ELSA-2026-50080
- ULN >
- Oracle Linux Errata repository >
- ELSA-2026-50080
ELSA-2026-50080 - openssl security update
| Type: | SECURITY |
| Impact: | IMPORTANT |
| Release Date: | 2026-01-30 |
Description
[3.5.1-7.0.1]
- Enable openssl-fips-provider dependency [Orabug: 36504822]
- Temporary disable openssl-fips-provider dependency [Orabug: 36504822]
- Replace upstream references [Orabug: 34340177]
[3.5.1.openela.0.1]
- Add OpenELA specific changes
[1:3.5.1-7]
- Fix CVE-2025-11187 CVE-2025-15467 CVE-2025-15468 CVE-2025-15469
CVE-2025-66199 CVE-2025-68160 CVE-2025-69418 CVE-2025-69419 CVE-2025-69420
CVE-2025-69421 CVE-2026-22795 CVE-2026-22796
Resolves: RHEL-142068
Resolves: RHEL-142002
Resolves: RHEL-142055
Resolves: RHEL-142051
Resolves: RHEL-142047
Resolves: RHEL-142043
Resolves: RHEL-142039
Resolves: RHEL-142035
Resolves: RHEL-142031
Resolves: RHEL-142011
Resolves: RHEL-142027
Resolves: RHEL-142023
[1:3.5.1-6]
- Fix AES/GCM ppc64le encrypt/decrypt
Resolves: RHEL-139131
[1:3.5.1-5]
- Do not make key share choice in tls1_set_groups()
Resolves: RHEL-131010
[1:3.5.1-4]
- Fix CVE-2025-9230
Resolves: RHEL-115929
[1:3.5.1-3]
- Add custom define to disable symbol versioning in downstream patched code
Also add stricter Suggests for openssl-fips-provider
Resolves: RHEL-104236
- Fix Requires/Provider to fix default install of fips providers
Resolves: RHEL-104856
[1:3.5.1-2]
- Move fips.so to a seprate subpackage
Reverts FIPS self test for SLH-DSA
Add Suggests to try to prefer the openssl-fips-provider package
over the fips-provider-next package by default
Revolves: RHEL-102408
Related: RHEL-80854
[1:3.5.1-1]
- Rebasing to OpenSSL 3.5.1
Resolves: RHEL-97797
Resolves: RHEL-98723
Resolves: RHEL-99352
[1:3.5.0-4]
- Compact patches for better maintainability
Related: RHEL-80854
- Make hybrid MLKEM work with our FIPS provider (3.0.7)
Resolves: RHEL-95239
Related CVEs
| CVE-2025-11187 |
| CVE-2025-15467 |
| CVE-2025-15468 |
| CVE-2025-15469 |
| CVE-2025-66199 |
| CVE-2025-68160 |
| CVE-2025-69418 |
| CVE-2025-69419 |
| CVE-2025-69420 |
| CVE-2025-69421 |
| CVE-2026-22795 |
| CVE-2026-22796 |
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
| Oracle Linux 9 (aarch64) | openssl-3.5.1-7.0.1.ksplice1.el9_7.src.rpm | eed93e49b932651c4edc31adef07a297a51efafc328a67e9ddbc546f7c9b9598 | - | ol9_aarch64_userspace_ksplice |
| openssl-3.5.1-7.0.1.ksplice1.el9_7.aarch64.rpm | 74584973732f3608edeed7bd22ec274091cff6bbec641735f826ea1da5061447 | - | ol9_aarch64_userspace_ksplice | |
| openssl-devel-3.5.1-7.0.1.ksplice1.el9_7.aarch64.rpm | 604599c60ee128964566765c5f2176b4c022fc2ad0e8296735e92602c2729b0f | - | ol9_aarch64_userspace_ksplice | |
| openssl-libs-3.5.1-7.0.1.ksplice1.el9_7.aarch64.rpm | 102d5f041a119e727751b9b5da2af162016ca1e04dadd54184309e5db43da594 | - | ol9_aarch64_userspace_ksplice | |
| openssl-perl-3.5.1-7.0.1.ksplice1.el9_7.aarch64.rpm | f81522c15e437670071013b484068c21bc15f914e9e100d252350a01bc93b7e4 | - | ol9_aarch64_userspace_ksplice | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
