Fixed
Created: Mar 18, 2026
Updated: May 10, 2026
Resolved Date: May 7, 2026
Found In Version: 10.25.33.2
Fix Version: 10.25.33.9
Severity: Standard
Applicable for: Wind River Linux LTS 25
Component/s: Userspace
pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 0.14.0 and prior to version 26.0.0, if a user provided callback to `set_tlsext_servername_callback` raised an unhandled exception, this would result in a connection being accepted. If a user was relying on this callback for any security-sensitive behavior, this could allow bypassing it. Starting in version 26.0.0, unhandled exceptions now result in rejecting the connection.
