Release date:
2025-10-13 14:52:38 UTC
Description:
* SECURITY UPDATE: Overwriting of arbitrary files by remote attackers
- debian/patches/CVE-2007-4559.patch: implement PEP 706 - a filter in
the tarfile module to prevent directory traversal vulnerability
- CVE-2007-4559
* SECURITY UPDATE: Bypass of domain e-mail-based protection mechanism by
incorrect parsing of e-mail addresses that contain a special character
- debian/patches/CVE-2023-27043.patch: reject malformed addresses in
email.parseaddr()
- CVE-2023-27043
* SECURITY UPDATE: Bypass of the TLS handshake and included protections
- debian/patches/CVE-2023-40217.patch: check for & avoid the ssl
pre-close flaw
- CVE-2023-40217
Updated packages:
-
alt-python36_3.6.15-17_amd64.deb
sha:1e214ca8155943165077a552b2570c4c932bba3c
-
alt-python36-debug_3.6.15-17_amd64.deb
sha:dc1633994b2244994b088464879fd8d40ad6fe21
-
alt-python36-devel_3.6.15-17_amd64.deb
sha:9bf24071beec70323a8c14ebf4be741ac30b9929
-
alt-python36-libs_3.6.15-17_amd64.deb
sha:75150f377b3c3d74b59fe371a6610d560cab4781
-
alt-python36-test_3.6.15-17_amd64.deb
sha:2d61da1742b44dab68fc90e84eea11c39defafa6
-
alt-python36-tkinter_3.6.15-17_amd64.deb
sha:0658680b6e24128888081d40fc997b52436dc5fc
-
alt-python36-tools_3.6.15-17_amd64.deb
sha:cb596bdd2e95dc4138034ab29949c96fffda9e8a
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
