CLSA-2026:1774530145
Update of alt-openssl11
TuxCare License Agreement
0
- strip debug symbols from binary files
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- strip debug symbols from binary files
0
tuxcare-el7-els-alt-common
alt-openssl11-1.1.1w-3.1.el7.x86_64.rpm
23cf50712ef77b08c277cb22d94ea9e489a1d91d1dd248ef6e91b0ddea1b580f
alt-openssl11-devel-1.1.1w-3.1.el7.x86_64.rpm
ca2485b60c388749d58aa77c713d4c860837159849deb55373afd7af06c70be8
alt-openssl11-libs-1.1.1w-3.1.el7.x86_64.rpm
ea7670f62dcff4116b899a70f8a55d8721de3680b57c36921c385c8ead8c1b2b
CLSA-2026:1775146507
alt-openssl11: Fix of 2 CVEs
TuxCare License Agreement
0
- CVE-2023-5678: fix excessive time in DH check/generation with large Q
parameter by adding bounds checks in DH_check_pub_key and DH_generate_key
- CVE-2024-0727: fix PKCS12 decoding NULL pointer dereference by adding NULL
checks where ContentInfo data can be NULL
Moderate
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2023-5678: fix excessive time in DH check/generation with large Q
parameter by adding bounds checks in DH_check_pub_key and DH_generate_key
- CVE-2024-0727: fix PKCS12 decoding NULL pointer dereference by adding NULL
checks where ContentInfo data can be NULL
0
tuxcare-el7-els-alt-common
alt-openssl11-1.1.1w-3.2.el7.x86_64.rpm
ac12898ae3e9127c8a07ae45b25ece782da8b60c4ff2cccb041c3493916d8a18
alt-openssl11-devel-1.1.1w-3.2.el7.x86_64.rpm
1f03be491573718430872734c6975a1f5d51aaafa7acbcd02b8cdf77090c22e5
alt-openssl11-libs-1.1.1w-3.2.el7.x86_64.rpm
a315194c62999d3f70219eaf280cad6b9019b0c7f12319221e461184ab96e957
CLSA-2026:1776705439
alt-openssl11: Fix of 4 CVEs
TuxCare License Agreement
0
- CVE-2026-28387: fix use-after-free in DANE client code by using X509_free()
instead of OPENSSL_free() to properly release reference-counted X509 objects
- CVE-2026-28388: fix NULL pointer dereference when processing a delta CRL
that has a Delta CRL Indicator but lacks a CRL Number extension
- CVE-2026-28389: fix NULL pointer dereference in CMS KeyAgreeRecipientInfo
processing when KeyEncryptionAlgorithmIdentifier omits the optional
parameter field, by using safe X509_ALGOR_get0() extraction
- CVE-2026-28390: fix NULL pointer dereference in CMS KeyTransportRecipientInfo
processing when RSA-OAEP SourceFunc parameters are missing, by using safe
X509_ALGOR_get0() extraction and OPENSSL_memdup() for label data
Important
Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the CLN.
- CVE-2026-28387: fix use-after-free in DANE client code by using X509_free()
instead of OPENSSL_free() to properly release reference-counted X509 objects
- CVE-2026-28388: fix NULL pointer dereference when processing a delta CRL
that has a Delta CRL Indicator but lacks a CRL Number extension
- CVE-2026-28389: fix NULL pointer dereference in CMS KeyAgreeRecipientInfo
processing when KeyEncryptionAlgorithmIdentifier omits the optional
parameter field, by using safe X509_ALGOR_get0() extraction
- CVE-2026-28390: fix NULL pointer dereference in CMS KeyTransportRecipientInfo
processing when RSA-OAEP SourceFunc parameters are missing, by using safe
X509_ALGOR_get0() extraction and OPENSSL_memdup() for label data
0
tuxcare-el7-els-alt-common
alt-openssl11-1.1.1w-3.3.el7.x86_64.rpm
839ed86e4915d4a78a8f5d9614fb69eddb352855caa2f8ab0e14861363b4bd01
alt-openssl11-devel-1.1.1w-3.3.el7.x86_64.rpm
386764aa70cd8f2c2c715d12956784f86638ec1109048f51b3cac1cdd9adb3e9
alt-openssl11-libs-1.1.1w-3.3.el7.x86_64.rpm
14a15ab1da7dbf9178f24c5ab05048ee8eca1349abeef7f483cf11ab8fbab1e5