Red Hat Product Errata RHSA-2026:4824 - Security Advisory
Issued:
2026-03-17
Updated:
2026-03-17

RHSA-2026:4824 - Security Advisory

Synopsis

Moderate: compat-openssl11 security update

Type/Severity

Security Advisory: Moderate

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for compat-openssl11 is now available for Red Hat Enterprise Linux 9.6 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries from the 1.1.1 version and is provided for compatibility with previous releases.

Security Fix(es):

  • openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing (CVE-2025-69419)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64
  • Red Hat Enterprise Linux Server - AUS 9.6 x86_64
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x

Fixes

  • BZ - 2430386 - CVE-2025-69419 openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6

SRPM
compat-openssl11-1.1.1k-5.el9_6.2.src.rpm SHA-256: 9dbaca23d62c0bcb1f25ba74c73e3488a5878362bf35e302a64981befc3b7f3f
x86_64
compat-openssl11-1.1.1k-5.el9_6.2.i686.rpm SHA-256: ed935e336b856879f5c2051ecdbbd0bcb740d887e37fea301a3299371af949c3
compat-openssl11-1.1.1k-5.el9_6.2.x86_64.rpm SHA-256: b20b1083921f0bee978f4f6332205bbc49ceae4894f9eadc2017e1516d792fc4
compat-openssl11-debuginfo-1.1.1k-5.el9_6.2.i686.rpm SHA-256: 3810cfeb727621963e738f21b5a449a313f3dbfecfee99319e4de486d60a49d7
compat-openssl11-debuginfo-1.1.1k-5.el9_6.2.x86_64.rpm SHA-256: fd006393895ee19ed31f512311cc7f190d17abb27a8780833c2761f5f4a76077
compat-openssl11-debugsource-1.1.1k-5.el9_6.2.i686.rpm SHA-256: 3102e116d4ff01c63ef558a3dc7fbfe93f9dac05e0d25f548b150bfbbc5e10b6
compat-openssl11-debugsource-1.1.1k-5.el9_6.2.x86_64.rpm SHA-256: 2af48d71c50c640da49ea0b14e26fe1606cb04120e4709ee35f660472fd8847f

Red Hat Enterprise Linux Server - AUS 9.6

SRPM
compat-openssl11-1.1.1k-5.el9_6.2.src.rpm SHA-256: 9dbaca23d62c0bcb1f25ba74c73e3488a5878362bf35e302a64981befc3b7f3f
x86_64
compat-openssl11-1.1.1k-5.el9_6.2.i686.rpm SHA-256: ed935e336b856879f5c2051ecdbbd0bcb740d887e37fea301a3299371af949c3
compat-openssl11-1.1.1k-5.el9_6.2.x86_64.rpm SHA-256: b20b1083921f0bee978f4f6332205bbc49ceae4894f9eadc2017e1516d792fc4
compat-openssl11-debuginfo-1.1.1k-5.el9_6.2.i686.rpm SHA-256: 3810cfeb727621963e738f21b5a449a313f3dbfecfee99319e4de486d60a49d7
compat-openssl11-debuginfo-1.1.1k-5.el9_6.2.x86_64.rpm SHA-256: fd006393895ee19ed31f512311cc7f190d17abb27a8780833c2761f5f4a76077
compat-openssl11-debugsource-1.1.1k-5.el9_6.2.i686.rpm SHA-256: 3102e116d4ff01c63ef558a3dc7fbfe93f9dac05e0d25f548b150bfbbc5e10b6
compat-openssl11-debugsource-1.1.1k-5.el9_6.2.x86_64.rpm SHA-256: 2af48d71c50c640da49ea0b14e26fe1606cb04120e4709ee35f660472fd8847f

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6

SRPM
compat-openssl11-1.1.1k-5.el9_6.2.src.rpm SHA-256: 9dbaca23d62c0bcb1f25ba74c73e3488a5878362bf35e302a64981befc3b7f3f
s390x
compat-openssl11-1.1.1k-5.el9_6.2.s390x.rpm SHA-256: 5edb2f6481bd2736913f58ebd13d3cedcac4dd35053b31de93fee83c404a6c4c
compat-openssl11-debuginfo-1.1.1k-5.el9_6.2.s390x.rpm SHA-256: 5a7478cdbb270ea4e901ce814ae26f04d99f66594a06d4827f87b51cd6e355f1
compat-openssl11-debugsource-1.1.1k-5.el9_6.2.s390x.rpm SHA-256: 8c1a84c5503508347765997d001691e2d41672cd7674aefb17599a7287811143

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6

SRPM
compat-openssl11-1.1.1k-5.el9_6.2.src.rpm SHA-256: 9dbaca23d62c0bcb1f25ba74c73e3488a5878362bf35e302a64981befc3b7f3f
ppc64le
compat-openssl11-1.1.1k-5.el9_6.2.ppc64le.rpm SHA-256: 880b31a0d3cda21e76d5bd0b53df3f7b1c31d644cdfddcabc9900c6eae0fa45d
compat-openssl11-debuginfo-1.1.1k-5.el9_6.2.ppc64le.rpm SHA-256: c9c6edffa12708d91a1de3e9b41d4f9b5902027edd76ec2b3d5b636d3fac8ded
compat-openssl11-debugsource-1.1.1k-5.el9_6.2.ppc64le.rpm SHA-256: afda9dd074f96a34d35088d273d5ea0094603a9c83ad44c3baaf539e4c4648d3

