Release date:
2026-05-22 12:44:34 UTC
Description:
- CVE-2026-4224: Modules/pyexpat.c conv_content_model could overflow the
C stack when an Expat parser with a registered ElementDeclHandler
parsed a deeply nested DTD content model, causing a denial-of-service.
Wrap conv_content_model with Py_EnterRecursiveCall so deep nesting
raises RuntimeError instead of crashing.
- CVE-2026-0672 + CVE-2026-3644: Lib/Cookie.py Morsel accepted control
characters in reserved-attribute values, in key/value/coded_value
via .set(), and via the inherited dict.update() / pickle restoration
paths, allowing newline-based HTTP header injection via Set-Cookie.
Add a _has_control_character helper and validate at Morsel.__setitem__,
.setdefault, .set, an explicit .update, an explicit .__setstate__, plus
re-validate the assembled output in Morsel.js_output and
BaseCookie.output (defence-in-depth against direct attribute mutation).
The py3 __ior__ hunk is not ported (py2 dict has no `|=` operator).
Updated packages:
-
alt-python27-2.7.18-32.el7.x86_64.rpm
sha:71ea48467a80cf8b19b0525161cece3e327e5b686a788f4ff6aba25578e59071
-
alt-python27-debug-2.7.18-32.el7.x86_64.rpm
sha:f0b90421b68cad0bb3fd2ba782088f4b1a7a0e25ae677d9ef07debeadbd879bf
-
alt-python27-devel-2.7.18-32.el7.x86_64.rpm
sha:86e2f4b09555d4005329d8b143273b8cf67ffc9b423e55fd2f8e1a41afa7dcf3
-
alt-python27-libs-2.7.18-32.el7.x86_64.rpm
sha:0b096578ea15359deb4323fe9a401e3ae5e0ff1a07e8c48c2b08362bec7eb062
-
alt-python27-test-2.7.18-32.el7.x86_64.rpm
sha:931e4c23de50d8bd091dce92d5f7163b1cb96653c4b8847a2f040f2bec1cfcfc
-
alt-python27-tkinter-2.7.18-32.el7.x86_64.rpm
sha:0b781a87ec37f21ff96b3adf1382575756b5046f37e72206ebb923f5c5b0d0c7
-
alt-python27-tools-2.7.18-32.el7.x86_64.rpm
sha:1375c39ff1a295a24421a675d17628a50c154b6f259f8c07c5fef8e0759bce58
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
