[El-errata] ELSA-2026-1473 Important: Oracle Linux 9 openssl security update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Mon Feb 2 12:23:32 UTC 2026
Oracle Linux Security Advisory ELSA-2026-1473
http://linux.oracle.com/errata/ELSA-2026-1473.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
x86_64:
openssl-3.5.1-7.0.1.el9_7.x86_64.rpm
openssl-devel-3.5.1-7.0.1.el9_7.i686.rpm
openssl-devel-3.5.1-7.0.1.el9_7.x86_64.rpm
openssl-libs-3.5.1-7.0.1.el9_7.i686.rpm
openssl-libs-3.5.1-7.0.1.el9_7.x86_64.rpm
openssl-perl-3.5.1-7.0.1.el9_7.x86_64.rpm
aarch64:
openssl-3.5.1-7.0.1.el9_7.aarch64.rpm
openssl-devel-3.5.1-7.0.1.el9_7.aarch64.rpm
openssl-libs-3.5.1-7.0.1.el9_7.aarch64.rpm
openssl-perl-3.5.1-7.0.1.el9_7.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/openssl-3.5.1-7.0.1.el9_7.src.rpm
Related CVEs:
CVE-2025-11187
CVE-2025-15467
CVE-2025-15468
CVE-2025-15469
CVE-2025-66199
CVE-2025-68160
CVE-2025-69418
CVE-2025-69419
CVE-2025-69420
CVE-2025-69421
CVE-2026-22795
CVE-2026-22796
Description of changes:
[3.5.1-7.0.1]
- Enable openssl-fips-provider dependency [Orabug: 36504822]
- Temporary disable openssl-fips-provider dependency [Orabug: 36504822]
- Replace upstream references [Orabug: 34340177]
[3.5.1.openela.0.1]
- Add OpenELA specific changes
[1:3.5.1-7]
- Fix CVE-2025-11187 CVE-2025-15467 CVE-2025-15468 CVE-2025-15469
CVE-2025-66199 CVE-2025-68160 CVE-2025-69418 CVE-2025-69419 CVE-2025-69420
CVE-2025-69421 CVE-2026-22795 CVE-2026-22796
Resolves: RHEL-142068
Resolves: RHEL-142002
Resolves: RHEL-142055
Resolves: RHEL-142051
Resolves: RHEL-142047
Resolves: RHEL-142043
Resolves: RHEL-142039
Resolves: RHEL-142035
Resolves: RHEL-142031
Resolves: RHEL-142011
Resolves: RHEL-142027
Resolves: RHEL-142023
[1:3.5.1-6]
- Fix AES/GCM ppc64le encrypt/decrypt
Resolves: RHEL-139131
More information about the El-errata
mailing list