Release date:
2025-12-04 10:14:09 UTC
Description:
* SECURITY UPDATE: Command injection vulnerability in venv module activation
scripts when virtual environment paths contain special shell characters
- debian/patches/CVE-2024-9287.patch: Properly quote template
strings in venv activation scripts
Updated packages:
-
alt-python38_3.8.20-4_amd64.deb
sha:c74a6abcc2393f2b1c135397103cb830b2e76d8c
-
alt-python38-debug_3.8.20-4_amd64.deb
sha:46d6fd7b3dbcb8358faeee7e12509ce8e95e4f5f
-
alt-python38-devel_3.8.20-4_amd64.deb
sha:64ae3a29dcf6361d79ea41f08ab03fc057d741ef
-
alt-python38-idle_3.8.20-4_amd64.deb
sha:333c205b486c6c873de75c74966db4edb62ea84a
-
alt-python38-libs_3.8.20-4_amd64.deb
sha:b90edab45f4495c0dd8f7fa25ca95ab30fbff274
-
alt-python38-test_3.8.20-4_amd64.deb
sha:cddbb7e261e4248d277cb9a416d3ddbd70dd7804
-
alt-python38-tkinter_3.8.20-4_amd64.deb
sha:e6632af8b71307b68a6fb235799d870de351eb1e
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
