Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Lightspeed
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Lightspeed
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2026:36215 - Security Advisory
Issued:
2026-07-07
Updated:
2026-07-07

RHSA-2026:36215 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: compat-openssl10 security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for compat-openssl10 is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries and is provided for compatibility with previous releases and software that does not support compilation with OpenSSL-1.1.

Security Fix(es):

  • openssl: Heap Use-After-Free in OpenSSL PKCS7_verify() (CVE-2026-45447)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 8 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 8 s390x
  • Red Hat Enterprise Linux for Power, little endian 8 ppc64le
  • Red Hat Enterprise Linux for ARM 64 8 aarch64
  • Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 8.10 x86_64
  • Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 8.10 aarch64
  • Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 8.10 ppc64le
  • Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 8.10 s390x

Fixes

  • BZ - 2481898 - CVE-2026-45447 openssl: Heap Use-After-Free in OpenSSL PKCS7_verify()

CVEs

  • CVE-2026-45447

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 8

SRPM
compat-openssl10-1.0.2o-4.el8_10.3.src.rpm SHA-256: d23d2a6c1ff5a6376bf645181a962e28bc67c895b15a5de5758121cfb3eaf93a
x86_64
compat-openssl10-1.0.2o-4.el8_10.3.i686.rpm SHA-256: 61e50bba00e62923d3da7b34259ee706a80045bed77a635fa8e173df9cca3c8f
compat-openssl10-1.0.2o-4.el8_10.3.x86_64.rpm SHA-256: 7c586cdaec0c285c7dcbbee932eba468c28c050d58cbfde4a3c0373e2092282b
compat-openssl10-debuginfo-1.0.2o-4.el8_10.3.i686.rpm SHA-256: 877b9b70778450bb3d2757e0ee49e3302456d5ef7e335382321b2ac78642f53c
compat-openssl10-debuginfo-1.0.2o-4.el8_10.3.x86_64.rpm SHA-256: 68ef7a193f3fc967effbfa7cf719b84370e984b55338b439bd8561199e218600
compat-openssl10-debugsource-1.0.2o-4.el8_10.3.i686.rpm SHA-256: 5e5e6a42b7bccc305362c1c271e359dee2540547defec8d2ef6f7c2dab3099ae
compat-openssl10-debugsource-1.0.2o-4.el8_10.3.x86_64.rpm SHA-256: ebdf33d3dea8885c2020e211e51ce72b1af08b03f2f56df30d6232c6f505b795

Red Hat Enterprise Linux for IBM z Systems 8

SRPM
compat-openssl10-1.0.2o-4.el8_10.3.src.rpm SHA-256: d23d2a6c1ff5a6376bf645181a962e28bc67c895b15a5de5758121cfb3eaf93a
s390x
compat-openssl10-1.0.2o-4.el8_10.3.s390x.rpm SHA-256: c99b71fcb822887b5e8c63aea74626f9d5943b049e7f8d1b9986565b0e0ef394
compat-openssl10-debuginfo-1.0.2o-4.el8_10.3.s390x.rpm SHA-256: 9fda6d70c9321bb2cc232dfc5b4981dfc5ba185ca9791c77e5063babb7eda1af
compat-openssl10-debugsource-1.0.2o-4.el8_10.3.s390x.rpm SHA-256: 0d018e176b557bce4ea2fd332dbbc3d4103ef210bf3bc81514d6f8832051655b

Red Hat Enterprise Linux for Power, little endian 8

SRPM
compat-openssl10-1.0.2o-4.el8_10.3.src.rpm SHA-256: d23d2a6c1ff5a6376bf645181a962e28bc67c895b15a5de5758121cfb3eaf93a
ppc64le
compat-openssl10-1.0.2o-4.el8_10.3.ppc64le.rpm SHA-256: c608ee22cec0eb2a1f5722b5909e729fd10457f10642c1107235a49152429d85
compat-openssl10-debuginfo-1.0.2o-4.el8_10.3.ppc64le.rpm SHA-256: 935eef8ff17c5ffd518908d495232e69a30cc6b2d04f4abbdd4300616cf8d1e8
compat-openssl10-debugsource-1.0.2o-4.el8_10.3.ppc64le.rpm SHA-256: bc0f1afbf7bbdb3a87cebde24d6a02e8abb418277766d137b93764155c1b19ef

