Deepin

OpenSSL released security fixes for 13 vulnerabilities, including 2 high/medium-risk issues. CVE-2025-15467 (High) involves a CMS AuthEnvelopedData parsing stack buffer overflow that could lead to remote code execution. CVE-2025-11187 (Moderate) concerns missing PKCS#12 PBMAC1 parameter validation causing potential stack-based buffer overflow. Deepin users should upgrade to version 3.2.4-0deepin6 or higher using apt update and upgrade commands. The deepin team responded within 48 hours, completing patch adaptation and testing from initial advisory to repository push.

OpenSSL Multiple Vulnerabilities Fixed, Please Upgrade ASAP! – Deepin Technology Community

III. Timeline (All times in Beijing Time)