OpenSSL 3.5.5 #29802
t8m
announced in
Announcements
OpenSSL 3.5.5
#29802
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
OpenSSL 3.5.5 is a security patch release. The most severe CVE fixed in this
release is High.
This release incorporates the following bug fixes and mitigations:
Fixed Improper validation of PBMAC1 parameters in PKCS#12 MAC verification.
(CVE-2025-11187)
Fixed Stack buffer overflow in CMS
AuthEnvelopedDataparsing.(CVE-2025-15467)
Fixed NULL dereference in
SSL_CIPHER_find()function on unknown cipher ID.(CVE-2025-15468)
Fixed
openssl dgstone-shot codepath silently truncates inputs >16 MiB.(CVE-2025-15469)
Fixed TLS 1.3
CompressedCertificateexcessive memory allocation.(CVE-2025-66199)
Fixed Heap out-of-bounds write in
BIO_f_linebufferon short writes.(CVE-2025-68160)
Fixed Unauthenticated/unencrypted trailing bytes with low-level OCB
function calls.
(CVE-2025-69418)
Fixed Out of bounds write in
PKCS12_get_friendlyname()UTF-8 conversion.(CVE-2025-69419)
Fixed Missing
ASN1_TYPEvalidation inTS_RESP_verify_response()function.
(CVE-2025-69420)
Fixed NULL Pointer Dereference in
PKCS12_item_decrypt_d2i_ex()function.(CVE-2025-69421)
Fixed Missing
ASN1_TYPEvalidation in PKCS#12 parsing.(CVE-2026-22795)
Fixed
ASN1_TYPEType Confusion in thePKCS7_digest_from_attributes()function.
(CVE-2026-22796)
This discussion was created from the release OpenSSL 3.5.5.
Beta Was this translation helpful? Give feedback.
All reactions