Release date:
2026-03-03 16:50:35 UTC
Description:
* SECURITY UPDATE: defect in 'tarfile' module leads to infinite loop and
deadlock in parsing of maliciously crafted tar archives
- debian/patches/CVE-2025-8194.patch: Validate archives to ensure member
offsets are non-negative
- CVE-2025-8194
Updated packages:
-
alt-python36_3.6.15-28_amd64.deb
sha:1535081b56f65b23f88cdadd6069a5502d87b0cd
-
alt-python36-debug_3.6.15-28_amd64.deb
sha:24c896303347596b91496f7c5efe7c490b444acd
-
alt-python36-devel_3.6.15-28_amd64.deb
sha:eb8a18d7d1a3d0ce416e2324f364a56686528c05
-
alt-python36-libs_3.6.15-28_amd64.deb
sha:4a3a435dbb19396bf9257824ca264814acfa051d
-
alt-python36-test_3.6.15-28_amd64.deb
sha:898ec615973b2ef735ea9adc3eda4d338a83ced6
-
alt-python36-tkinter_3.6.15-28_amd64.deb
sha:a9f1411fe35a320f7ae8b712efdd1fadf4564ab7
-
alt-python36-tools_3.6.15-28_amd64.deb
sha:8209bcb8f15f7fce4df07a3ac5ba2ae45b8de4f1
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
