Hi all.

My security team is asking me about this critical OpenSSL vulnerability CVE-2025-15467 and fix for AIX. Latest OpenSSL version available on AIX Web Download pack is 3.0.16 which does not address this vulnerability.

Is there an impact summary I can pass to them, or scheduled fix for OpenSSL?

Thank you in advance.

Hi Sveinn,

CVE-2025-15467 impacts 3.0 OpenSSL version. Fix for the same will be delivered as ifix with prerequisite as openssl.base 3.0.16.1000 VRMF.

ETA : February 16th 2026

Thanks,

Akanksha Priya

Hi all.

My security team is asking me about this critical OpenSSL vulnerability CVE-2025-15467 and fix for AIX. Latest OpenSSL version available on AIX Web Download pack is 3.0.16 which does not address this vulnerability.

Is there an impact summary I can pass to them, or scheduled fix for OpenSSL?

Thank you in advance.

Hi Sveinn,

CVE-2025-15467 impacts 3.0 OpenSSL version. Fix for the same will be delivered as ifix with prerequisite as openssl.base 3.0.16.1000 VRMF.

ETA : February 16th 2026

Thanks,

Akanksha Priya

Hi all.

My security team is asking me about this critical OpenSSL vulnerability CVE-2025-15467 and fix for AIX. Latest OpenSSL version available on AIX Web Download pack is 3.0.16 which does not address this vulnerability.

Is there an impact summary I can pass to them, or scheduled fix for OpenSSL?

Thank you in advance.

Hi Akanksha,

I'm also waiting for this ifix. I need to have an answer for the delivery date to comnicate that at my management

Regards

Michel Oger

Hi Sveinn,

CVE-2025-15467 impacts 3.0 OpenSSL version. Fix for the same will be delivered as ifix with prerequisite as openssl.base 3.0.16.1000 VRMF.

ETA : February 16th 2026

Thanks,

Akanksha Priya

Hi all.

My security team is asking me about this critical OpenSSL vulnerability CVE-2025-15467 and fix for AIX. Latest OpenSSL version available on AIX Web Download pack is 3.0.16 which does not address this vulnerability.

Is there an impact summary I can pass to them, or scheduled fix for OpenSSL?

Thank you in advance.

Hi all.

Apparently openssl_fix46.tar has made available and it contains fix for CVE-2025-15467 and handful of lesser CVEs.

Cheers!

Hi Akanksha,

I'm also waiting for this ifix. I need to have an answer for the delivery date to comnicate that at my management

Regards

Michel Oger

Hi Sveinn,

CVE-2025-15467 impacts 3.0 OpenSSL version. Fix for the same will be delivered as ifix with prerequisite as openssl.base 3.0.16.1000 VRMF.

ETA : February 16th 2026

Thanks,

Akanksha Priya

Hi all.

My security team is asking me about this critical OpenSSL vulnerability CVE-2025-15467 and fix for AIX. Latest OpenSSL version available on AIX Web Download pack is 3.0.16 which does not address this vulnerability.

Is there an impact summary I can pass to them, or scheduled fix for OpenSSL?

Thank you in advance.

I wonder if the hold up was IBM kept seeing more CVEs and restarting the development cycle without releasing. That will be something they have to watch in the future.

Hi all.

Apparently openssl_fix46.tar has made available and it contains fix for CVE-2025-15467 and handful of lesser CVEs.

Cheers!

Hi Akanksha,

I'm also waiting for this ifix. I need to have an answer for the delivery date to comnicate that at my management

Regards

Michel Oger

Hi Sveinn,

CVE-2025-15467 impacts 3.0 OpenSSL version. Fix for the same will be delivered as ifix with prerequisite as openssl.base 3.0.16.1000 VRMF.

ETA : February 16th 2026

Thanks,

Akanksha Priya

Hi all.

My security team is asking me about this critical OpenSSL vulnerability CVE-2025-15467 and fix for AIX. Latest OpenSSL version available on AIX Web Download pack is 3.0.16 which does not address this vulnerability.

Is there an impact summary I can pass to them, or scheduled fix for OpenSSL?

Thank you in advance.

To be honest I wonder how a response time of 40 days can be justified for an OpenSSL CVE with a score of 9.8

Comparing this response with other OS vendors has me worried.

I wonder if the hold up was IBM kept seeing more CVEs and restarting the development cycle without releasing. That will be something they have to watch in the future.

Hi all.

Apparently openssl_fix46.tar has made available and it contains fix for CVE-2025-15467 and handful of lesser CVEs.

Cheers!

Hi Akanksha,

I'm also waiting for this ifix. I need to have an answer for the delivery date to comnicate that at my management

Regards

Michel Oger

Hi Sveinn,

CVE-2025-15467 impacts 3.0 OpenSSL version. Fix for the same will be delivered as ifix with prerequisite as openssl.base 3.0.16.1000 VRMF.

ETA : February 16th 2026

Thanks,

Akanksha Priya

Hi all.

My security team is asking me about this critical OpenSSL vulnerability CVE-2025-15467 and fix for AIX. Latest OpenSSL version available on AIX Web Download pack is 3.0.16 which does not address this vulnerability.

Is there an impact summary I can pass to them, or scheduled fix for OpenSSL?

Thank you in advance.

Hi all.

My security team is asking me about this critical OpenSSL vulnerability CVE-2025-15467 and fix for AIX. Latest OpenSSL version available on AIX Web Download pack is 3.0.16 which does not address this vulnerability.

Is there an impact summary I can pass to them, or scheduled fix for OpenSSL?

Thank you in advance.