Release date:
2025-10-13 14:50:04 UTC
Description:
* SECURITY UPDATE: Overwriting of arbitrary files by remote attackers
- debian/patches/CVE-2007-4559.patch: implement PEP 706 - a filter in
the tarfile module to prevent directory traversal vulnerability
- CVE-2007-4559
* SECURITY UPDATE: Bypass of domain e-mail-based protection mechanism by
incorrect parsing of e-mail addresses that contain a special character
- debian/patches/CVE-2023-27043.patch: reject malformed addresses in
email.parseaddr()
- CVE-2023-27043
* SECURITY UPDATE: Bypass of the TLS handshake and included protections
- debian/patches/CVE-2023-40217.patch: check for & avoid the ssl
pre-close flaw
- CVE-2023-40217
Updated packages:
-
alt-python36_3.6.15-17_amd64.deb
sha:0052a2c6bfb9a91f5c2489a6b5c19891d067ac21
-
alt-python36-debug_3.6.15-17_amd64.deb
sha:a05ca6ba86c9ea2a09d22f2ad69eab4642e7a02e
-
alt-python36-devel_3.6.15-17_amd64.deb
sha:6cb05da2a5e96caaa96450ab5b210af1cca7f660
-
alt-python36-libs_3.6.15-17_amd64.deb
sha:0f97f0a27f23fbce5e46656936dde1bb4ac40d7d
-
alt-python36-test_3.6.15-17_amd64.deb
sha:10ab922a8ac3bef6976cedf7cb0345628c8d2500
-
alt-python36-tkinter_3.6.15-17_amd64.deb
sha:f344d3895ebddc0cba3b85ea9c1f4a8d51333546
-
alt-python36-tools_3.6.15-17_amd64.deb
sha:e3251aa5a646c0beafddbd8e3d9674c3cfd72a0b
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
