[CLSA-2026:1772631219] python3: Fix of 5 CVEs
Type:
security
Severity:
Important
Release date:
2026-03-04 13:33:44 UTC
Description:
- CVE-2024-12718: extractall: re-apply the filter at directory-attribute fixup, skip fixup if the entry is no longer a directory - CVE-2025-4138: data_filter: strip .. components from symlink targets in data_filter to prevent traversal via symlinks in the link target - CVE-2025-4330: re-apply filter when a hard/symlink extraction falls back to copying another archive member - CVE-2025-4435: extract/extractall: don't extract rejected members when errorlevel=0 - CVE-2025-4517: raise exceptions on OS errors in realpath to prevent overly-long symlink chains from evading destination bounds checking
Updated packages:
  • platform-python-3.6.8-62.el8.tuxcare.els1.i686.rpm
    sha:914610efd8ebcbf7da0da20fcbfc7459e82e32a8a401c21a34b7bf9a2c7d1fde
  • platform-python-3.6.8-62.el8.tuxcare.els1.x86_64.rpm
    sha:0dbd5bd3df8acac9f65e861c4748fb69016631aa925141662c5c2682d69e5855
  • platform-python-debug-3.6.8-62.el8.tuxcare.els1.i686.rpm
    sha:6c7b31461f1e1e6b3d4f60ea3738140b106c8d049250242b64fe44481c038306
  • platform-python-debug-3.6.8-62.el8.tuxcare.els1.x86_64.rpm
    sha:792c69b08e7adf9ddae8fc59e91d6d32ac5513920fcf569a020ddbc717247411
  • platform-python-devel-3.6.8-62.el8.tuxcare.els1.i686.rpm
    sha:72af9ed30dcec6346a890649b650cf0b42bab5795188e5a9e4bec693e9340cb0
  • platform-python-devel-3.6.8-62.el8.tuxcare.els1.x86_64.rpm
    sha:d115989f88088c8b37afd79f96c0c6c64aa9859ecd051491127940f4763431da
  • python3-devel-3.6.8-62.el8.tuxcare.els1.x86_64.rpm
    sha:effd2a95d55e43147b0102e474ffd50a8bd5a83c6f91784deedefe47dfe9ab66
  • python3-idle-3.6.8-62.el8.tuxcare.els1.i686.rpm
    sha:081f1c909790c04a8cec57e1d4198bf5eddf66b4d361ead07e59641675546b3f
  • python3-idle-3.6.8-62.el8.tuxcare.els1.x86_64.rpm
    sha:d48664f65c37e24ed4f87af410c9941cc13b72259c8116383353f90de63d295b
  • python3-libs-3.6.8-62.el8.tuxcare.els1.i686.rpm
    sha:073062bb2cbdc23bf9d11dbac84a34f9a68752ecfe83cd4c106f60f69907813f
  • python3-libs-3.6.8-62.el8.tuxcare.els1.x86_64.rpm
    sha:66a975820f0620ba9dde2c8dff94e25442872fcc8252b62b8ff2db51c57c86ad
  • python3-test-3.6.8-62.el8.tuxcare.els1.i686.rpm
    sha:8b11120180adc3e55009a4656fc7eba31c1c969363be6c2692866a268c3a24d0
  • python3-test-3.6.8-62.el8.tuxcare.els1.x86_64.rpm
    sha:953504c0f12840fc41f2cd775e0ab34427e3973706e35e740c6aeea8ab7e3ca1
  • python3-tkinter-3.6.8-62.el8.tuxcare.els1.i686.rpm
    sha:554f630e212f8bd61709281197772a89215a78a77bf61a3c3941258d163fc9e9
  • python3-tkinter-3.6.8-62.el8.tuxcare.els1.x86_64.rpm
    sha:8238c9c8c6f1ac0dada3fcd6a193b568b89e4593e8cb7630cf3d9848e1421454
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.