Release date:
2026-03-03 16:43:34 UTC
Description:
* SECURITY UPDATE: defect in 'tarfile' module leads to infinite loop and
deadlock in parsing of maliciously crafted tar archives
- debian/patches/CVE-2025-8194.patch: Validate archives to ensure member
offsets are non-negative
- CVE-2025-8194
Updated packages:
-
alt-python36_3.6.15-28_amd64.deb
sha:8462843193cd220e8218238c8d50613a0b22c36a
-
alt-python36-debug_3.6.15-28_amd64.deb
sha:6382dda48232c56867948aae74a8ad7fe17e9913
-
alt-python36-devel_3.6.15-28_amd64.deb
sha:c453e8f724e81fde137439000f76c3e9d919a238
-
alt-python36-libs_3.6.15-28_amd64.deb
sha:5aa3423bce0cc9030558075228545a9981cfe2be
-
alt-python36-test_3.6.15-28_amd64.deb
sha:b08ca68fd023abd212ae4e72200677afa3e25685
-
alt-python36-tkinter_3.6.15-28_amd64.deb
sha:4b771f44d4241c7decedc9880d794f76dadca456
-
alt-python36-tools_3.6.15-28_amd64.deb
sha:4a41f8803bf9334fe2229df96fceaf85e1b73a8e
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
