.rpm	SHA-256: fa2f6537fddd6ee5362fbfbc91eed83e234ae5cffc6a8e1245bcd2fbb15994fc
x86_64
compat-openssl11-1.1.1k-5.el9_8.2.i686.rpm	SHA-256: 7e519b6b86b0490b83bf0ecf31021270529df1d16bcfe837920e765a650a5b07
compat-openssl11-1.1.1k-5.el9_8.2.x86_64.rpm	SHA-256: 4e211d72aa7681c80a7c8fb8c135cae6256b9c529421ea9b9d7641aa0ebf77cd
compat-openssl11-debuginfo-1.1.1k-5.el9_8.2.i686.rpm	SHA-256: c53b77c06792d3d272d1dd3d6ca62e29a48cef5588cee80cd2f7316980bec2a3
compat-openssl11-debuginfo-1.1.1k-5.el9_8.2.x86_64.rpm	SHA-256: 34e800fde9400a5771ce26f34bb8df5e247a0416955fdebc95b627b5fcd2ae4d
compat-openssl11-debugsource-1.1.1k-5.el9_8.2.i686.rpm	SHA-256: 929c1579301233fa648a5c6725d486efdc4b39894d2cf8341fbd9a2f6638660a
compat-openssl11-debugsource-1.1.1k-5.el9_8.2.x86_64.rpm	SHA-256: 452d7ec2042ea32091e5ad006225662441f152d2ad66225ddf9309ec8a35c2d7

Red Hat Enterprise Linux for IBM z Systems 9

SRPM
compat-openssl11-1.1.1k-5.el9_8.2.src.rpm	SHA-256: fa2f6537fddd6ee5362fbfbc91eed83e234ae5cffc6a8e1245bcd2fbb15994fc
s390x
compat-openssl11-1.1.1k-5.el9_8.2.s390x.rpm	SHA-256: 83b786dd2722c5d076afc44afb84090aae382fb3728a8839d45e27b9594ddbc0
compat-openssl11-debuginfo-1.1.1k-5.el9_8.2.s390x.rpm	SHA-256: 19fb6ce3bb2afdb1815c4ce0f0429919195a636983cf232f390eba05befad7b4
compat-openssl11-debugsource-1.1.1k-5.el9_8.2.s390x.rpm	SHA-256: 21cff396f6078c3e2d8fd168b59e7dccc86d9eb07b3581601897e776cecf7da6

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.8

SRPM
compat-openssl11-1.1.1k-5.el9_8.2.src.rpm	SHA-256: fa2f6537fddd6ee5362fbfbc91eed83e234ae5cffc6a8e1245bcd2fbb15994fc
s390x
compat-openssl11-1.1.1k-5.el9_8.2.s390x.rpm	SHA-256: 83b786dd2722c5d076afc44afb84090aae382fb3728a8839d45e27b9594ddbc0
compat-openssl11-debuginfo-1.1.1k-5.el9_8.2.s390x.rpm	SHA-256: 19fb6ce3bb2afdb1815c4ce0f0429919195a636983cf232f390eba05befad7b4
compat-openssl11-debugsource-1.1.1k-5.el9_8.2.s390x.rpm	SHA-256: 21cff396f6078c3e2d8fd168b59e7dccc86d9eb07b3581601897e776cecf7da6

Red Hat Enterprise Linux for Power, little endian 9

SRPM
compat-openssl11-1.1.1k-5.el9_8.2.src.rpm	SHA-256: fa2f6537fddd6ee5362fbfbc91eed83e234ae5cffc6a8e1245bcd2fbb15994fc
ppc64le
compat-openssl11-1.1.1k-5.el9_8.2.ppc64le.rpm	SHA-256: 0dc7fcf059bc0afe8010d607dd61e8e33245bee23077bd1049218c1bacd2388b
compat-openssl11-debuginfo-1.1.1k-5.el9_8.2.ppc64le.rpm	SHA-256: e01da1ffe24eb230d599f7866107342928dc0a78508378718371aede5bffd2a1
compat-openssl11-debugsource-1.1.1k-5.el9_8.2.ppc64le.rpm	SHA-256: 2e7c506602a2464c933d63a7a4b1ffc8de9b149235db507d8cbc1d48634571f1

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.8

SRPM
compat-openssl11-1.1.1k-5.el9_8.2.src.rpm	SHA-256: fa2f6537fddd6ee5362fbfbc91eed83e234ae5cffc6a8e1245bcd2fbb15994fc
ppc64le
compat-openssl11-1.1.1k-5.el9_8.2.ppc64le.rpm	SHA-256: 0dc7fcf059bc0afe8010d607dd61e8e33245bee23077bd1049218c1bacd2388b
compat-openssl11-debuginfo-1.1.1k-5.el9_8.2.ppc64le.rpm	SHA-256: e01da1ffe24eb230d599f7866107342928dc0a78508378718371aede5bffd2a1
compat-openssl11-debugsource-1.1.1k-5.el9_8.2.ppc64le.rpm	SHA-256: 2e7c506602a2464c933d63a7a4b1ffc8de9b149235db507d8cbc1d48634571f1

