FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

OpenSSL -- multiple vulnerabilities

Affected packages
openssl < 3.0.18,1
openssl32 < 3.2.6
openssl33 < 3.3.5
openssl33-quictls < 3.3.5
openssl34 < 3.4.3
openssl35 < 3.5.4
openssl36 < 3.6.0

Details

VuXML ID 00e912c5-9e92-11f0-bc5f-8447094a420f
Discovery 2025-09-30
Entry 2025-10-01
Modified 2025-10-03

The OpenSSL project reports reports:

Out-of-bounds read & write in RFC 3211 KEK Unwrap

Timing side-channel in SM2 algorithm on 64-bit ARM

Fix Out-of-bounds read in HTTP client no_proxy handling

[source]

References

CVE Name CVE-2025-9230
CVE Name CVE-2025-9231
CVE Name CVE-2025-9232
FreeBSD Advisory SA-25:08.openssl
URL https://openssl-library.org/news/secadv/20250930.txt

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.