Release date:
2026-05-14 19:23:48 UTC
Description:
- CVE-2019-9740: reject control characters in HTTP URL paths in
httplib.HTTPConnection.putrequest to prevent CRLF header injection
- CVE-2019-18348: reject control characters in hostnames in
httplib.HTTPConnection.__init__ via a new _validate_host helper to
prevent CRLF header injection (the glibc CVE-2016-10739 mitigation
shipped on RHEL 7+ is not present on CentOS 6 / Oracle Linux 6 ELS)
- CVE-2018-1000030: cache the readahead buffer thread-locally inside
file_iternext to fix heap buffer corruption and crashes when multiple
threads iterate over the same file object
Updated packages:
-
python-2.6.6-70.el6.tuxcare.els22.i686.rpm
sha:bf622a1a7be2b4ec620e10c2b598f83e42dda40d560b0801da0c6ad63315f2e0
-
python-2.6.6-70.el6.tuxcare.els22.x86_64.rpm
sha:24717b8ebc4abcda76d7262cf6310748850ee53ef6a6297fb2298afdd90df655
-
python-devel-2.6.6-70.el6.tuxcare.els22.i686.rpm
sha:ff590260b601689182daea631f1ece1176de3d3ebacd5589beab5c418b1da2c7
-
python-devel-2.6.6-70.el6.tuxcare.els22.x86_64.rpm
sha:8d50f19a17af35f0f2fdfb8343bf938d4cb6c3303f7239bd62c42b04f5e0123f
-
python-libs-2.6.6-70.el6.tuxcare.els22.i686.rpm
sha:6e54b5b239656f5a6d515190eb91eccfcaf6cb648338f69c3bc4f0c8dba49590
-
python-libs-2.6.6-70.el6.tuxcare.els22.x86_64.rpm
sha:7b8ba8f354fb473f87f43689873890bd01fb6277129cbe4a39cec5551b0c96d2
-
python-test-2.6.6-70.el6.tuxcare.els22.x86_64.rpm
sha:cccf4f3262136c14104ef202b07384a691394809520b72e5cf88a78b18722944
-
python-tools-2.6.6-70.el6.tuxcare.els22.x86_64.rpm
sha:5461b4524ecbbd1a3c55421b619988c1fc38f28e6b40c2470c8746a67a9d52ab
-
tkinter-2.6.6-70.el6.tuxcare.els22.x86_64.rpm
sha:05997693dcb12eed4bcfad9bdb10a9ad33f0f40354c119a898697cc86d3d2346
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
