Release date:
2026-03-04 09:49:54 UTC
Description:
* SECURITY UPDATE: defect in 'tarfile' module leads to infinite loop and
deadlock in parsing of maliciously crafted tar archives
- debian/patches/CVE-2025-8194.patch: Validate archives to ensure member
offsets are non-negative
- CVE-2025-8194
Updated packages:
-
alt-python36_3.6.15-28_amd64.deb
sha:7e321638cd631bc219f601b1ed54421e08380e1b
-
alt-python36-debug_3.6.15-28_amd64.deb
sha:758e397e5d978be9aa5fa528bd656e0eb0bb20a2
-
alt-python36-devel_3.6.15-28_amd64.deb
sha:bdcfdf48233799a3b1fa38fdb86b0aad5c14fbfc
-
alt-python36-libs_3.6.15-28_amd64.deb
sha:b157a8230ba5483a55e8609239204e3899b7c858
-
alt-python36-test_3.6.15-28_amd64.deb
sha:82b4b7d5ed5518da300bba0768307989cd5bf203
-
alt-python36-tkinter_3.6.15-28_amd64.deb
sha:50bb94eb0f6214aff46137275c5bdaa2e540a1da
-
alt-python36-tools_3.6.15-28_amd64.deb
sha:af23b20b2cd038b3e26758ff75753242b2b4a30f
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
