Issued:

2026-04-27

Updated:

2026-04-27

RHSA-2026:10754 - Important: RHUI 4.11.4 security update - python-pyOpenSSL

Synopsis

Important: RHUI 4.11.4 security update - python-pyOpenSSL

Type/Severity

Security Advisory Important

Topic

An updated version of Red Hat Update Infrastructure (RHUI) is now available. RHUI 4.11.4 resolves a security vulnerability in pyOpenSSL.

Description

Red Hat Update Infrastructure (RHUI) provides a highly scalable and redundant framework for managing repositories and content. It also allows cloud providers to deliver content and updates to Red Hat Enterprise Linux (RHEL) instances.

Security Fixes:

• pyOpenSSL: DTLS cookie callback buffer overflow (CVE-2026-27459)

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.

For detailed instructions on how to apply this update, see: https://docs.redhat.com/en/documentation/red_hat_update_infrastructure/4/html/migrating_red_hat_update_infrastructure/assembly_upgrading-red-hat-update-infrastructure_migrating-red-hat-update-infrastructure

Note: While there is no updated version of rhui-installer, for this update to take effect, it is necessary to rerun rhui-installer on the RHUA node and to reinstall the CDS nodes, as described in the documentation.

For other information, see the product documentation: https://docs.redhat.com/en/documentation/red_hat_update_infrastructure/4

Affected Products

Updated Packages

• python3.11-pyOpenSSL-24.1.0-2.el8ui.noarch.rpm
• python-pyOpenSSL-24.1.0-2.el8ui.src.rpm

Fixes

• This content is not included.BZ - 2448503

CVEs

• CVE-2026-27459

References

• https://access.redhat.com/security/updates/classification/#important

Additional information

• The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at Security Contacts and Procedures.
• Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.