Release date:
2025-12-04 10:17:48 UTC
Description:
* SECURITY UPDATE: Command injection vulnerability in venv module activation
scripts when virtual environment paths contain special shell characters
- debian/patches/CVE-2024-9287.patch: Properly quote template
strings in venv activation scripts
Updated packages:
-
alt-python38_3.8.20-4_amd64.deb
sha:3c093acc70b52bc8cf424b52c5e08d9b70da8365
-
alt-python38-debug_3.8.20-4_amd64.deb
sha:b523441c9e32979f3bb451a86efdfaa247fbc17f
-
alt-python38-devel_3.8.20-4_amd64.deb
sha:2e9ff7c36d93145f1761dbd7c4b0c0b03ef76ae9
-
alt-python38-idle_3.8.20-4_amd64.deb
sha:b741acad44c78e1148986784671f1d45b7a21fdb
-
alt-python38-libs_3.8.20-4_amd64.deb
sha:30ebea8e1ef58295279cd8b0d77f078a00a560cc
-
alt-python38-test_3.8.20-4_amd64.deb
sha:d6c2922365e7e276d094b384a96cefa57a93ec7a
-
alt-python38-tkinter_3.8.20-4_amd64.deb
sha:25bc286f0f64222ee4be2676cb3a132c2ce5f594
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
