Release date:
2026-03-05 12:12:05 UTC
Description:
* SECURITY UPDATE: defect in 'tarfile' module leads to infinite loop and
deadlock in parsing of maliciously crafted tar archives
- debian/patches/CVE-2025-8194.patch: Validate archives to ensure member
offsets are non-negative
- CVE-2025-8194
Updated packages:
-
alt-python38_3.8.20-11_amd64.deb
sha:3d7fd3067503ef1b4e3d9c4e5bd5d46e2cee6717
-
alt-python38-debug_3.8.20-11_amd64.deb
sha:072a1b9ca51eaef030cb593309e9c4834841652a
-
alt-python38-devel_3.8.20-11_amd64.deb
sha:3d5f9b30549079bbbf1d706d15b1b0e0e31555d1
-
alt-python38-idle_3.8.20-11_amd64.deb
sha:a7ebce1f977451ba12fe4340c1381cb83a83a7fe
-
alt-python38-libs_3.8.20-11_amd64.deb
sha:968e5f1f3d9a2c46c2246ce690d956cb85644808
-
alt-python38-test_3.8.20-11_amd64.deb
sha:5d99fa2af730502c4129289bbd1fa18746344c32
-
alt-python38-tkinter_3.8.20-11_amd64.deb
sha:543d71a714ba176f46e3de726125e4083f306aa9
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
