Release date:
2026-03-05 11:26:09 UTC
Description:
* SECURITY UPDATE: defect in 'tarfile' module leads to infinite loop and
deadlock in parsing of maliciously crafted tar archives
- debian/patches/CVE-2025-8194.patch: Validate archives to ensure member
offsets are non-negative
- CVE-2025-8194
Updated packages:
-
alt-python39_3.9.23-9_amd64.deb
sha:a0bed26ac85514577980c4d38f6f568f20e76322
-
alt-python39-debug_3.9.23-9_amd64.deb
sha:3e051faca8329076415c132ffd5fc607af919dd0
-
alt-python39-devel_3.9.23-9_amd64.deb
sha:996cd44eddb02cb112d1de30db212325bedff90b
-
alt-python39-idle_3.9.23-9_amd64.deb
sha:69a6497547138c17cf0fe6c11f614fc48022077e
-
alt-python39-libs_3.9.23-9_amd64.deb
sha:e223d12aef34b191bd835ba1782502f39cee81c0
-
alt-python39-test_3.9.23-9_amd64.deb
sha:2bf62196b8a06725bcf95b7386a5f55356487aee
-
alt-python39-tkinter_3.9.23-9_amd64.deb
sha:ae53330df50c24720f729fc7e24ad8e284d77ddb
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
