Slackware alert SSA:2025-296-01 (openssl)
| From: | Slackware Security Team <security@slackware.com> | |
| To: | slackware-security@slackware.com | |
| Subject: | [slackware-security] openssl (SSA:2025-296-01) | |
| Date: | Thu, 23 Oct 2025 15:27:40 -0700 | |
| Message-ID: | <alpine.LNX.2.02.2510231527170.9936@connie.slackware.com> |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] openssl (SSA:2025-296-01) New openssl packages are available for Slackware 15.0 to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: +--------------------------+ patches/packages/openssl-1.1.1zd-i586-1_slack15.0.txz: Upgraded. Apply patch to fix a moderate severity security issue: Fix incorrect check of unwrapped key size in kek_unwrap_key() The check is off by 8 bytes so it is possible to overread by up to 8 bytes and overwrite up to 4 bytes. Although the consequences of a successful exploit of this vulnerability could be severe, the probability that the attacker would be able to perform it is low. Besides, password based (PWRI) encryption support in CMS messages is very rarely used. This CVE was fixed by the 1.1.1zd release that is only available to subscribers to OpenSSL's premium extended support. The patch was prepared by backporting from the OpenSSL-3.0 repo. Thanks to Ken Zalewski for the patch! For more information, see: https://www.cve.org/CVERecord?id=CVE-2025-9230 (* Security fix *) patches/packages/openssl-solibs-1.1.1zd-i586-1_slack15.0.txz: Upgraded. +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated packages for Slackware 15.0: ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patc... ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patc... Updated packages for Slackware x86_64 15.0: ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/pa... ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/pa... MD5 signatures: +-------------+ Slackware 15.0 packages: 5917ba00eca52d7e3377c051c02772a6 openssl-1.1.1zd-i586-1_slack15.0.txz 1d8b3745c638b4788d22abf581ab3c2d openssl-solibs-1.1.1zd-i586-1_slack15.0.txz Slackware x86_64 15.0 packages: 231482c02ec0e0ca42dffafaf8ef9e01 openssl-1.1.1zd-x86_64-1_slack15.0.txz 43b1705338bcd157b2e78f98d61ffd34 openssl-solibs-1.1.1zd-x86_64-1_slack15.0.txz Installation instructions: +------------------------+ Upgrade the packages as root: # upgradepkg openssl-1.1.1zd-i586-1_slack15.0.txz openssl-solibs-1.1.1zd-i586-1_slack15.0.txz +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. | +------------------------------------------------------------------------+ -----BEGIN PGP SIGNATURE----- iF0EARECAB0WIQTsVknaQB4iq/pnNu9qRGPAQBAiMwUCaPqo7gAKCRBqRGPAQBAi M3h5AJ9XHYnF3TVFgPrrGyQWAuW4qRZo8gCfcjF1lYU67kqQITkGC8nbdT/Pn6E= =3GkA -----END PGP SIGNATURE-----