Nixpkgs security tracker
Untriaged
Activity log
- Created suggestion
pyOpenSSL DTLS cookie callback buffer overflow
pyOpenSSL is a Python wrapper around the OpenSSL library. Starting in version 22.0.0 and prior to version 26.0.0, if a user provided callback to `set_cookie_generate_callback` returned a cookie value greater than 256 bytes, pyOpenSSL would overflow an OpenSSL provided buffer. Starting in version 26.0.0, cookie values that are too long are now rejected.
References
-
https://github.com/pyca/pyopenssl/security/advisories/GHSA-5pwr-322w-8jr4 x_refsource_CONFIRM
Affected products
pyopenssl
- ==>= 22.0.0, < 26.0.0
Matching in nixpkgs
pkgs.python312Packages.pyopenssl
Python wrapper around the OpenSSL library
pkgs.python313Packages.pyopenssl
Python wrapper around the OpenSSL library
pkgs.python314Packages.pyopenssl
Python wrapper around the OpenSSL library
pkgs.python312Packages.types-pyopenssl
Typing stubs for pyopenssl
-
nixos-25.11 24.1.0.20240722
- nixos-25.11-small 24.1.0.20240722
- nixpkgs-25.11-darwin 24.1.0.20240722
pkgs.python313Packages.types-pyopenssl
Typing stubs for pyopenssl
-
nixos-unstable 24.1.0.20240722
- nixpkgs-unstable 24.1.0.20240722
- nixos-unstable-small 24.1.0.20240722
-
nixos-25.11 24.1.0.20240722
- nixos-25.11-small 24.1.0.20240722
- nixpkgs-25.11-darwin 24.1.0.20240722
pkgs.python314Packages.types-pyopenssl
Typing stubs for pyopenssl
-
nixos-unstable 24.1.0.20240722
- nixpkgs-unstable 24.1.0.20240722
- nixos-unstable-small 24.1.0.20240722
Package maintainers
-
@gador Florian Brandes <florian.brandes@posteo.de>