OpenSSL 3.6 Series Release Notes
The major changes and known issues for the 3.6 branch of the
OpenSSL toolkit are summarised below. The contents reflect the current
state of the NEWS file inside the
git repository.
More details can be found in the ChangeLog.
Major changes between OpenSSL 3.6.0 and OpenSSL 3.6.1 [27 Jan 2026]
OpenSSL 3.6.1 is a security patch release. The most severe CVE fixed in this release is High.
This release incorporates the following bug fixes and mitigations:
-
Fixed Improper validation of PBMAC1 parameters in PKCS#12 MAC verification. (CVE-2025-11187)
-
Fixed Stack buffer overflow in CMS
AuthEnvelopedDataparsing. (CVE-2025-15467) -
Fixed NULL dereference in
SSL_CIPHER_find()function on unknown cipher ID. (CVE-2025-15468) -
Fixed
openssl dgstone-shot codepath silently truncates inputs >16 MiB. (CVE-2025-15469) -
Fixed TLS 1.3
CompressedCertificateexcessive memory allocation. (CVE-2025-66199) -
Fixed Heap out-of-bounds write in
BIO_f_linebufferon short writes. (CVE-2025-68160) -
Fixed Unauthenticated/unencrypted trailing bytes with low-level OCB function calls. (CVE-2025-69418)
-
Fixed Out of bounds write in
PKCS12_get_friendlyname()UTF-8 conversion. (CVE-2025-69419) -
Fixed Missing
ASN1_TYPEvalidation inTS_RESP_verify_response()function. (CVE-2025-69420) -
Fixed NULL Pointer Dereference in
PKCS12_item_decrypt_d2i_ex()function. (CVE-2025-69421) -
Fixed Missing
ASN1_TYPEvalidation in PKCS#12 parsing. (CVE-2026-22795) -
Fixed
ASN1_TYPEType Confusion in thePKCS7_digest_from_attributes()function. (CVE-2026-22796) -
Fixed a regression in
X509_V_FLAG_CRL_CHECK_ALLflag handling by restoring its pre-3.6.0 behaviour. -
Fixed a regression in handling stapled OCSP responses causing handshake failures for OpenSSL 3.6.0 servers with various client implementations.
Major changes between OpenSSL 3.5 and OpenSSL 3.6.0 [1 Oct 2025]
OpenSSL 3.6.0 is a feature release adding significant new functionality to OpenSSL.
This release incorporates the following potentially significant or incompatible changes:
-
Added NIST security categories for PKEY objects.
-
Added support for
EVP_SKEYopaque symmetric key objects to the key derivation and key exchange provider methods. AddedEVP_KDF_CTX_set_SKEY(),EVP_KDF_derive_SKEY(), andEVP_PKEY_derive_SKEY()functions. -
Added LMS signature verification support as per SP 800-208. This support is present in both the FIPS and default providers.
-
An ANSI-C toolchain is no longer sufficient for building OpenSSL. The code should be built using compilers supporting C-99 features.
-
Support for the VxWorks platforms has been removed.
-
Added an
openssl configutlutility for processing the OpenSSL configuration file and dumping the equal configuration file. -
Added support for FIPS 186-5 deterministic ECDSA signature generation to the FIPS provider.
-
Deprecated
EVP_PKEY_ASN1_METHOD-related functions.
- Changelog
- CVEs and the FIPS provider
- News
- OpenSSL 1.1.1 Series Release Notes
- OpenSSL 3.0 Series Release Notes
- OpenSSL 3.1 Series Release Notes
- OpenSSL 3.2 Series Release Notes
- OpenSSL 3.3 Series Release Notes
- OpenSSL 3.4 Series Release Notes
- OpenSSL 3.5 Series Release Notes
- OpenSSL 3.6 Series Release Notes
- Release and Advisory Timeline
- Security advisory list (json)
- Security advisory list (txt)
- Vulnerabilities
- Vulnerabilities 0.9.6
- Vulnerabilities 0.9.7
- Vulnerabilities 0.9.8
- Vulnerabilities 1.0.0
- Vulnerabilities 1.0.1
- Vulnerabilities 1.0.2
- Vulnerabilities 1.1.0
- Vulnerabilities 1.1.1
- Vulnerabilities 3.0
- Vulnerabilities 3.1
- Vulnerabilities 3.2
- Vulnerabilities 3.3
- Vulnerabilities 3.4
- Vulnerabilities 3.5
- Vulnerabilities 3.6
- Top of News