Unclaimed project
Are you a maintainer of openssl? Claim this project to take control of your public changelog and roadmap.
Changelog
TLS/SSL and crypto library
Last updated 6 days ago
OpenSSL 3.5.5 is a security patch release. The most severe CVE fixed in this release is High.
This release incorporates the following bug fixes and mitigations:
Fixed Improper validation of PBMAC1 parameters in PKCS#12 MAC verification. (CVE-2025-11187)
Fixed Stack buffer overflow in CMS AuthEnvelopedData parsing.
(CVE-2025-15467)
Fixed NULL dereference in SSL_CIPHER_find() function on unknown cipher ID.
(CVE-2025-15468)
Fixed openssl dgst one-shot codepath silently truncates inputs >16 MiB.
(CVE-2025-15469)
Fixed TLS 1.3 CompressedCertificate excessive memory allocation.
(CVE-2025-66199)
Fixed Heap out-of-bounds write in BIO_f_linebuffer on short writes.
(CVE-2025-68160)
Fixed Unauthenticated/unencrypted trailing bytes with low-level OCB function calls. (CVE-2025-69418)
Fixed Out of bounds write in PKCS12_get_friendlyname() UTF-8 conversion.
(CVE-2025-69419)
Fixed Missing ASN1_TYPE validation in TS_RESP_verify_response()
function.
(CVE-2025-69420)
Fixed NULL Pointer Dereference in PKCS12_item_decrypt_d2i_ex() function.
(CVE-2025-69421)
Fixed Missing ASN1_TYPE validation in PKCS#12 parsing.
(CVE-2026-22795)
Fixed ASN1_TYPE Type Confusion in the PKCS7_digest_from_attributes()
function.
(CVE-2026-22796)
Display and control your Android device
The fastest path to AI-powered full stack observability, even for lean teams.
For developers, who are building real-time data-driven applications, Redis is the preferred, fastest, and most feature-rich cache, data structure server, and document and vector query engine.
A command line tool and library for transferring data with URL syntax, supporting DICT, FILE, FTP, FTPS, GOPHER, GOPHERS, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, MQTT, MQTTS, POP3, POP3S, RTMP, RTMPS, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET, TFTP, WS and WSS. libcurl offers a myriad of powerful features