[CLSA-2026:1782386492] openssl: Fix of 13 CVEs
Type:
security
Severity:
Critical
Release date:
2026-06-25 11:22:03 UTC
Description:
- CVE-2026-42769: fix CMP rootCaKeyUpdate trust-anchor substitution by adding the correct issuer to the chain, enabling self-signed signature checking, and guarding a NULL verify-param dereference
Updated packages:
  • openssl-3.2.2-7.el9_6.tuxcare.1.els7.x86_64.rpm
    sha:6e8986b2706884c09467567631499b51f8e52d9e0debd511e6205bd032f24166
  • openssl-devel-3.2.2-7.el9_6.tuxcare.1.els7.i686.rpm
    sha:b292ac07300f3737524ecc91bbfe28ff3fb76b92708607ecf6259683e47ab1ea
  • openssl-devel-3.2.2-7.el9_6.tuxcare.1.els7.x86_64.rpm
    sha:f702c14639c3666b53ea91a0bf66d268ddb314b9bdf2f38be90497edb45a0219
  • openssl-libs-3.2.2-7.el9_6.tuxcare.1.els7.i686.rpm
    sha:5f1d578fd086aef48eea201ab65044926cea5ca80258cc114f1f75a542bf1821
  • openssl-libs-3.2.2-7.el9_6.tuxcare.1.els7.x86_64.rpm
    sha:d9939ca0390d3cd1e04883004364aa27037ad8ae03d0f48409230439571cf120
  • openssl-perl-3.2.2-7.el9_6.tuxcare.1.els7.x86_64.rpm
    sha:cf9ca0809c6d0d08eae3486e57f1dca461f8d1495aa94885cbb3e1660ab9cba2
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.