Release date:
2026-07-02 07:19:40 UTC
Description:
- CVE-2026-45446: reset AES-SIV final_ret on context reuse so a forged all-zero
tag is not accepted for empty-ciphertext messages
- CVE-2026-9076: reject KEK ciphers with block size below 4 in CMS kek_unwrap_key
to prevent an out-of-bounds read during check-byte validation
Updated packages:
-
openssl-3.0.7-20.el9_2.tuxcare.1.els20.x86_64.rpm
sha:53510ccc8f883445483b5c0904e5aa0700f7106a97bb4924aa9e70e6a65609ef
-
openssl-devel-3.0.7-20.el9_2.tuxcare.1.els20.i686.rpm
sha:2bfa29e12a7615ac92a51407372dcd6530466ded265983e27b86b737d9d1d328
-
openssl-devel-3.0.7-20.el9_2.tuxcare.1.els20.x86_64.rpm
sha:1b978b0b88e4d68ef4c3bf934c9dbd741eaaa039554655fa816aae0bf25a27d7
-
openssl-libs-3.0.7-20.el9_2.tuxcare.1.els20.i686.rpm
sha:06abcc7b36ea2de0239f630a2878a8a5b9ee9fd6d26414d01c02f0fb03eb9476
-
openssl-libs-3.0.7-20.el9_2.tuxcare.1.els20.x86_64.rpm
sha:913567e98e3454b4c6cf9cee1f7842b41f08645a91ebeaabbd4325c4c41e8dc1
-
openssl-perl-3.0.7-20.el9_2.tuxcare.1.els20.x86_64.rpm
sha:b4f42be64bb952feef4ed24fe33e09ae0bed9ef7cea862a5c48a288470ae541d
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.