Release date:
2026-03-04 10:06:02 UTC
Description:
* SECURITY UPDATE: defect in 'tarfile' module leads to infinite loop and
deadlock in parsing of maliciously crafted tar archives
- debian/patches/CVE-2025-8194.patch: Validate archives to ensure member
offsets are non-negative
- CVE-2025-8194
Updated packages:
-
alt-python37_3.7.17-14_amd64.deb
sha:13591fde5f9e4ac7f95c864ff7a2d889e5b47b2b
-
alt-python37-debug_3.7.17-14_amd64.deb
sha:e78db244993f2ebe363ea591a7e2a47b2961e7b0
-
alt-python37-devel_3.7.17-14_amd64.deb
sha:0bcabd3b1c6361758599d3fb4c76cc1ff89e9047
-
alt-python37-libs_3.7.17-14_amd64.deb
sha:a487caf50dfb5411ecfc27fa6c01493e0963d2f2
-
alt-python37-test_3.7.17-14_amd64.deb
sha:bf2cba8628866b2027cf1b5fa273d17533cbe1bf
-
alt-python37-tkinter_3.7.17-14_amd64.deb
sha:0fe2ce311a1acdfc6d75ed1109045937f99ec69c
-
alt-python37-tools_3.7.17-14_amd64.deb
sha:32b4b95076a9fd50c7a79549c020acfcbfa205f4
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
