Release date:
2026-04-29 09:37:33 UTC
Description:
- CVE-2026-28387: fix use-after-free / double-free in dane_match()
by releasing the previously stored dane->mcert with X509_free()
instead of OPENSSL_free(); the slot is reference-bumped via
X509_up_ref() so the matching free is X509_free()
Updated packages:
-
openssl-1.1.1g-15.el8.4.tuxcare.els19.x86_64.rpm
sha:de68e8396b4bb26f7446983e40b7da39c1b6461f259a9f381ec48a8fdac0dd7c
-
openssl-devel-1.1.1g-15.el8.4.tuxcare.els19.i686.rpm
sha:17034c21f9ea50458940435fa20c1e281555e43e0abd63354d4ae3c59dbd8206
-
openssl-devel-1.1.1g-15.el8.4.tuxcare.els19.x86_64.rpm
sha:14cf63d3dcf99ddd75e79034ea0c1db372f58f116704511a3188406e4a093bfb
-
openssl-libs-1.1.1g-15.el8.4.tuxcare.els19.i686.rpm
sha:b44660efcfb998fafdc2168f5447fba51705d6079f5d2363d489f5e94f5e82a1
-
openssl-libs-1.1.1g-15.el8.4.tuxcare.els19.x86_64.rpm
sha:062b7494666812d0c1577367409c0e25cd6e3ffcaa9c857eadf0ea40175c5858
-
openssl-perl-1.1.1g-15.el8.4.tuxcare.els19.x86_64.rpm
sha:3fccb891dcd92ffb1acbafe1822a71880521166f9df45ed89ce0e9bc285cfb3a
-
openssl-static-1.1.1g-15.el8.4.tuxcare.els19.x86_64.rpm
sha:faf5cb8a69c810cb820b6987e8e1059eb3d44915f19daca98300471c228f4c15
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
