Release date:
2026-05-22 15:20:04 UTC
Description:
- CVE-2026-4224: Modules/pyexpat.c conv_content_model could overflow the
C stack when an Expat parser with a registered ElementDeclHandler
parsed a deeply nested DTD content model, causing a denial-of-service.
Wrap conv_content_model with Py_EnterRecursiveCall so deep nesting
raises RuntimeError instead of crashing.
- CVE-2026-0672 + CVE-2026-3644: Lib/Cookie.py Morsel accepted control
characters in reserved-attribute values, in key/value/coded_value
via .set(), and via the inherited dict.update() / pickle restoration
paths, allowing newline-based HTTP header injection via Set-Cookie.
Add a _has_control_character helper and validate at Morsel.__setitem__,
.setdefault, .set, an explicit .update, an explicit .__setstate__, plus
re-validate the assembled output in Morsel.js_output and
BaseCookie.output (defence-in-depth against direct attribute mutation).
The py3 __ior__ hunk is not ported (py2 dict has no `|=` operator).
Updated packages:
-
alt-python27-2.7.18-32.el8.x86_64.rpm
sha:9a9a782cccff06da40f22c54765388fbf6225be077a11b17be655d0b935526a9
-
alt-python27-debug-2.7.18-32.el8.x86_64.rpm
sha:531d8c94fa086903c734ff012184e689388899720bf6a25bdbc42aa52f7ccd73
-
alt-python27-devel-2.7.18-32.el8.x86_64.rpm
sha:ca81d00b693be1d8dcb2b86dbcb78a9acd93d10c43b841be3caf7da76e7d91a4
-
alt-python27-libs-2.7.18-32.el8.x86_64.rpm
sha:468704c721d4ec647d4ec12840a47fcf3b92ba2e10833cafe0e0fd96a2fe8fba
-
alt-python27-test-2.7.18-32.el8.x86_64.rpm
sha:8f14c7bab595da3f9ed13f95c10022209d25f2d730770e601491858e9de27613
-
alt-python27-tkinter-2.7.18-32.el8.x86_64.rpm
sha:ff114de0b34e608ef24e1dfba4be89711dcf77a88fcb01729d2c0d5c75305f13
-
alt-python27-tools-2.7.18-32.el8.x86_64.rpm
sha:81468c7703427e263633989fee84e10d28b1467b368abd062f490ca725f3d162
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
