[Git][security-tracker-team/security-tracker][master] new pyopenssl issues

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6365b564 by Moritz Muehlenhoff at 2026-03-18T10:42:44+01:00
new pyopenssl issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -112,9 +112,13 @@ CVE-2026-27523 (OpenClaw versions prior to 2026.2.24 contain a sandbox bind vali
 CVE-2026-27522 (OpenClaw versions prior to 2026.2.24 contain a local media root bypass ...)
 	NOT-FOR-US: OpenClaw
 CVE-2026-27459 (pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in  ...)
-	TODO: check
+	- pyopenssl <unfixed>
+	NOTE: https://github.com/pyca/pyopenssl/security/advisories/GHSA-5pwr-322w-8jr4
+	NOTE: https://github.com/pyca/pyopenssl/commit/57f09bb4bb051d3bc2a1abd36e9525313d5cd408 (26.0.0)
 CVE-2026-27448 (pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in  ...)
-	TODO: check
+	- pyopenssl <unfixed>
+	NOTE: https://github.com/pyca/pyopenssl/security/advisories/GHSA-vp96-hxj8-p424
+	NOTE: https://github.com/pyca/pyopenssl/commit/d41a814759a9fb49584ca8ab3f7295de49a85aa0	(26.0.0)
 CVE-2026-26004 (Sentry is a developer-first error tracking and performance monitoring  ...)
 	NOT-FOR-US: Sentry
 CVE-2026-26001 (The GLPI Inventory Plugin handles network discovery, inventory, softwa ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6365b564330c5dd2947f309cf77770e18fb95edb

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6365b564330c5dd2947f309cf77770e18fb95edb
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260318/fcf3b13c/attachment-0001.htm>