MGASA-2026-0029
- Source
- https://advisories.mageia.org/MGASA-2026-0029.html
- Import Source
- https://advisories.mageia.org/MGASA-2026-0029.json
- JSON Data
- https://api.osv.dev/v1/vulns/MGASA-2026-0029
- Related
- Published
- 2026-01-30T00:39:37Z
- Modified
- 2026-01-30T00:47:46.480002Z
- Summary
- Updated openssl packages fix security vulnerabilities
- Details
-
Stack buffer overflow in CMS AuthEnvelopedData parsing. (CVE-2025-15467) Heap out-of-bounds write in BIOflinebuffer on short writes. (CVE-2025-68160) Unauthenticated/unencrypted trailing bytes with low-level OCB function calls. (CVE-2025-69418) Out of bounds write in PKCS12getfriendlyname() UTF-8 conversion. (CVE-2025-69419) Missing ASN1TYPE validation in TSRESPverifyresponse() function. (CVE-2025-69420) NULL Pointer Dereference in PKCS12itemdecryptd2iex function. (CVE-2025-69421) Missing ASN1TYPE validation in PKCS#12 parsing. (CVE-2026-22795) ASN1TYPE Type Confusion in the PKCS7digestfrom_attributes() function. (CVE-2026-22796)
- References
- Credits
-
-
- Mageia - COORDINATOR
-
Affected packages
Mageia:9 / openssl
Package
- Name
- openssl
- Purl
- pkg:rpm/mageia/openssl?arch=source&distro=mageia-9