Release date:
2026-03-04 10:09:22 UTC
Description:
* SECURITY UPDATE: defect in 'tarfile' module leads to infinite loop and
deadlock in parsing of maliciously crafted tar archives
- debian/patches/CVE-2025-8194.patch: Validate archives to ensure member
offsets are non-negative
- CVE-2025-8194
Updated packages:
-
alt-python37_3.7.17-14_amd64.deb
sha:4300639e942bcab077d9201506136fdcff0d947c
-
alt-python37-debug_3.7.17-14_amd64.deb
sha:961ba1567230692826dcc799729372c8a01bccf4
-
alt-python37-devel_3.7.17-14_amd64.deb
sha:cc5a3949ee4d19a0452b07a22f2ca4f86f23ba3a
-
alt-python37-libs_3.7.17-14_amd64.deb
sha:5cedaaa59ce4fff4036f19a31dbcd3fc68a7c0e3
-
alt-python37-test_3.7.17-14_amd64.deb
sha:bf07ab60a9e8bc950cc9bd89ab2f06ac0c8c48cd
-
alt-python37-tkinter_3.7.17-14_amd64.deb
sha:567e393693d22474c0874fad52df60df13524a3e
-
alt-python37-tools_3.7.17-14_amd64.deb
sha:32b4b95076a9fd50c7a79549c020acfcbfa205f4
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
