ELSA-2025-28011

ULN >
Oracle Linux Errata repository >
ELSA-2025-28011

ELSA-2025-28011 - openssl security update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2025-11-25

Description

[3.5.1-4.0.2_fips]
- Update additional upstream references

[3.5.1-4.0.1_fips]
- Add FIPS package change: add fips suffix to Release and
set Epoch to 10 [Orabug: 35824276]
- Update FIPS module name [Orabug: 35824276]

[3.5.1-4.0.1]
- Enable openssl-fips-provider dependency [Orabug: 36504822]
- Temporary disable openssl-fips-provider dependency [Orabug: 36504822]
- Replace upstream references [Orabug: 34340177]

[3.5.1.openela.0.1]
- Add OpenELA specific changes

[1:3.5.1-4]
- Fix CVE-2025-9230
Resolves: RHEL-115929

[1:3.5.1-3]
- Add custom define to disable symbol versioning in downstream patched code
Also add stricter Suggests for openssl-fips-provider
Resolves: RHEL-104236
- Fix Requires/Provider to fix default install of fips providers
Resolves: RHEL-104856

[1:3.5.1-2]
- Move fips.so to a seprate subpackage
Reverts FIPS self test for SLH-DSA
Add Suggests to try to prefer the openssl-fips-provider package
over the fips-provider-next package by default
Revolves: RHEL-102408
Related: RHEL-80854

[1:3.5.1-1]
- Rebasing to OpenSSL 3.5.1
Resolves: RHEL-97797
Resolves: RHEL-98723
Resolves: RHEL-99352

[1:3.5.0-4]
- Compact patches for better maintainability
Related: RHEL-80854
- Make hybrid MLKEM work with our FIPS provider (3.0.7)
Resolves: RHEL-95239

[1:3.5.0-3]
- Fix regressions caused by rebase to OpenSSL 3.5
Related: RHEL-80854

Related CVEs

CVE-2025-9230

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 9 (aarch64)	openssl-3.5.1-4.0.2.el9_7_fips.src.rpm	c8a1e62dfbef99393bbb0ec533af6d67aa96bf29daacc7c8029544301f182eac	-	ol9_aarch64_u3_security_validation
	openssl-3.5.1-4.0.2.el9_7_fips.aarch64.rpm	a85e05cef4b16f106bfd94392513d893694bd50feb3ba630464d8092af7c4715	-	ol9_aarch64_u3_security_validation
	openssl-devel-3.5.1-4.0.2.el9_7_fips.aarch64.rpm	47e31bcaa5017318338f799ee78de7e64c5dc66a68cef7f085b69dd9bb6ff512	-	ol9_aarch64_u3_security_validation
	openssl-libs-3.5.1-4.0.2.el9_7_fips.aarch64.rpm	272bd91c4b027022d547d28747df0ce76872df4e13cbac293029f6b4146552e8	-	ol9_aarch64_u3_security_validation
	openssl-perl-3.5.1-4.0.2.el9_7_fips.aarch64.rpm	ff71ed899d7db65e1a51406e388a415e161f58cfc5e30a9323f62f992fb2eef5	-	ol9_aarch64_u3_security_validation

Oracle Linux 9 (x86_64)	openssl-3.5.1-4.0.2.el9_7_fips.src.rpm	c8a1e62dfbef99393bbb0ec533af6d67aa96bf29daacc7c8029544301f182eac	-	ol9_x86_64_u3_security_validation
	openssl-3.5.1-4.0.2.el9_7_fips.x86_64.rpm	10065ee61baf7900e23f3be5564ac7e507a50d96171485061177fe2471834724	-	ol9_x86_64_u3_security_validation
	openssl-devel-3.5.1-4.0.2.el9_7_fips.i686.rpm	e466cd9b53780097fb2881a28f809cbc2b39c45f8661514d44558e6de04cdba4	-	ol9_x86_64_u3_security_validation
	openssl-devel-3.5.1-4.0.2.el9_7_fips.x86_64.rpm	7013b5d7d24eab2b4bf7838684a7c1afc9a62dbbebca18a75cdf924164607546	-	ol9_x86_64_u3_security_validation
	openssl-libs-3.5.1-4.0.2.el9_7_fips.i686.rpm	c5a8bcfc72efbd262e9cfda1d2dcd21555571d01a3bd659a5539770b4b104192	-	ol9_x86_64_u3_security_validation
	openssl-libs-3.5.1-4.0.2.el9_7_fips.x86_64.rpm	9de1020f6283550db9087306185878612b6ac730f065a0088f862992adcdbf58	-	ol9_x86_64_u3_security_validation
	openssl-perl-3.5.1-4.0.2.el9_7_fips.x86_64.rpm	8be83a3610c2ee380aba9bc6b7d34a61b4ac19e54ec4dfe4e174344e0030ba95	-	ol9_x86_64_u3_security_validation

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691