-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

=============================================================================
FreeBSD-EN-26:15.openssl                                        Errata Notice
                                                          The FreeBSD Project

Topic:          Update OpenSSL to 3.0.20 and 3.5.6

Category:       contrib
Module:         openssl
Announced:      2026-06-09
Affects:        All supported versions of FreeBSD.
Corrected:      2026-04-12 02:15:10 UTC (stable/15, 15.0-STABLE)
                2026-06-09 19:19:33 UTC (releng/15.0, 15.0-RELEASE-p10)
                2026-04-13 00:12:11 UTC (stable/14, 14.4-STABLE)
                2026-06-09 19:18:58 UTC (releng/14.4, 14.4-RELEASE-p6)
                2026-06-09 19:18:25 UTC (releng/14.3, 14.3-RELEASE-p15)
CVE Name:       CVE-2026-2673, CVE-2026-28387, CVE-2026-28388,
                CVE-2026-28389, CVE-2026-31789, CVE-2026-31790

For general information regarding FreeBSD Errata Notices and Security
Advisories, including descriptions of the fields above, security
branches, and the following sections, please visit
<URL:https://security.FreeBSD.org/>.

I.   Background

FreeBSD includes software from the OpenSSL Project.  The OpenSSL Project is a
collaborative effort to develop a robust, commercial-grade, full-featured
Open Source toolkit for the Transport Layer Security (TLS) protocol.  It is
also a general-purpose cryptography library.

II.  Problem Description

The OpenSSL releases included with the affected FreeBSD versions predate
OpenSSL 3.0.20 (FreeBSD 14) and 3.5.6 (FreeBSD 15).  This update imports the
current upstream point release on each branch.  The import resolves several
issues affecting different OpenSSL versions, and therefore different FreeBSD
versions.  Instead of listing detailed writeups for each issue, please see
the referenced advisory from OpenSSL.

Issues affecting FreeBSD 15 (OpenSSL 3.5):
  CVE-2026-2673  - DEFAULT keyword corrupts the key-agreement group list
  CVE-2026-28387 - Possible use-after-free in DANE client code
  CVE-2026-28388 - NULL dereference when processing a delta CRL
  CVE-2026-28389 - NULL dereference processing CMS KeyAgreeRecipientInfo
  CVE-2026-31789 - Heap buffer overflow in hexadecimal conversion
  CVE-2026-31790 - NULL dereference processing CMS KeyTransRecipientInfo

Issues affecting FreeBSD 14 (OpenSSL 3.0):
  CVE-2026-28387 - Possible use-after-free in DANE client code
  CVE-2026-28388 - NULL dereference when processing a delta CRL
  CVE-2026-28389 - NULL dereference processing CMS KeyAgreeRecipientInfo
  CVE-2026-31789 - Heap buffer overflow in hexadecimal conversion
  CVE-2026-31790 - NULL dereference processing CMS KeyTransRecipientInfo

III. Impact

The issues include missing input validation, NULL pointer dereferences, a
use-after-free, and a heap buffer overflow.  Impact is generally limited
to a crash and a Denial of Service.  See the OpenSSL advisory for specific
details.

IV.  Workaround

No workaround is available.

V.   Solution

Upgrade your system to a supported FreeBSD stable or release / security
branch (releng) dated after the correction date.  A reboot is required
following the upgrade to ensure that all applications and kernel code are
rebuilt with the updated OpenSSL-provided code.

Perform one of the following:

1) To update your system installed from base system packages:

Systems running a 15.0-RELEASE version of FreeBSD on the amd64 or arm64
platforms, which were installed using base system packages, can be updated
via the pkg(8) utility:

# pkg upgrade -r FreeBSD-base
# shutdown -r +10min "Rebooting for an erratum fix"

2) To update your system installed from binary distribution sets:

Systems running a RELEASE version of FreeBSD on the amd64 or arm64 platforms
which were not installed using base system packages can be updated via the
freebsd-update(8) utility:

# freebsd-update fetch
# freebsd-update install
# shutdown -r +10min "Rebooting for an erratum fix"

3) To update your system via a source code patch:

The following patches have been verified to apply to the applicable
FreeBSD release branches.

a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.

