[CLSA-2026:1777396609] openssl: Fix of 3 CVEs
Type:
security
Severity:
Important
Release date:
2026-04-28 17:16:55 UTC
Description:
- CVE-2026-28388: fix NULL dereference in check_delta_base() when a Delta CRL lacks the CRL Number extension - CVE-2026-28389: fix NULL dereference in dh/ecdh_cms_set_shared_info() when KeyEncryptionAlgorithmIdentifier has no parameters field - CVE-2026-28390: fix NULL dereference in rsa_cms_decrypt() when the pSourceFunc X509_ALGOR has no parameters field
Updated packages:
  • openssl-1.1.1k-5.el8.5.tuxcare.els17.x86_64.rpm
    sha:8c822735a27af54c4dc4df1d7c66f9fc9410a30abbea4b05115f04cec31c048f
  • openssl-devel-1.1.1k-5.el8.5.tuxcare.els17.i686.rpm
    sha:6bf003ddbb6f0d1dd369635ce9566bd56e494c1e61082bd4c49d687ab7a528d1
  • openssl-devel-1.1.1k-5.el8.5.tuxcare.els17.x86_64.rpm
    sha:e0acaf8f3ab8f06325e1c9e3b2c68fcdd4ab860086e2f8cf984a8eb74fddf64e
  • openssl-libs-1.1.1k-5.el8.5.tuxcare.els17.i686.rpm
    sha:bdbc6064ce5c49d2664ad7de478deedca34d37a96c56c7fc43228242fd826cea
  • openssl-libs-1.1.1k-5.el8.5.tuxcare.els17.x86_64.rpm
    sha:a03e242f1b53d14d00cb156d850272be200e70ff3265df8fed73c1fb18636945
  • openssl-perl-1.1.1k-5.el8.5.tuxcare.els17.x86_64.rpm
    sha:4fe2b5873bdb63ca234d8903e3e41b1652e727ccce291118265d8343209641c4
  • openssl-static-1.1.1k-5.el8.5.tuxcare.els17.x86_64.rpm
    sha:3100ddc193c549d4d8042008e958817c9e213b6489050237cd3444b46d1fa890
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.