Release date:
2026-03-04 09:57:26 UTC
Description:
* SECURITY UPDATE: defect in 'tarfile' module leads to infinite loop and
deadlock in parsing of maliciously crafted tar archives
- debian/patches/CVE-2025-8194.patch: Validate archives to ensure member
offsets are non-negative
- CVE-2025-8194
Updated packages:
-
alt-python36_3.6.15-28_amd64.deb
sha:fe4ad1bb58e191264518bac3bd52a3f6626b9600
-
alt-python36-debug_3.6.15-28_amd64.deb
sha:3f5861d79caf59def86ea39105572477d7d02c9e
-
alt-python36-devel_3.6.15-28_amd64.deb
sha:394c68782dd3407e519c85261513ae24274f57dc
-
alt-python36-libs_3.6.15-28_amd64.deb
sha:a39e0465a59ceb96feb5e36969a44cd32d4068b8
-
alt-python36-test_3.6.15-28_amd64.deb
sha:d2d6a1f554cee934f600b50a492039b98e1f9cc8
-
alt-python36-tkinter_3.6.15-28_amd64.deb
sha:49a181e39bca28d7faa92700520006c9248081e8
-
alt-python36-tools_3.6.15-28_amd64.deb
sha:6bab01abb4f82c6497b82a9120d4a0442185b33b
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