[FreeBSD 15.0]
# fetch https://security.FreeBSD.org/patches/EN-26:15/openssl-15.0.patch
# fetch https://security.FreeBSD.org/patches/EN-26:15/openssl-15.0.patch.asc
# gpg --verify openssl-15.0.patch.asc

[FreeBSD 14.4]
# fetch https://security.FreeBSD.org/patches/EN-26:15/openssl-14.4.patch
# fetch https://security.FreeBSD.org/patches/EN-26:15/openssl-14.4.patch.asc
# gpg --verify openssl-14.4.patch.asc

[FreeBSD 14.3]
# fetch https://security.FreeBSD.org/patches/EN-26:15/openssl-14.3.patch
# fetch https://security.FreeBSD.org/patches/EN-26:15/openssl-14.3.patch.asc
# gpg --verify openssl-14.3.patch.asc

b) Apply the patch.  Execute the following commands as root:

# cd /usr/src
# patch < /path/to/patch

c) Recompile the operating system using buildworld and installworld as
described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.

Restart all daemons that use the library, or reboot the system.

VI.  Correction details

This issue is corrected as of the corresponding Git commit hash in the
following stable and release branches:

Branch/path                             Hash                     Revision
- -------------------------------------------------------------------------
stable/15/                              51a80be04fe6    stable/15-n282933
releng/15.0/                            0f6e90c4cc4f  releng/15.0-n281050
stable/14/                              27ac9d336f71    stable/14-n273945
releng/14.4/                            1bfe60bae8b8  releng/14.4-n273712
releng/14.3/                            d95a8c20f3bc  releng/14.3-n271512
- -------------------------------------------------------------------------

Run the following command to see which files were modified by a
particular commit:

# git show --stat <commit hash>

Or visit the following URL, replacing NNNNNN with the hash:

<URL:https://cgit.freebsd.org/src/commit/?id=NNNNNN>

To determine the commit count in a working tree (for comparison against
nNNNNNN in the table above), run:

# git rev-list --count --first-parent HEAD

VII. References

<URL:https://openssl-library.org/news/secadv/20260407.txt>

<URL:https://www.cve.org/CVERecord?id=CVE-2026-2673>
<URL:https://www.cve.org/CVERecord?id=CVE-2026-28387>
<URL:https://www.cve.org/CVERecord?id=CVE-2026-28388>
<URL:https://www.cve.org/CVERecord?id=CVE-2026-28389>
<URL:https://www.cve.org/CVERecord?id=CVE-2026-31789>
<URL:https://www.cve.org/CVERecord?id=CVE-2026-31790>

The latest revision of this advisory is available at
<URL:https://security.FreeBSD.org/advisories/FreeBSD-EN-26:15.openssl.asc>
-----BEGIN PGP SIGNATURE-----

iQJPBAEBCgA5FiEEthUnfoEIffdcgYM7bljekB8AGu8FAmoolw4bFIAAAAAABAAO
bWFudTIsMi41KzEuMTIsMCwzAAoJEG5Y3pAfABrv5ewP/3XwoJ809Y0eVU/MrvNM
VujyPzQFeMYHg9Od8AYqCfL9AsJaPPnI9sDLHLTIlwfC34ahC8xksEhfpKAoVn/9
kSgKG8Evmb2xOxxz9mnH3cj/4IuyfvDoA7bWLI1yjdjXdm7rP9dE+nI0xktm1aeX
TkMHrpTzeR0F/M1fehjuUuYKdHzINvorKFA49fZm3GvDWogLPWGzU2fLhpHwGa8Z
D7Maxi9U+cuv5zlw6GxKHvPTJTwzLy7F9GejFEq+25YFdhvyKe7ZB8J33ttz1nlc
Ee8z/QkJM/O8/YrvX2i4ZqFmSjgOPbOrbSOiLo13Yusj1TQn/wmsuymP4Vjxf7xM
7ERML9TW1yti0ZCxriwcWUNSt7agPqP18Gjo2las1v8EVuGZ3PB/EhMmP+s0RPtd
ZhVSK7UVJiX0zrIhE5bse+2A67l71rDNLKh7pt7P2FFID2yKLDBgUjMoUbNODsvO
rOeZ09ndMQT24yrkjYM7uKHqmicQs/uBJzXItEr8NU5psKe4gIAfzrWDSl6Lg53y
yJPtEitkcGPHRwDV4fdCcauri2fiw1S8yWH6DXl/CLviAApE9w7NRpD181g0eo5E
QkRHy/rge2A9vK00KGpZsm7HPeIggdob3iK9TkYg3N+tZhBRfh7WtnQR7ZN7iMpv
J6mK8Rm9NoDASI4IXgdRR5gs
=Ocgt
-----END PGP SIGNATURE-----