ALSA-2026:22315

See a problem?

Import Source

https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2026:22315.json

JSON Data

https://api.osv.dev/v1/vulns/ALSA-2026:22315

Related

CVE-2026-28390

Published

2026-06-01T00:00:00Z

Modified

2026-06-03T13:45:04.038963778Z

Summary

Moderate: compat-openssl10 security update

Details

The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries and is provided for compatibility with previous releases and software that does not support compilation with OpenSSL-1.1.

Security Fix(es):

openssl: OpenSSL: Denial of Service due to NULL pointer dereference in CMS EnvelopedData processing (CVE-2026-28390)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References

Affected packages

AlmaLinux:8 / compat-openssl10

Package

Name: compat-openssl10
Purl: pkg:rpm/almalinux/compat-openssl10

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.0.2o-4.el8_10.2

Database specific

source

"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2026:22315.json"