| Package | openssl1.0 |
|---|---|
| Version | 1.0.2u-1~deb9u11 (stretch) |
| Related CVEs | CVE-2025-9230 |
Stanislav Fort discovered an out of bounds read and write issue when decrypting CMS messages that were encrypted using password based encryption.
For Debian 9 stretch, these problems have been fixed in version 1.0.2u-1~deb9u11.
We recommend that you upgrade your openssl1.0 packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.