Security update 5.0.8 for Multi-Linux Manager Salt Bundle

This update fixes the following issues: venv-salt-minion: Security issues fixed: CVE-2026-31958: tornado: Fixed parsing large multipart bodies with many parts can cause a denial of service bsc1259554 CVE-2026-27459: pyOpenSSL: Fixed issue with large cookie value that can lead to a buffer overflow...

USN-8335-1 pyopenssl vulnerability

It was discovered that pyOpenSSL incorrectly handled exceptions in the tlsextservername callback. This could result in connections being accepted after an exception, contrary to expectations...

pyOpenSSL: DTLS cookie callback buffer overflow

A flaw was found in pyOpenSSL. The setcookiegeneratecallback callback function can be used to generate DTLS cookies. When the callback returns a cookie string or byte sequence longer than 256 bytes, a buffer overflow can be triggered due to a missing bounds checking before copying the data to a...

Fedora 44 : pyOpenSSL (2026-5697f4e025)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-5697f4e025 advisory. Update to version 26.0.0 - Added support for using aws-lc instead of OpenSSL. - Properly raise an error if a DTLS cookie callback returned a cookie...

CVE-2026-27459

pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 22.0.0 and prior to version 26.0.0, if a user provided callback to setcookiegeneratecallback returned a cookie value greater than 256 bytes, pyOpenSSL would overflow an OpenSSL provided buffer. Starting in version 26.0....

CVE-2026-27459 pyOpenSSL DTLS cookie callback buffer overflow

pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 22.0.0 and prior to version 26.0.0, if a user provided callback to setcookiegeneratecallback returned a cookie value greater than 256 bytes, pyOpenSSL would overflow an OpenSSL provided buffer. Starting in version 26.0....