Severity:
('Low', ['ELSLANG-26247'])
Release date:
2026-04-17 09:54:48 UTC
Description:
* SECURITY UPDATE: command-line option injection in webbrowser.open()
- debian/patches/CVE-2026-4519.patch: reject leading dashes in
webbrowser.open() URLs to prevent command-line option injection
in browser subprocesses
- CVE-2026-4519
Updated packages:
-
alt-python27_2.7.18-14_amd64.deb
sha:26b55f142a485473bbc5e8bba672b31d53dbf5b5
-
alt-python27-debug_2.7.18-14_amd64.deb
sha:b522ab1e66c41b8bf90160f56b6a93024f04faa8
-
alt-python27-devel_2.7.18-14_amd64.deb
sha:8bade6d43d105982795cb12bc27035aa3176ba00
-
alt-python27-idle_2.7.18-14_amd64.deb
sha:0803f3bced50b0a3f9735a31beb2e2785d553a2d
-
alt-python27-libs_2.7.18-14_amd64.deb
sha:180c387821a5710ef9da0ed39564f674d415f38b
-
alt-python27-test_2.7.18-14_amd64.deb
sha:5aefac5a809b41beae6cbf79a8f1aceea5136cdc
-
alt-python27-tkinter_2.7.18-14_amd64.deb
sha:81c121422b00ee78df3dc271191b25ee0a6e1ee1
-
alt-python27-tools_2.7.18-14_amd64.deb
sha:33641b43f92825057e6451e53048a649044e1cf7
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
