ELSA-2026-26275

ULN >
Oracle Linux Errata repository >
ELSA-2026-26275

ELSA-2026-26275 - openssl security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2026-06-16

Description

[1:1.1.1k-16]
- Fix CVE-2026-45447: Heap Use-After-Free in OpenSSL PKCS7_verify()
Resolves: RHEL-180978
- Fix CVE-2024-4741: Use After Free with SSL_free_buffers
Resolves: RHEL-180983

Related CVEs

CVE-2024-4741

CVE-2026-45447

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 8 (aarch64)	openssl-1.1.1k-16.el8_6.src.rpm	d27e0dc22dbb67793b0e560e2b9d077dce494017b5d16f91af3f243a150acb2e	-	ol8_aarch64_baseos_latest
	openssl-1.1.1k-16.el8_6.src.rpm	d27e0dc22dbb67793b0e560e2b9d077dce494017b5d16f91af3f243a150acb2e	-	ol8_aarch64_u10_baseos_patch
	openssl-1.1.1k-16.el8_6.aarch64.rpm	266019377be7ad217946c5277cb27b4005de0e749838214151687d3b152e0e83	-	ol8_aarch64_baseos_latest
	openssl-1.1.1k-16.el8_6.aarch64.rpm	266019377be7ad217946c5277cb27b4005de0e749838214151687d3b152e0e83	-	ol8_aarch64_u10_baseos_patch
	openssl-devel-1.1.1k-16.el8_6.aarch64.rpm	353a8ff776f2c32998a99f2bcfd11de25d28232807f3d761fb2c2fae63561c15	-	ol8_aarch64_baseos_latest
	openssl-devel-1.1.1k-16.el8_6.aarch64.rpm	353a8ff776f2c32998a99f2bcfd11de25d28232807f3d761fb2c2fae63561c15	-	ol8_aarch64_u10_baseos_patch
	openssl-libs-1.1.1k-16.el8_6.aarch64.rpm	2cc2c262779e45e86efeaaeb9e55bd0e2c4857815e3f1e2df6cb9d65151570fd	-	ol8_aarch64_baseos_latest
	openssl-libs-1.1.1k-16.el8_6.aarch64.rpm	2cc2c262779e45e86efeaaeb9e55bd0e2c4857815e3f1e2df6cb9d65151570fd	-	ol8_aarch64_u10_baseos_patch
	openssl-perl-1.1.1k-16.el8_6.aarch64.rpm	19d06286210047a0e9320fd64a25a998cf2aa5d273dcccdfa1ae38c93330cc46	-	ol8_aarch64_baseos_latest
	openssl-perl-1.1.1k-16.el8_6.aarch64.rpm	19d06286210047a0e9320fd64a25a998cf2aa5d273dcccdfa1ae38c93330cc46	-	ol8_aarch64_u10_baseos_patch

Oracle Linux 8 (x86_64)	openssl-1.1.1k-16.el8_6.src.rpm	d27e0dc22dbb67793b0e560e2b9d077dce494017b5d16f91af3f243a150acb2e	-	ol8_x86_64_baseos_latest
	openssl-1.1.1k-16.el8_6.src.rpm	d27e0dc22dbb67793b0e560e2b9d077dce494017b5d16f91af3f243a150acb2e	-	ol8_x86_64_u10_baseos_patch
	openssl-1.1.1k-16.el8_6.x86_64.rpm	d1140f9715f66973df7f2ee7dc4fefcb5e8833c44a5abc366fcf2f9df8430579	-	ol8_x86_64_baseos_latest
	openssl-1.1.1k-16.el8_6.x86_64.rpm	d1140f9715f66973df7f2ee7dc4fefcb5e8833c44a5abc366fcf2f9df8430579	-	ol8_x86_64_u10_baseos_patch
	openssl-devel-1.1.1k-16.el8_6.i686.rpm	4fa6b1a9bc3e8c8c0ccc51cb8c774d8ec89e1470f5b6f07e57fda076124f2ce8	-	ol8_x86_64_baseos_latest
	openssl-devel-1.1.1k-16.el8_6.i686.rpm	4fa6b1a9bc3e8c8c0ccc51cb8c774d8ec89e1470f5b6f07e57fda076124f2ce8	-	ol8_x86_64_u10_baseos_patch
	openssl-devel-1.1.1k-16.el8_6.x86_64.rpm	8281c347d9f18f1e6882a983a735d4db35a13337a8c6dc26d5e142a96624f892	-	ol8_x86_64_baseos_latest
	openssl-devel-1.1.1k-16.el8_6.x86_64.rpm	8281c347d9f18f1e6882a983a735d4db35a13337a8c6dc26d5e142a96624f892	-	ol8_x86_64_u10_baseos_patch
	openssl-libs-1.1.1k-16.el8_6.i686.rpm	f11230552b0de1a66c6fe9f8f7360f9d8dd5cd4431bb6559852347c9f1342b91	-	ol8_x86_64_baseos_latest
	openssl-libs-1.1.1k-16.el8_6.i686.rpm	f11230552b0de1a66c6fe9f8f7360f9d8dd5cd4431bb6559852347c9f1342b91	-	ol8_x86_64_u10_baseos_patch
	openssl-libs-1.1.1k-16.el8_6.x86_64.rpm	b0e5bec9a48b193470742eebfc3c3d79558a33c12a6a67a8ebdf301e3b2fb601	-	ol8_x86_64_baseos_latest
	openssl-libs-1.1.1k-16.el8_6.x86_64.rpm	b0e5bec9a48b193470742eebfc3c3d79558a33c12a6a67a8ebdf301e3b2fb601	-	ol8_x86_64_u10_baseos_patch
	openssl-perl-1.1.1k-16.el8_6.x86_64.rpm	8a78950be81d343e2596f3d64bf8268a0c45199db0decde6bc13796a5c346df2	-	ol8_x86_64_baseos_latest
	openssl-perl-1.1.1k-16.el8_6.x86_64.rpm	8a78950be81d343e2596f3d64bf8268a0c45199db0decde6bc13796a5c346df2	-	ol8_x86_64_u10_baseos_patch

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691