Red Hat Enterprise Linux for ARM 64 9

SRPM
compat-openssl11-1.1.1k-5.el9_8.2.src.rpm	SHA-256: fa2f6537fddd6ee5362fbfbc91eed83e234ae5cffc6a8e1245bcd2fbb15994fc
aarch64
compat-openssl11-1.1.1k-5.el9_8.2.aarch64.rpm	SHA-256: 1028819ec765893584c7a0a5b1dec279472b34dce347f261f06da0b50ad953ca
compat-openssl11-debuginfo-1.1.1k-5.el9_8.2.aarch64.rpm	SHA-256: a752ec026a45866b79fa7b1bbe48116677d97ec107254d3788b6d0ef0d60b035
compat-openssl11-debugsource-1.1.1k-5.el9_8.2.aarch64.rpm	SHA-256: 5c15f42a920bc94d8ae9c82ca4381125ef138129c9d784385caca1c571628916

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.8

SRPM
compat-openssl11-1.1.1k-5.el9_8.2.src.rpm	SHA-256: fa2f6537fddd6ee5362fbfbc91eed83e234ae5cffc6a8e1245bcd2fbb15994fc
aarch64
compat-openssl11-1.1.1k-5.el9_8.2.aarch64.rpm	SHA-256: 1028819ec765893584c7a0a5b1dec279472b34dce347f261f06da0b50ad953ca
compat-openssl11-debuginfo-1.1.1k-5.el9_8.2.aarch64.rpm	SHA-256: a752ec026a45866b79fa7b1bbe48116677d97ec107254d3788b6d0ef0d60b035
compat-openssl11-debugsource-1.1.1k-5.el9_8.2.aarch64.rpm	SHA-256: 5c15f42a920bc94d8ae9c82ca4381125ef138129c9d784385caca1c571628916

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.8

SRPM
compat-openssl11-1.1.1k-5.el9_8.2.src.rpm	SHA-256: fa2f6537fddd6ee5362fbfbc91eed83e234ae5cffc6a8e1245bcd2fbb15994fc
ppc64le
compat-openssl11-1.1.1k-5.el9_8.2.ppc64le.rpm	SHA-256: 0dc7fcf059bc0afe8010d607dd61e8e33245bee23077bd1049218c1bacd2388b
compat-openssl11-debuginfo-1.1.1k-5.el9_8.2.ppc64le.rpm	SHA-256: e01da1ffe24eb230d599f7866107342928dc0a78508378718371aede5bffd2a1
compat-openssl11-debugsource-1.1.1k-5.el9_8.2.ppc64le.rpm	SHA-256: 2e7c506602a2464c933d63a7a4b1ffc8de9b149235db507d8cbc1d48634571f1

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.8

SRPM
compat-openssl11-1.1.1k-5.el9_8.2.src.rpm	SHA-256: fa2f6537fddd6ee5362fbfbc91eed83e234ae5cffc6a8e1245bcd2fbb15994fc
x86_64
compat-openssl11-1.1.1k-5.el9_8.2.i686.rpm	SHA-256: 7e519b6b86b0490b83bf0ecf31021270529df1d16bcfe837920e765a650a5b07
compat-openssl11-1.1.1k-5.el9_8.2.x86_64.rpm	SHA-256: 4e211d72aa7681c80a7c8fb8c135cae6256b9c529421ea9b9d7641aa0ebf77cd
compat-openssl11-debuginfo-1.1.1k-5.el9_8.2.i686.rpm	SHA-256: c53b77c06792d3d272d1dd3d6ca62e29a48cef5588cee80cd2f7316980bec2a3
compat-openssl11-debuginfo-1.1.1k-5.el9_8.2.x86_64.rpm	SHA-256: 34e800fde9400a5771ce26f34bb8df5e247a0416955fdebc95b627b5fcd2ae4d
compat-openssl11-debugsource-1.1.1k-5.el9_8.2.i686.rpm	SHA-256: 929c1579301233fa648a5c6725d486efdc4b39894d2cf8341fbd9a2f6638660a
compat-openssl11-debugsource-1.1.1k-5.el9_8.2.x86_64.rpm	SHA-256: 452d7ec2042ea32091e5ad006225662441f152d2ad66225ddf9309ec8a35c2d7

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.8

SRPM
compat-openssl11-1.1.1k-5.el9_8.2.src.rpm	SHA-256: fa2f6537fddd6ee5362fbfbc91eed83e234ae5cffc6a8e1245bcd2fbb15994fc
aarch64
compat-openssl11-1.1.1k-5.el9_8.2.aarch64.rpm	SHA-256: 1028819ec765893584c7a0a5b1dec279472b34dce347f261f06da0b50ad953ca
compat-openssl11-debuginfo-1.1.1k-5.el9_8.2.aarch64.rpm	SHA-256: a752ec026a45866b79fa7b1bbe48116677d97ec107254d3788b6d0ef0d60b035
compat-openssl11-debugsource-1.1.1k-5.el9_8.2.aarch64.rpm	SHA-256: 5c15f42a920bc94d8ae9c82ca4381125ef138129c9d784385caca1c571628916

