Release date:
2025-10-13 14:48:44 UTC
Description:
* SECURITY UPDATE: Overwriting of arbitrary files by remote attackers
- debian/patches/CVE-2007-4559.patch: implement PEP 706 - a filter in
the tarfile module to prevent directory traversal vulnerability
- CVE-2007-4559
* SECURITY UPDATE: Bypass of domain e-mail-based protection mechanism by
incorrect parsing of e-mail addresses that contain a special character
- debian/patches/CVE-2023-27043.patch: reject malformed addresses in
email.parseaddr()
- CVE-2023-27043
* SECURITY UPDATE: Bypass of the TLS handshake and included protections
- debian/patches/CVE-2023-40217.patch: check for & avoid the ssl
pre-close flaw
- CVE-2023-40217
Updated packages:
-
alt-python36_3.6.15-17_amd64.deb
sha:35f6ce0e318c6c4af08e16d452f4d40a7540855c
-
alt-python36-debug_3.6.15-17_amd64.deb
sha:ad632eb8724bac5b7471acbb4f3393ad52d5b3aa
-
alt-python36-devel_3.6.15-17_amd64.deb
sha:56ff25bf67f6311dc9ad0734ef447b2265dac65f
-
alt-python36-libs_3.6.15-17_amd64.deb
sha:ca2a36a409c1c3ccbce6d6d39dcffbd33a626c82
-
alt-python36-test_3.6.15-17_amd64.deb
sha:d5a54136102d0e33092a4687a07833cf19adcd0f
-
alt-python36-tkinter_3.6.15-17_amd64.deb
sha:1dbc8313855e9582283538f42395ff649da20261
-
alt-python36-tools_3.6.15-17_amd64.deb
sha:8e3f9921ae56b51dd15194e055024a250ff8174d
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
