ELSA-2026-22315

ULN >
Oracle Linux Errata repository >
ELSA-2026-22315

ELSA-2026-22315 - compat-openssl10 security update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2026-06-02

Description

[1.1.0.2o-4.2]
- Fixes CVE-2026-28390: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing
Resolves: RHEL-165754

Related CVEs

CVE-2026-28390

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 8 (aarch64)	compat-openssl10-1.0.2o-4.el8_10.2.src.rpm	3706823c440f68b4e0cb2b4b90dadc4d52237709de86a82065ba783fd157774b	-	ol8_aarch64_appstream
	compat-openssl10-1.0.2o-4.el8_10.2.aarch64.rpm	a24f0176dc0034a82e3def07c90c3685c5ce04147283f5953cd37d85e2ff3861	-	ol8_aarch64_appstream

Oracle Linux 8 (x86_64)	compat-openssl10-1.0.2o-4.el8_10.2.src.rpm	3706823c440f68b4e0cb2b4b90dadc4d52237709de86a82065ba783fd157774b	-	ol8_x86_64_appstream
	compat-openssl10-1.0.2o-4.el8_10.2.i686.rpm	3c756bf282d825d4f5f2ea594c2419490c3d835ccde7e570fc701a86f1729df3	-	ol8_x86_64_appstream
	compat-openssl10-1.0.2o-4.el8_10.2.x86_64.rpm	b5fdcc100b8c4128f7678aa2d012310acd79b549fb241b02a4c3c0931ed3d05d	-	ol8_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691