Release date:
2026-03-04 09:53:45 UTC
Description:
* SECURITY UPDATE: defect in 'tarfile' module leads to infinite loop and
deadlock in parsing of maliciously crafted tar archives
- debian/patches/CVE-2025-8194.patch: Validate archives to ensure member
offsets are non-negative
- CVE-2025-8194
Updated packages:
-
alt-python36_3.6.15-28_amd64.deb
sha:391998e5e674eb918ba52d0bde4ce1fe11d06121
-
alt-python36-debug_3.6.15-28_amd64.deb
sha:d31a6663f212a298c450b723e419079b65ca4383
-
alt-python36-devel_3.6.15-28_amd64.deb
sha:fdca33c1ca0e13f42804b652617cb5a3bb51b1a2
-
alt-python36-libs_3.6.15-28_amd64.deb
sha:3c8d57d62c0092ca36b19cf48830ee0744c5d6a0
-
alt-python36-test_3.6.15-28_amd64.deb
sha:7aa09fb36249a179bdaa39b3f0c6e6e007b0e159
-
alt-python36-tkinter_3.6.15-28_amd64.deb
sha:ed1760cca5931faf74ca9f3903aeb93c45f50f97
-
alt-python36-tools_3.6.15-28_amd64.deb
sha:ae69ae0a6c4361e00e46edbe23a15d93b0d8c9b9
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
