Home / mailings [USN-8335-1] pyOpenSSL vulnerability
Posted on 28 May 2026
Ubuntu Security==========================================================================Ubuntu Security Notice USN-8335-1
May 28, 2026
pyopenssl vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
pyOpenSSL could allow unintended access to network services.
Software Description:
- pyopenssl: Python wrapper around the OpenSSL library
Details:
It was discovered that pyOpenSSL incorrectly handled exceptions in the
tlsext_servername callback. This could result in connections being accepted
after an exception, contrary to expectations.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS
python-openssl 19.0.0-1ubuntu0.1~esm1
Available with Ubuntu Pro
python3-openssl 19.0.0-1ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 18.04 LTS
python-openssl 17.5.0-1ubuntu1+esm1
Available with Ubuntu Pro
python3-openssl 17.5.0-1ubuntu1+esm1
Available with Ubuntu Pro
Ubuntu 16.04 LTS
python-openssl 0.15.1-2ubuntu0.2+esm1
Available with Ubuntu Pro
python3-openssl 0.15.1-2ubuntu0.2+esm1
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-8335-1
CVE-2026-27448
--===============1461786779044724690==Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
