Release date:
2026-04-28 20:59:14 UTC
Description:
* SECURITY UPDATE: use-after-free in lzma/bz2/gzip decompressors
- debian/patches/CVE-2026-6100.patch: null next_in at the error:
label of decompress() in Modules/_bz2module.c and
Modules/_lzmamodule.c so the decompressor cannot be re-used
with a stale buffer pointer after a MemoryError.
- CVE-2026-6100
Updated packages:
-
alt-python38_3.8.20-13_amd64.deb
sha:b63bd072fe8492b5324f4f182ef823dcad07269f
-
alt-python38-debug_3.8.20-13_amd64.deb
sha:8ed5897f105065ee7e56208a28737575263e563e
-
alt-python38-devel_3.8.20-13_amd64.deb
sha:495aac997120b7d3a53c782d1d1f95c965233f04
-
alt-python38-idle_3.8.20-13_amd64.deb
sha:70cc430bf289d47c694aec301978cded91b13dae
-
alt-python38-libs_3.8.20-13_amd64.deb
sha:b9f645d060e85837f09912397c12d248d215e012
-
alt-python38-test_3.8.20-13_amd64.deb
sha:cca7fbf7554d18b6572dcca95d3532e3a50d7fd5
-
alt-python38-tkinter_3.8.20-13_amd64.deb
sha:f5f7b0bb757a1692b89f4b382cf36b8e8cd75fa8
-
alt-python38_3.8.20-13_arm64.deb
sha:7dfba654cfc64c3697674641ba0dfa08c683737e
-
alt-python38-debug_3.8.20-13_arm64.deb
sha:c694f55a060107165b968d2666c5bd5d00700bc8
-
alt-python38-devel_3.8.20-13_arm64.deb
sha:b1311057d9a0eff287a135a78c761b0b18ec004a
-
alt-python38-idle_3.8.20-13_arm64.deb
sha:7d73754914215180339e88b3c2fbc050067c84a9
-
alt-python38-libs_3.8.20-13_arm64.deb
sha:264993298a269198c7aab949ba9604d0ddb809c2
-
alt-python38-test_3.8.20-13_arm64.deb
sha:23c4df683bd2e92657fc4868dc6f131ef320782e
-
alt-python38-tkinter_3.8.20-13_arm64.deb
sha:c59a8a5ad214e8d74edfabc764205cbd7308c26b
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
