Release date:
2026-05-14 20:22:42 UTC
Description:
- CVE-2019-9740: reject control characters in HTTP URL paths in
httplib.HTTPConnection.putrequest to prevent CRLF header injection
- CVE-2019-18348: reject control characters in hostnames in
httplib.HTTPConnection.__init__ via a new _validate_host helper to
prevent CRLF header injection (the glibc CVE-2016-10739 mitigation
shipped on RHEL 7+ is not present on CentOS 6 / Oracle Linux 6 ELS)
- CVE-2018-1000030: cache the readahead buffer thread-locally inside
file_iternext to fix heap buffer corruption and crashes when multiple
threads iterate over the same file object
Updated packages:
-
python-2.6.6-70.el6.tuxcare.els22.i686.rpm
sha:1871aedee374d48d3b27589355a9b8dd7958a3342db3668b36d4adf0800b74db
-
python-2.6.6-70.el6.tuxcare.els22.x86_64.rpm
sha:a8df21237d370c6043ac2b810c197b7cb9138c7c35d5a48ea659ace26e31e710
-
python-devel-2.6.6-70.el6.tuxcare.els22.i686.rpm
sha:51bd3b3fac8ffbcd6d8536b27f9c2ba30d0f2364d51af8b3eedf8c900ef7c307
-
python-devel-2.6.6-70.el6.tuxcare.els22.x86_64.rpm
sha:18fc6ad5fadf311dba1b9622b7edb080a3cebe18da1df692bdfdb35cde82b4ed
-
python-libs-2.6.6-70.el6.tuxcare.els22.i686.rpm
sha:fd6c2ebc94c7f5cf9adc755ca2b17235233ca08decaf9104c8eb9f94914e8c16
-
python-libs-2.6.6-70.el6.tuxcare.els22.x86_64.rpm
sha:aaaef3eb9ddd5bbd7480678012d4c6f8bfcbdca86a9e9b0bb76678c00a23023f
-
python-test-2.6.6-70.el6.tuxcare.els22.x86_64.rpm
sha:7f54cf5f7fa6f0a5839a822ab892486e998adedce1d7505cf78d267860da8473
-
python-tools-2.6.6-70.el6.tuxcare.els22.x86_64.rpm
sha:e2775e8f593981ebf18a7dffc37aef70c87fb712af9a791687701cb173535fc7
-
tkinter-2.6.6-70.el6.tuxcare.els22.x86_64.rpm
sha:1b8e0eae7fa09908fa5fc0416b9f80bb46ba8cdafe9741b16d7bd5ab7e1ddc43
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
