Release Info

Advisory: CLSA-2026:1770667352

OS: TuxCare 9.6 ESU

Public date: 2026-02-09 20:02:34.454932

Project: openssl

Version: 3.2.2-6.el9_6.1.tuxcare.6.els5

Errata link: https://errata.tuxcare.com/els_os/tuxcare9.6esu/CLSA-2026-1770667352.html

Changelog

- CVE-2025-69418: fix OCB AES-NI/HW stream path leaving trailing bytes unauthenticated/unencrypted by advancing pointers after stream processing - CVE-2025-69420: fix missing ASN1_TYPE validation in TS_RESP_verify_response for signing certificate attributes - CVE-2025-15468: add a NULL guard before dereferencing SSL_CIPHER to prevent abnormal termination of the running process causing Denial of Service

Update

Update command: dnf update openssl*

Packages list

openssl-3.2.2-6.el9_6.1.tuxcare.6.els5.x86_64.rpm openssl-devel-3.2.2-6.el9_6.1.tuxcare.6.els5.i686.rpm openssl-devel-3.2.2-6.el9_6.1.tuxcare.6.els5.x86_64.rpm openssl-libs-3.2.2-6.el9_6.1.tuxcare.6.els5.i686.rpm openssl-libs-3.2.2-6.el9_6.1.tuxcare.6.els5.x86_64.rpm openssl-perl-3.2.2-6.el9_6.1.tuxcare.6.els5.x86_64.rpm

CVEs

CVE-2025-68160
CVE-2025-69420
CVE-2025-69421
CVE-2025-69419
CVE-2026-22796
CVE-2025-69418
CVE-2025-15468
CVE-2026-22795
CVE-2025-15467