[CLSA-2026:1779213441] python3.11: Fix of 11 CVEs
Type:
security
Severity:
Moderate
Release date:
2026-05-19 17:57:25 UTC
Description:
- CVE-2026-4224: avoid unbound C recursion in conv_content_model in pyexpat - CVE-2026-3644: reject control characters in http.cookies.Morsel.update() - CVE-2026-0672: reject control characters in http.cookies.Morsel - CVE-2025-8291: check consistency of zip64 end of central directory record - CVE-2025-6069: fix quadratic complexity in processing special input in HTMLParser - CVE-2025-4516: fix use-after-free in the unicode-escape decoder with error handler - CVE-2025-15282: reject control characters in data URL mediatypes - CVE-2025-11468: preserve parenthesis when folding email comments - CVE-2026-3479: reject invalid resource arguments in pkgutil.get_data() - CVE-2026-2297: ensure SourcelessFileLoader uses io.open_code - CVE-2024-5642: disallow setting an empty list for ssl NPN protocols
Updated packages:
  • python3.11-3.11.11-2.el9_6.2.tuxcare.els8.i686.rpm
    sha:2800205807c7385c9bf09d97a607453e8ddea6b738064c49dca0d1e67f017d12
  • python3.11-3.11.11-2.el9_6.2.tuxcare.els8.x86_64.rpm
    sha:cfa2499923bee44448e18a26ed4403b3b368f4ccd9ff130793367c7e28a28994
  • python3.11-debug-3.11.11-2.el9_6.2.tuxcare.els8.i686.rpm
    sha:a035a8b83396e601858e8b1021079641b6de41af5fdb0160b4f2c40bb5c46077
  • python3.11-debug-3.11.11-2.el9_6.2.tuxcare.els8.x86_64.rpm
    sha:754eac8c6c384a480cc995cccad4e5860465153c8068ed97eddba947ab644a53
  • python3.11-devel-3.11.11-2.el9_6.2.tuxcare.els8.i686.rpm
    sha:40a2bb7a399f3ed0e7e0d8b23f2313bf1a7a8d5793e6697476fba4219800b97c
  • python3.11-devel-3.11.11-2.el9_6.2.tuxcare.els8.x86_64.rpm
    sha:f5d84a878831acf700e27df5fc24f21a29d01a5effcbe71a7d1517a32f13a6fa
  • python3.11-idle-3.11.11-2.el9_6.2.tuxcare.els8.i686.rpm
    sha:75d3d67d3389bd5c255a4b91aeadc674c5012603de1bbd49f0955df65cfc1ce4
  • python3.11-idle-3.11.11-2.el9_6.2.tuxcare.els8.x86_64.rpm
    sha:3f77dd71ca1863acd20bf284c363aab1bdeb9239865c1434c23e42f089459c3e
  • python3.11-libs-3.11.11-2.el9_6.2.tuxcare.els8.i686.rpm
    sha:f255dab05f7f99146ca1371dd061594e5012d750997ced8122f8c8824299d860
  • python3.11-libs-3.11.11-2.el9_6.2.tuxcare.els8.x86_64.rpm
    sha:ea4a95362b829f7ea6068d5947a64a69709b368acf9e5a3dfff83cf8c015f819
  • python3.11-test-3.11.11-2.el9_6.2.tuxcare.els8.i686.rpm
    sha:df89a59531c9c3e53d4e9cf6f02042f52adf1914aac20a3304915e0d9567eff8
  • python3.11-test-3.11.11-2.el9_6.2.tuxcare.els8.x86_64.rpm
    sha:9a16355d743fe1bfe99202af4cbbd83a31d16fe366c7ebf1ded02a45ccad258d
  • python3.11-tkinter-3.11.11-2.el9_6.2.tuxcare.els8.i686.rpm
    sha:21a1814c1e661ccdb7084446be8186ddeff40717d82d5586b7e061f35dd4c886
  • python3.11-tkinter-3.11.11-2.el9_6.2.tuxcare.els8.x86_64.rpm
    sha:f7b9d3ff8bad33c1e16de748be58ea436d39b354ec7dff08af1bb7a4b2da2814
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.