Release date:
2026-03-05 12:15:23 UTC
Description:
* SECURITY UPDATE: defect in 'tarfile' module leads to infinite loop and
deadlock in parsing of maliciously crafted tar archives
- debian/patches/CVE-2025-8194.patch: Validate archives to ensure member
offsets are non-negative
- CVE-2025-8194
Updated packages:
-
alt-python38_3.8.20-11_amd64.deb
sha:630494c76692c6165b65a4ab4adf5e186ae516e4
-
alt-python38-debug_3.8.20-11_amd64.deb
sha:1f3332eb84536c2c6236f98560d0164da87b87ad
-
alt-python38-devel_3.8.20-11_amd64.deb
sha:f5a5a27dee402d3c73a1b21b5777c26dbfbbbc5a
-
alt-python38-idle_3.8.20-11_amd64.deb
sha:7596a0e05b30a55ecdaf2c6fc8c2050228b40b77
-
alt-python38-libs_3.8.20-11_amd64.deb
sha:2a1e37af168b17a161fafc9f9d4c9e59768df866
-
alt-python38-test_3.8.20-11_amd64.deb
sha:beb88994f0c864545ecd0c098d5fcdcdcc2a8a51
-
alt-python38-tkinter_3.8.20-11_amd64.deb
sha:5d346ad52b95d3b38dc32a3e0f2c280ad8d46410
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
