Release date:
2026-03-05 11:32:40 UTC
Description:
* SECURITY UPDATE: defect in 'tarfile' module leads to infinite loop and
deadlock in parsing of maliciously crafted tar archives
- debian/patches/CVE-2025-8194.patch: Validate archives to ensure member
offsets are non-negative
- CVE-2025-8194
Updated packages:
-
alt-python39_3.9.23-9_amd64.deb
sha:a53c3e172271854fb3ef6fda9371c6f042157ecd
-
alt-python39-debug_3.9.23-9_amd64.deb
sha:3e051faca8329076415c132ffd5fc607af919dd0
-
alt-python39-devel_3.9.23-9_amd64.deb
sha:f0f50f539c498eb48f6207056646e0304e776c40
-
alt-python39-idle_3.9.23-9_amd64.deb
sha:842cd88f996c4ac229f310e2ecf22857525c7cc1
-
alt-python39-libs_3.9.23-9_amd64.deb
sha:8b7110104d70bc62d2dbe6657249e299d04fa829
-
alt-python39-test_3.9.23-9_amd64.deb
sha:a558d5d640cbe9e64cbe3e150b7d2e9a33dff1bd
-
alt-python39-tkinter_3.9.23-9_amd64.deb
sha:7230992f28ac9a12260bf7d1db5a29e7fb8dbccc
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
