Release date:
2026-05-22 13:49:50 UTC
Description:
- CVE-2026-4224: Modules/pyexpat.c conv_content_model could overflow the
C stack when an Expat parser with a registered ElementDeclHandler
parsed a deeply nested DTD content model, causing a denial-of-service.
Wrap conv_content_model with Py_EnterRecursiveCall so deep nesting
raises RuntimeError instead of crashing.
- CVE-2026-0672 + CVE-2026-3644: Lib/Cookie.py Morsel accepted control
characters in reserved-attribute values, in key/value/coded_value
via .set(), and via the inherited dict.update() / pickle restoration
paths, allowing newline-based HTTP header injection via Set-Cookie.
Add a _has_control_character helper and validate at Morsel.__setitem__,
.setdefault, .set, an explicit .update, an explicit .__setstate__, plus
re-validate the assembled output in Morsel.js_output and
BaseCookie.output (defence-in-depth against direct attribute mutation).
The py3 __ior__ hunk is not ported (py2 dict has no `|=` operator).
Updated packages:
-
alt-python27-2.7.18-32.el10.x86_64.rpm
sha:5e6d012a2a00a1511e3bf368e5a0545c34800430d199a7dba90289f338290cdc
-
alt-python27-debug-2.7.18-32.el10.x86_64.rpm
sha:7642aee4cb38f27243db33dbe9819dd13ae607af258b08530d24ae1481e63a85
-
alt-python27-devel-2.7.18-32.el10.x86_64.rpm
sha:484ba261c2a0979ff930a6d061e6b9fd94be60ac01dabaa0f180874a6f8600bf
-
alt-python27-libs-2.7.18-32.el10.x86_64.rpm
sha:467a5ed575d7dc3b5c363e90fc5d3c27deb88bc2bb6bb46eb0724fb97567dfa5
-
alt-python27-test-2.7.18-32.el10.x86_64.rpm
sha:28341d1b9f7fa1d540691f4097d97a846747156e18ee7cb93e40938cf1929487
-
alt-python27-tkinter-2.7.18-32.el10.x86_64.rpm
sha:cf9711d99acb6231f5336a600f543b6ecabffaa8d60fbd006369d2bcf9ded51f
-
alt-python27-tools-2.7.18-32.el10.x86_64.rpm
sha:92cad7a95f933cd5bf4a4dd3b755dd72a10a17496f563e921bb23ec3736d2424
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