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6

SRPM
compat-openssl11-1.1.1k-5.el9_6.2.src.rpm SHA-256: 9dbaca23d62c0bcb1f25ba74c73e3488a5878362bf35e302a64981befc3b7f3f
aarch64
compat-openssl11-1.1.1k-5.el9_6.2.aarch64.rpm SHA-256: 00c4066bca9d20f93f38d2a59fef8c82abcea36aa9dc4a62b72e8027bff873e5
compat-openssl11-debuginfo-1.1.1k-5.el9_6.2.aarch64.rpm SHA-256: 34b1244c4da3ee327b06f702f6847da600348d234053a8f059eb3c65eb05743f
compat-openssl11-debugsource-1.1.1k-5.el9_6.2.aarch64.rpm SHA-256: 7c3b5572979695e6f841ed59cb01b4919f9e603019119a5ee097635444d43e5f

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6

SRPM
compat-openssl11-1.1.1k-5.el9_6.2.src.rpm SHA-256: 9dbaca23d62c0bcb1f25ba74c73e3488a5878362bf35e302a64981befc3b7f3f
ppc64le
compat-openssl11-1.1.1k-5.el9_6.2.ppc64le.rpm SHA-256: 880b31a0d3cda21e76d5bd0b53df3f7b1c31d644cdfddcabc9900c6eae0fa45d
compat-openssl11-debuginfo-1.1.1k-5.el9_6.2.ppc64le.rpm SHA-256: c9c6edffa12708d91a1de3e9b41d4f9b5902027edd76ec2b3d5b636d3fac8ded
compat-openssl11-debugsource-1.1.1k-5.el9_6.2.ppc64le.rpm SHA-256: afda9dd074f96a34d35088d273d5ea0094603a9c83ad44c3baaf539e4c4648d3

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6

SRPM
compat-openssl11-1.1.1k-5.el9_6.2.src.rpm SHA-256: 9dbaca23d62c0bcb1f25ba74c73e3488a5878362bf35e302a64981befc3b7f3f
x86_64
compat-openssl11-1.1.1k-5.el9_6.2.i686.rpm SHA-256: ed935e336b856879f5c2051ecdbbd0bcb740d887e37fea301a3299371af949c3
compat-openssl11-1.1.1k-5.el9_6.2.x86_64.rpm SHA-256: b20b1083921f0bee978f4f6332205bbc49ceae4894f9eadc2017e1516d792fc4
compat-openssl11-debuginfo-1.1.1k-5.el9_6.2.i686.rpm SHA-256: 3810cfeb727621963e738f21b5a449a313f3dbfecfee99319e4de486d60a49d7
compat-openssl11-debuginfo-1.1.1k-5.el9_6.2.x86_64.rpm SHA-256: fd006393895ee19ed31f512311cc7f190d17abb27a8780833c2761f5f4a76077
compat-openssl11-debugsource-1.1.1k-5.el9_6.2.i686.rpm SHA-256: 3102e116d4ff01c63ef558a3dc7fbfe93f9dac05e0d25f548b150bfbbc5e10b6
compat-openssl11-debugsource-1.1.1k-5.el9_6.2.x86_64.rpm SHA-256: 2af48d71c50c640da49ea0b14e26fe1606cb04120e4709ee35f660472fd8847f

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6

SRPM
compat-openssl11-1.1.1k-5.el9_6.2.src.rpm SHA-256: 9dbaca23d62c0bcb1f25ba74c73e3488a5878362bf35e302a64981befc3b7f3f
aarch64
compat-openssl11-1.1.1k-5.el9_6.2.aarch64.rpm SHA-256: 00c4066bca9d20f93f38d2a59fef8c82abcea36aa9dc4a62b72e8027bff873e5
compat-openssl11-debuginfo-1.1.1k-5.el9_6.2.aarch64.rpm SHA-256: 34b1244c4da3ee327b06f702f6847da600348d234053a8f059eb3c65eb05743f
compat-openssl11-debugsource-1.1.1k-5.el9_6.2.aarch64.rpm SHA-256: 7c3b5572979695e6f841ed59cb01b4919f9e603019119a5ee097635444d43e5f

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6

SRPM
compat-openssl11-1.1.1k-5.el9_6.2.src.rpm SHA-256: 9dbaca23d62c0bcb1f25ba74c73e3488a5878362bf35e302a64981befc3b7f3f
s390x
compat-openssl11-1.1.1k-5.el9_6.2.s390x.rpm SHA-256: 5edb2f6481bd2736913f58ebd13d3cedcac4dd35053b31de93fee83c404a6c4c
compat-openssl11-debuginfo-1.1.1k-5.el9_6.2.s390x.rpm SHA-256: 5a7478cdbb270ea4e901ce814ae26f04d99f66594a06d4827f87b51cd6e355f1
compat-openssl11-debugsource-1.1.1k-5.el9_6.2.s390x.rpm SHA-256: 8c1a84c5503508347765997d001691e2d41672cd7674aefb17599a7287811143

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.