[CLSA-2026:1782894738] python: Fix of CVE-2007-4559
Type:
security
Severity:
Critical
Release date:
2026-07-07 13:50:38 UTC
Description:
- CVE-2007-4559: backport the PEP 706 tarfile extraction filters (filter= argument, fully_trusted/tar/data filters, TarFile.extraction_filter). Opt-in: the default is unchanged and remains vulnerable; pass filter='data' to block the directory traversal.
CVEs fixed:
Updated packages:
  • python-2.7.5-94.0.1.el7_9.tuxcare.els10.x86_64.rpm
    sha:705f82b14a42d37579c7fd8384a3cc294f7ac63408e02140999e9a1df0fe4b05
  • python-debug-2.7.5-94.0.1.el7_9.tuxcare.els10.x86_64.rpm
    sha:14151db0dc00228249e6a6b61b2fc3ac93a7df3fb6aa3904ab2c2983f64b2684
  • python-devel-2.7.5-94.0.1.el7_9.tuxcare.els10.x86_64.rpm
    sha:2b70e54e1604314fd5eec1b0f741d8a4029df5e62973085ae042271f498cde89
  • python-libs-2.7.5-94.0.1.el7_9.tuxcare.els10.i686.rpm
    sha:16107b98cb1218a1145d31b9008184ae1a3c8c84fe17dcf9b1dd860187ac8458
  • python-libs-2.7.5-94.0.1.el7_9.tuxcare.els10.x86_64.rpm
    sha:8ea7a815f0fe3e672649e49585987c71d80482d7656a810ac2a4541d45d1349e
  • python-test-2.7.5-94.0.1.el7_9.tuxcare.els10.x86_64.rpm
    sha:efd5a90aa4c95a2f88c60ea8b05cbb8a8075a34d6099b840b80a8d1dd70ffc3c
  • python-tools-2.7.5-94.0.1.el7_9.tuxcare.els10.x86_64.rpm
    sha:efe73d490edc013fa06079b2b848c76d56f07b4e80ceac46dbdbd4ff98de3688
  • tkinter-2.7.5-94.0.1.el7_9.tuxcare.els10.x86_64.rpm
    sha:f1e5617f2266d8899c62db167c80b7b0d47239b89d4b620bb1ccd457bc91cfdf
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.