OpenSSL has released version 3.6.1, a security-focused patch update that addresses multiple vulnerabilities, including several rated as High severity, and includes fixes accumulated since the previous 3.6.x update.
Among the most notable ones is the correction of improper validation of PBMAC1 parameters during PKCS#12 MAC verification, tracked as CVE-2025-11187.
Several memory-related vulnerabilities were also addressed, including a stack buffer overflow in CMS AuthEnvelopedData parsing, multiple heap and out-of-bounds write issues in BIO and PKCS#12 code paths, and NULL pointer dereferences in cipher lookup and decryption functions.
OpenSSL 3.6.1 also resolves issues affecting modern TLS deployments. A flaw causing excessive memory allocation when handling TLS 1.3 CompressedCertificate messages has been fixed, as well as a problem involving unauthenticated or unencrypted trailing bytes in low-level OCB function calls.
Additional fixes address missing ASN.1 type validation in timestamp response verification and PKCS#12 parsing, as well as an ASN.1 type confusion issue in PKCS7 digest processing.
Beyond security vulnerabilities, the release corrects two regressions introduced in OpenSSL 3.6.0. One restores the previous behavior of the X509_V_FLAG_CRL_CHECK_ALL flag, while the other fixes handshake failures caused by incorrect handling of stapled OCSP responses when OpenSSL 3.6.0 servers interact with certain client implementations.
The project recommends that users and distributions relying on OpenSSL 3.6.x update promptly, particularly where TLS services, certificate validation, or PKCS#12 handling are exposed.
For more information, see the changelog.
