Download Latest Version
OpenSSL 3.6.0 source code.tar.gz (55.2 MB)
Get an email when there's a new version of OpenSSL Project
| Name | Modified | Size | Downloads / Week |
|---|---|---|---|
| Parent folder | |||
| openssl-3.5.4.tar.gz | 2025-09-30 | 53.2 MB | |
| openssl-3.5.4.tar.gz.asc | 2025-09-30 | 833 Bytes | |
| openssl-3.5.4.tar.gz.sha1 | 2025-09-30 | 63 Bytes | |
| openssl-3.5.4.tar.gz.sha256 | 2025-09-30 | 87 Bytes | |
| OpenSSL 3.5.4 source code.tar.gz | 2025-09-30 | 53.4 MB | |
| OpenSSL 3.5.4 source code.zip | 2025-09-30 | 56.9 MB | |
| README.md | 2025-09-30 | 892 Bytes | |
| Totals: 7 Items | 163.5 MB | 7 | |
OpenSSL 3.5.4 is a security patch release. The most severe CVE fixed in this release is Moderate.
This release incorporates the following bug fixes and mitigations:
-
Fix Out-of-bounds read & write in RFC 3211 KEK Unwrap. (CVE-2025-9230)
-
Fix Timing side-channel in SM2 algorithm on 64 bit ARM. (CVE-2025-9231)
-
Fix Out-of-bounds read in HTTP client no_proxy handling. (CVE-2025-9232)
-
Reverted the synthesised
OPENSSL_VERSION_NUMBERchange for the release builds, as it broke some exiting applications that relied on the previous 3.x semantics, as documented inOpenSSL_version(3).