Release date:
2026-03-03 16:36:13 UTC
Description:
* SECURITY UPDATE: defect in 'tarfile' module leads to infinite loop and
deadlock in parsing of maliciously crafted tar archives
- debian/patches/CVE-2025-8194.patch: Validate archives to ensure member
offsets are non-negative
- CVE-2025-8194
Updated packages:
-
alt-python36_3.6.15-28_amd64.deb
sha:6bd6aa6f5c6a47fc44195e94574e01daf815767a
-
alt-python36-debug_3.6.15-28_amd64.deb
sha:d9db1226922c03931372bfe05c823d2165e35e81
-
alt-python36-devel_3.6.15-28_amd64.deb
sha:7f5e64b3b6da3cccd4bf7413f5cf3eaeaad07dd2
-
alt-python36-libs_3.6.15-28_amd64.deb
sha:3f9e04736899d605e08c9129c380f18a6c94aedd
-
alt-python36-test_3.6.15-28_amd64.deb
sha:8ece4d61b4146fe7b7b86766b6349f2a477ae18e
-
alt-python36-tkinter_3.6.15-28_amd64.deb
sha:c7c595eb013829e05f9234165496ab5f0cbdd81d
-
alt-python36-tools_3.6.15-28_amd64.deb
sha:467e6f86cad3c4c3e449e14c35857c2c473dfa79
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