Red Hat Enterprise Linux for ARM 64 8

SRPM
compat-openssl10-1.0.2o-4.el8_10.3.src.rpm SHA-256: d23d2a6c1ff5a6376bf645181a962e28bc67c895b15a5de5758121cfb3eaf93a
aarch64
compat-openssl10-1.0.2o-4.el8_10.3.aarch64.rpm SHA-256: 25259e63be8ae1d473f0d87202eea28abfd6bdb4778e7647fe72ec676ca50b6d
compat-openssl10-debuginfo-1.0.2o-4.el8_10.3.aarch64.rpm SHA-256: 12fbe445bbc4b396ce611479512b0fa0cec64203d322bb02d4b329461f9584f6
compat-openssl10-debugsource-1.0.2o-4.el8_10.3.aarch64.rpm SHA-256: 612f80f47898cffa2142550d6ac73c4bd1e1bd98a1d1ad8907f781ae84ff018d

Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 8.10

SRPM
compat-openssl10-1.0.2o-4.el8_10.3.src.rpm SHA-256: d23d2a6c1ff5a6376bf645181a962e28bc67c895b15a5de5758121cfb3eaf93a
x86_64
compat-openssl10-1.0.2o-4.el8_10.3.i686.rpm SHA-256: 61e50bba00e62923d3da7b34259ee706a80045bed77a635fa8e173df9cca3c8f
compat-openssl10-1.0.2o-4.el8_10.3.x86_64.rpm SHA-256: 7c586cdaec0c285c7dcbbee932eba468c28c050d58cbfde4a3c0373e2092282b
compat-openssl10-debuginfo-1.0.2o-4.el8_10.3.i686.rpm SHA-256: 877b9b70778450bb3d2757e0ee49e3302456d5ef7e335382321b2ac78642f53c
compat-openssl10-debuginfo-1.0.2o-4.el8_10.3.x86_64.rpm SHA-256: 68ef7a193f3fc967effbfa7cf719b84370e984b55338b439bd8561199e218600
compat-openssl10-debugsource-1.0.2o-4.el8_10.3.i686.rpm SHA-256: 5e5e6a42b7bccc305362c1c271e359dee2540547defec8d2ef6f7c2dab3099ae
compat-openssl10-debugsource-1.0.2o-4.el8_10.3.x86_64.rpm SHA-256: ebdf33d3dea8885c2020e211e51ce72b1af08b03f2f56df30d6232c6f505b795

Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 8.10

SRPM
compat-openssl10-1.0.2o-4.el8_10.3.src.rpm SHA-256: d23d2a6c1ff5a6376bf645181a962e28bc67c895b15a5de5758121cfb3eaf93a
aarch64
compat-openssl10-1.0.2o-4.el8_10.3.aarch64.rpm SHA-256: 25259e63be8ae1d473f0d87202eea28abfd6bdb4778e7647fe72ec676ca50b6d
compat-openssl10-debuginfo-1.0.2o-4.el8_10.3.aarch64.rpm SHA-256: 12fbe445bbc4b396ce611479512b0fa0cec64203d322bb02d4b329461f9584f6
compat-openssl10-debugsource-1.0.2o-4.el8_10.3.aarch64.rpm SHA-256: 612f80f47898cffa2142550d6ac73c4bd1e1bd98a1d1ad8907f781ae84ff018d

Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 8.10

SRPM
compat-openssl10-1.0.2o-4.el8_10.3.src.rpm SHA-256: d23d2a6c1ff5a6376bf645181a962e28bc67c895b15a5de5758121cfb3eaf93a
ppc64le
compat-openssl10-1.0.2o-4.el8_10.3.ppc64le.rpm SHA-256: c608ee22cec0eb2a1f5722b5909e729fd10457f10642c1107235a49152429d85
compat-openssl10-debuginfo-1.0.2o-4.el8_10.3.ppc64le.rpm SHA-256: 935eef8ff17c5ffd518908d495232e69a30cc6b2d04f4abbdd4300616cf8d1e8
compat-openssl10-debugsource-1.0.2o-4.el8_10.3.ppc64le.rpm SHA-256: bc0f1afbf7bbdb3a87cebde24d6a02e8abb418277766d137b93764155c1b19ef

Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 8.10

SRPM
compat-openssl10-1.0.2o-4.el8_10.3.src.rpm SHA-256: d23d2a6c1ff5a6376bf645181a962e28bc67c895b15a5de5758121cfb3eaf93a
s390x
compat-openssl10-1.0.2o-4.el8_10.3.s390x.rpm SHA-256: c99b71fcb822887b5e8c63aea74626f9d5943b049e7f8d1b9986565b0e0ef394
compat-openssl10-debuginfo-1.0.2o-4.el8_10.3.s390x.rpm SHA-256: 9fda6d70c9321bb2cc232dfc5b4981dfc5ba185ca9791c77e5063babb7eda1af
compat-openssl10-debugsource-1.0.2o-4.el8_10.3.s390x.rpm SHA-256: 0d018e176b557bce4ea2fd332dbbc3d4103ef210bf3bc81514d6f8832051655b

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2026 Red Hat

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility