Issued:: 2026-03-17
Updated:: 2026-03-17

RHSA-2026:4825 - Security Advisory

Overview
Updated Packages

Synopsis

Moderate: compat-openssl11 security update

Type/Severity

Security Advisory: Moderate

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for compat-openssl11 is now available for Red Hat Enterprise Linux 9.4 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries from the 1.1.1 version and is provided for compatibility with previous releases.

Security Fix(es):

openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing (CVE-2025-69419)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4 x86_64
Red Hat Enterprise Linux Server - AUS 9.4 x86_64
Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4 s390x
Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4 ppc64le
Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4 aarch64
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4 ppc64le
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4 x86_64
Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4 aarch64
Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4 s390x
Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.4 x86_64
Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.4 aarch64
Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.4 ppc64le
Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.4 s390x

Fixes

BZ - 2430386 - CVE-2025-69419 openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing

CVEs

CVE-2025-69419

References

https://access.redhat.com/security/updates/classification/#moderate

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.4

SRPM
compat-openssl11-1.1.1k-5.el9_4.2.src.rpm	SHA-256: 4747aa610416e134d452a8b02ba0586322854b7fcd223991fe9d136cf0d002e3
x86_64
compat-openssl11-1.1.1k-5.el9_4.2.i686.rpm	SHA-256: 8458fa2a52be5202e2421a35c92051a0c816040f42bab97c3ff5646fca1f9997
compat-openssl11-1.1.1k-5.el9_4.2.x86_64.rpm	SHA-256: dd733fa1bac5b651cb72ada0f528a6eeb4e98589b27a9c87c6f215b4487190c1
compat-openssl11-debuginfo-1.1.1k-5.el9_4.2.i686.rpm	SHA-256: 5077ff49e47df634503397c542557a65e57f07d6a68ec7fd2a1e5af05fa7da0b
compat-openssl11-debuginfo-1.1.1k-5.el9_4.2.x86_64.rpm	SHA-256: 6cfbd9ac7aa005538739a06bd18fe28a5653892e7d0ab610b196f458e1c6e51d
compat-openssl11-debugsource-1.1.1k-5.el9_4.2.i686.rpm	SHA-256: 7795d331f1d7f1b2966ae6d5386ffe573011dac97aee442b4823cc186693a96b
compat-openssl11-debugsource-1.1.1k-5.el9_4.2.x86_64.rpm	SHA-256: 4ec10862424fd0d8536697691725ee7a7ce1ed3121f26b75eeac2a754de05f28

Red Hat Enterprise Linux Server - AUS 9.4

SRPM
compat-openssl11-1.1.1k-5.el9_4.2.src.rpm	SHA-256: 4747aa610416e134d452a8b02ba0586322854b7fcd223991fe9d136cf0d002e3
x86_64
compat-openssl11-1.1.1k-5.el9_4.2.i686.rpm	SHA-256: 8458fa2a52be5202e2421a35c92051a0c816040f42bab97c3ff5646fca1f9997
compat-openssl11-1.1.1k-5.el9_4.2.x86_64.rpm	SHA-256: dd733fa1bac5b651cb72ada0f528a6eeb4e98589b27a9c87c6f215b4487190c1
compat-openssl11-debuginfo-1.1.1k-5.el9_4.2.i686.rpm	SHA-256: 5077ff49e47df634503397c542557a65e57f07d6a68ec7fd2a1e5af05fa7da0b
compat-openssl11-debuginfo-1.1.1k-5.el9_4.2.x86_64.rpm	SHA-256: 6cfbd9ac7aa005538739a06bd18fe28a5653892e7d0ab610b196f458e1c6e51d
compat-openssl11-debugsource-1.1.1k-5.el9_4.2.i686.rpm	SHA-256: 7795d331f1d7f1b2966ae6d5386ffe573011dac97aee442b4823cc186693a96b
compat-openssl11-debugsource-1.1.1k-5.el9_4.2.x86_64.rpm	SHA-256: 4ec10862424fd0d8536697691725ee7a7ce1ed3121f26b75eeac2a754de05f28

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.4

SRPM
compat-openssl11-1.1.1k-5.el9_4.2.src.rpm	SHA-256: 4747aa610416e134d452a8b02ba0586322854b7fcd223991fe9d136cf0d002e3
s390x
compat-openssl11-1.1.1k-5.el9_4.2.s390x.rpm	SHA-256: bad2d96ad7b63c2ef9674207a1cacccbe028f513ac5d0da60e9c7db6c4c047d0
compat-openssl11-debuginfo-1.1.1k-5.el9_4.2.s390x.rpm	SHA-256: c4bf4f3b94b80572ba66e06bf5ec882c508c4e2e15ed2f4fbc21ae43347546dc
compat-openssl11-debugsource-1.1.1k-5.el9_4.2.s390x.rpm	SHA-256: f2d814b6a7e6f97c288c4097563f04033c363de343aa6127c00fe04f4c84c723

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.4

SRPM
compat-openssl11-1.1.1k-5.el9_4.2.src.rpm	SHA-256: 4747aa610416e134d452a8b02ba0586322854b7fcd223991fe9d136cf0d002e3
ppc64le
compat-openssl11-1.1.1k-5.el9_4.2.ppc64le.rpm	SHA-256: 06d692e82debaafc7ad97b49482035a6c76076ff14b7f90e0a95b853ee32985d
compat-openssl11-debuginfo-1.1.1k-5.el9_4.2.ppc64le.rpm	SHA-256: 63f5eb1dd637b161174830b056388d3ae3a4ec74a0e5fe54ceab8e082782a6ab
compat-openssl11-debugsource-1.1.1k-5.el9_4.2.ppc64le.rpm	SHA-256: a0fbeee602cd63e0f84bfa0b5b1bc497c083e7b280c21fe173e8b8bbbdc0659b

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.4

SRPM
compat-openssl11-1.1.1k-5.el9_4.2.src.rpm	SHA-256: 4747aa610416e134d452a8b02ba0586322854b7fcd223991fe9d136cf0d002e3
aarch64
compat-openssl11-1.1.1k-5.el9_4.2.aarch64.rpm	SHA-256: d9f369930c85c9f7d7fc477e84b2288173a96c08d9425d83f8f3163f40977994
compat-openssl11-debuginfo-1.1.1k-5.el9_4.2.aarch64.rpm	SHA-256: a97e80071fca7542b01b0b49f180db3ff59d2d0c1481d1e4a0d68258f98aeb12
compat-openssl11-debugsource-1.1.1k-5.el9_4.2.aarch64.rpm	SHA-256: 66b7cc42aabb6c5c2c5fb784dcfe5e49bc57cf2562c3fcb0223199f5699f101b

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.4

SRPM
compat-openssl11-1.1.1k-5.el9_4.2.src.rpm	SHA-256: 4747aa610416e134d452a8b02ba0586322854b7fcd223991fe9d136cf0d002e3
ppc64le
compat-openssl11-1.1.1k-5.el9_4.2.ppc64le.rpm	SHA-256: 06d692e82debaafc7ad97b49482035a6c76076ff14b7f90e0a95b853ee32985d
compat-openssl11-debuginfo-1.1.1k-5.el9_4.2.ppc64le.rpm	SHA-256: 63f5eb1dd637b161174830b056388d3ae3a4ec74a0e5fe54ceab8e082782a6ab
compat-openssl11-debugsource-1.1.1k-5.el9_4.2.ppc64le.rpm	SHA-256: a0fbeee602cd63e0f84bfa0b5b1bc497c083e7b280c21fe173e8b8bbbdc0659b

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.4

SRPM
compat-openssl11-1.1.1k-5.el9_4.2.src.rpm	SHA-256: 4747aa610416e134d452a8b02ba0586322854b7fcd223991fe9d136cf0d002e3
x86_64
compat-openssl11-1.1.1k-5.el9_4.2.i686.rpm	SHA-256: 8458fa2a52be5202e2421a35c92051a0c816040f42bab97c3ff5646fca1f9997
compat-openssl11-1.1.1k-5.el9_4.2.x86_64.rpm	SHA-256: dd733fa1bac5b651cb72ada0f528a6eeb4e98589b27a9c87c6f215b4487190c1
compat-openssl11-debuginfo-1.1.1k-5.el9_4.2.i686.rpm	SHA-256: 5077ff49e47df634503397c542557a65e57f07d6a68ec7fd2a1e5af05fa7da0b
compat-openssl11-debuginfo-1.1.1k-5.el9_4.2.x86_64.rpm	SHA-256: 6cfbd9ac7aa005538739a06bd18fe28a5653892e7d0ab610b196f458e1c6e51d
compat-openssl11-debugsource-1.1.1k-5.el9_4.2.i686.rpm	SHA-256: 7795d331f1d7f1b2966ae6d5386ffe573011dac97aee442b4823cc186693a96b
compat-openssl11-debugsource-1.1.1k-5.el9_4.2.x86_64.rpm	SHA-256: 4ec10862424fd0d8536697691725ee7a7ce1ed3121f26b75eeac2a754de05f28

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.4

SRPM
compat-openssl11-1.1.1k-5.el9_4.2.src.rpm	SHA-256: 4747aa610416e134d452a8b02ba0586322854b7fcd223991fe9d136cf0d002e3
aarch64
compat-openssl11-1.1.1k-5.el9_4.2.aarch64.rpm	SHA-256: d9f369930c85c9f7d7fc477e84b2288173a96c08d9425d83f8f3163f40977994
compat-openssl11-debuginfo-1.1.1k-5.el9_4.2.aarch64.rpm	SHA-256: a97e80071fca7542b01b0b49f180db3ff59d2d0c1481d1e4a0d68258f98aeb12
compat-openssl11-debugsource-1.1.1k-5.el9_4.2.aarch64.rpm	SHA-256: 66b7cc42aabb6c5c2c5fb784dcfe5e49bc57cf2562c3fcb0223199f5699f101b

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.4

SRPM
compat-openssl11-1.1.1k-5.el9_4.2.src.rpm	SHA-256: 4747aa610416e134d452a8b02ba0586322854b7fcd223991fe9d136cf0d002e3
s390x
compat-openssl11-1.1.1k-5.el9_4.2.s390x.rpm	SHA-256: bad2d96ad7b63c2ef9674207a1cacccbe028f513ac5d0da60e9c7db6c4c047d0
compat-openssl11-debuginfo-1.1.1k-5.el9_4.2.s390x.rpm	SHA-256: c4bf4f3b94b80572ba66e06bf5ec882c508c4e2e15ed2f4fbc21ae43347546dc
compat-openssl11-debugsource-1.1.1k-5.el9_4.2.s390x.rpm	SHA-256: f2d814b6a7e6f97c288c4097563f04033c363de343aa6127c00fe04f4c84c723

Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.4

SRPM
compat-openssl11-1.1.1k-5.el9_4.2.src.rpm	SHA-256: 4747aa610416e134d452a8b02ba0586322854b7fcd223991fe9d136cf0d002e3
x86_64
compat-openssl11-1.1.1k-5.el9_4.2.i686.rpm	SHA-256: 8458fa2a52be5202e2421a35c92051a0c816040f42bab97c3ff5646fca1f9997
compat-openssl11-1.1.1k-5.el9_4.2.x86_64.rpm	SHA-256: dd733fa1bac5b651cb72ada0f528a6eeb4e98589b27a9c87c6f215b4487190c1
compat-openssl11-debuginfo-1.1.1k-5.el9_4.2.i686.rpm	SHA-256: 5077ff49e47df634503397c542557a65e57f07d6a68ec7fd2a1e5af05fa7da0b
compat-openssl11-debuginfo-1.1.1k-5.el9_4.2.x86_64.rpm	SHA-256: 6cfbd9ac7aa005538739a06bd18fe28a5653892e7d0ab610b196f458e1c6e51d
compat-openssl11-debugsource-1.1.1k-5.el9_4.2.i686.rpm	SHA-256: 7795d331f1d7f1b2966ae6d5386ffe573011dac97aee442b4823cc186693a96b
compat-openssl11-debugsource-1.1.1k-5.el9_4.2.x86_64.rpm	SHA-256: 4ec10862424fd0d8536697691725ee7a7ce1ed3121f26b75eeac2a754de05f28

Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.4

SRPM
compat-openssl11-1.1.1k-5.el9_4.2.src.rpm	SHA-256: 4747aa610416e134d452a8b02ba0586322854b7fcd223991fe9d136cf0d002e3
aarch64
compat-openssl11-1.1.1k-5.el9_4.2.aarch64.rpm	SHA-256: d9f369930c85c9f7d7fc477e84b2288173a96c08d9425d83f8f3163f40977994
compat-openssl11-debuginfo-1.1.1k-5.el9_4.2.aarch64.rpm	SHA-256: a97e80071fca7542b01b0b49f180db3ff59d2d0c1481d1e4a0d68258f98aeb12
compat-openssl11-debugsource-1.1.1k-5.el9_4.2.aarch64.rpm	SHA-256: 66b7cc42aabb6c5c2c5fb784dcfe5e49bc57cf2562c3fcb0223199f5699f101b

Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.4

SRPM
compat-openssl11-1.1.1k-5.el9_4.2.src.rpm	SHA-256: 4747aa610416e134d452a8b02ba0586322854b7fcd223991fe9d136cf0d002e3
ppc64le
compat-openssl11-1.1.1k-5.el9_4.2.ppc64le.rpm	SHA-256: 06d692e82debaafc7ad97b49482035a6c76076ff14b7f90e0a95b853ee32985d
compat-openssl11-debuginfo-1.1.1k-5.el9_4.2.ppc64le.rpm	SHA-256: 63f5eb1dd637b161174830b056388d3ae3a4ec74a0e5fe54ceab8e082782a6ab
compat-openssl11-debugsource-1.1.1k-5.el9_4.2.ppc64le.rpm	SHA-256: a0fbeee602cd63e0f84bfa0b5b1bc497c083e7b280c21fe173e8b8bbbdc0659b

Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.4

SRPM
compat-openssl11-1.1.1k-5.el9_4.2.src.rpm	SHA-256: 4747aa610416e134d452a8b02ba0586322854b7fcd223991fe9d136cf0d002e3
s390x
compat-openssl11-1.1.1k-5.el9_4.2.s390x.rpm	SHA-256: bad2d96ad7b63c2ef9674207a1cacccbe028f513ac5d0da60e9c7db6c4c047d0
compat-openssl11-debuginfo-1.1.1k-5.el9_4.2.s390x.rpm	SHA-256: c4bf4f3b94b80572ba66e06bf5ec882c508c4e2e15ed2f4fbc21ae43347546dc
compat-openssl11-debugsource-1.1.1k-5.el9_4.2.s390x.rpm	SHA-256: f2d814b6a7e6f97c288c4097563f04033c363de343aa6127c00fe04f4c84c723

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation