Release date:
2026-04-28 12:28:24 UTC
Description:
* SECURITY UPDATE: use-after-free in lzma/bz2/gzip decompressors
- debian/patches/CVE-2026-6100.patch: null next_in at the error:
label of decompress() in Modules/_bz2module.c and
Modules/_lzmamodule.c so the decompressor cannot be re-used
with a stale buffer pointer after a MemoryError.
- CVE-2026-6100
Updated packages:
-
alt-python38_3.8.20-13_amd64.deb
sha:e0fe181e19689e9bf53362c35ebb37f0432e3fba
-
alt-python38-debug_3.8.20-13_amd64.deb
sha:f1727777fff35a88aede5f8ee7c8dac8dc8e3aa5
-
alt-python38-devel_3.8.20-13_amd64.deb
sha:17d84b70770cd931a6143979d44345b600054ad6
-
alt-python38-idle_3.8.20-13_amd64.deb
sha:0624b5beb11797df4ab6370a86f5c484c2decaa7
-
alt-python38-libs_3.8.20-13_amd64.deb
sha:c020addf818debd326f83dad2336a44bf47edbe4
-
alt-python38-test_3.8.20-13_amd64.deb
sha:a6dadf1d97ecc26cae85965022dd690ed8c1424d
-
alt-python38-tkinter_3.8.20-13_amd64.deb
sha:8b58c70c1dd4326deff20ed39515c99ba1663d84
-
alt-python38_3.8.20-13_arm64.deb
sha:307a00d3081e61de22854d76a12daed2d53da85b
-
alt-python38-debug_3.8.20-13_arm64.deb
sha:db0f03a5d974ad8fe186849b926c0f1efdd09e8c
-
alt-python38-devel_3.8.20-13_arm64.deb
sha:668e3c6faca47a6a0ee1b597c1496c551580ef8b
-
alt-python38-idle_3.8.20-13_arm64.deb
sha:92f8175b2ba0a58f283e0debb01253a1d4a001ae
-
alt-python38-libs_3.8.20-13_arm64.deb
sha:3615777dd5728a6b39425cde5768be84082d7c30
-
alt-python38-test_3.8.20-13_arm64.deb
sha:19f36b3b7323a3f778e17104295273dccd7fb641
-
alt-python38-tkinter_3.8.20-13_arm64.deb
sha:10c9942148d02fb8b736ad9e9e35523bc1d6f065
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