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.8

SRPM
compat-openssl11-1.1.1k-5.el9_8.2.src.rpm	SHA-256: fa2f6537fddd6ee5362fbfbc91eed83e234ae5cffc6a8e1245bcd2fbb15994fc
s390x
compat-openssl11-1.1.1k-5.el9_8.2.s390x.rpm	SHA-256: 83b786dd2722c5d076afc44afb84090aae382fb3728a8839d45e27b9594ddbc0
compat-openssl11-debuginfo-1.1.1k-5.el9_8.2.s390x.rpm	SHA-256: 19fb6ce3bb2afdb1815c4ce0f0429919195a636983cf232f390eba05befad7b4
compat-openssl11-debugsource-1.1.1k-5.el9_8.2.s390x.rpm	SHA-256: 21cff396f6078c3e2d8fd168b59e7dccc86d9eb07b3581601897e776cecf7da6

Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.8

SRPM
compat-openssl11-1.1.1k-5.el9_8.2.src.rpm	SHA-256: fa2f6537fddd6ee5362fbfbc91eed83e234ae5cffc6a8e1245bcd2fbb15994fc
x86_64
compat-openssl11-1.1.1k-5.el9_8.2.i686.rpm	SHA-256: 7e519b6b86b0490b83bf0ecf31021270529df1d16bcfe837920e765a650a5b07
compat-openssl11-1.1.1k-5.el9_8.2.x86_64.rpm	SHA-256: 4e211d72aa7681c80a7c8fb8c135cae6256b9c529421ea9b9d7641aa0ebf77cd
compat-openssl11-debuginfo-1.1.1k-5.el9_8.2.i686.rpm	SHA-256: c53b77c06792d3d272d1dd3d6ca62e29a48cef5588cee80cd2f7316980bec2a3
compat-openssl11-debuginfo-1.1.1k-5.el9_8.2.x86_64.rpm	SHA-256: 34e800fde9400a5771ce26f34bb8df5e247a0416955fdebc95b627b5fcd2ae4d
compat-openssl11-debugsource-1.1.1k-5.el9_8.2.i686.rpm	SHA-256: 929c1579301233fa648a5c6725d486efdc4b39894d2cf8341fbd9a2f6638660a
compat-openssl11-debugsource-1.1.1k-5.el9_8.2.x86_64.rpm	SHA-256: 452d7ec2042ea32091e5ad006225662441f152d2ad66225ddf9309ec8a35c2d7

Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.8

SRPM
compat-openssl11-1.1.1k-5.el9_8.2.src.rpm	SHA-256: fa2f6537fddd6ee5362fbfbc91eed83e234ae5cffc6a8e1245bcd2fbb15994fc
aarch64
compat-openssl11-1.1.1k-5.el9_8.2.aarch64.rpm	SHA-256: 1028819ec765893584c7a0a5b1dec279472b34dce347f261f06da0b50ad953ca
compat-openssl11-debuginfo-1.1.1k-5.el9_8.2.aarch64.rpm	SHA-256: a752ec026a45866b79fa7b1bbe48116677d97ec107254d3788b6d0ef0d60b035
compat-openssl11-debugsource-1.1.1k-5.el9_8.2.aarch64.rpm	SHA-256: 5c15f42a920bc94d8ae9c82ca4381125ef138129c9d784385caca1c571628916

Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.8

SRPM
compat-openssl11-1.1.1k-5.el9_8.2.src.rpm	SHA-256: fa2f6537fddd6ee5362fbfbc91eed83e234ae5cffc6a8e1245bcd2fbb15994fc
ppc64le
compat-openssl11-1.1.1k-5.el9_8.2.ppc64le.rpm	SHA-256: 0dc7fcf059bc0afe8010d607dd61e8e33245bee23077bd1049218c1bacd2388b
compat-openssl11-debuginfo-1.1.1k-5.el9_8.2.ppc64le.rpm	SHA-256: e01da1ffe24eb230d599f7866107342928dc0a78508378718371aede5bffd2a1
compat-openssl11-debugsource-1.1.1k-5.el9_8.2.ppc64le.rpm	SHA-256: 2e7c506602a2464c933d63a7a4b1ffc8de9b149235db507d8cbc1d48634571f1

Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.8

SRPM
compat-openssl11-1.1.1k-5.el9_8.2.src.rpm	SHA-256: fa2f6537fddd6ee5362fbfbc91eed83e234ae5cffc6a8e1245bcd2fbb15994fc
s390x
compat-openssl11-1.1.1k-5.el9_8.2.s390x.rpm	SHA-256: 83b786dd2722c5d076afc44afb84090aae382fb3728a8839d45e27b9594ddbc0
compat-openssl11-debuginfo-1.1.1k-5.el9_8.2.s390x.rpm	SHA-256: 19fb6ce3bb2afdb1815c4ce0f0429919195a636983cf232f390eba05befad7b4
compat-openssl11-debugsource-1.1.1k-5.el9_8.2.s390x.rpm	SHA-256: 21cff396f6078c3e2d8fd168b59e7dccc86d9eb07b3581601897e776cecf7da6

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation