Severity:
('Low', ['ELSLANG-26206'])
Release date:
2026-04-17 10:04:32 UTC
Description:
* SECURITY UPDATE: command-line option injection in webbrowser.open()
- debian/patches/CVE-2026-4519.patch: reject leading dashes in
webbrowser.open() URLs to prevent command-line option injection
in browser subprocesses
- CVE-2026-4519
Updated packages:
-
alt-python36_3.6.15-29_amd64.deb
sha:effa394066d2e18d64aa2c65752fdec64724509a
-
alt-python36-debug_3.6.15-29_amd64.deb
sha:4f9e2fbf88117b64d3728609cef74c8e8da2c896
-
alt-python36-devel_3.6.15-29_amd64.deb
sha:deaa332f1c174677a0e6af5111ba95a30307d440
-
alt-python36-libs_3.6.15-29_amd64.deb
sha:7f0b4e5a2c857daff535147aa37c42b462ab2a69
-
alt-python36-test_3.6.15-29_amd64.deb
sha:7ba5cf4ebb753fd100d945929f5c9cea296fc6dc
-
alt-python36-tkinter_3.6.15-29_amd64.deb
sha:944278b29cdcfd9790907dda16fabebf1280b39e
-
alt-python36-tools_3.6.15-29_amd64.deb
sha:21f93080723d2f27f1cbb1046fb7d08983a733b8
-
alt-python36_3.6.15-29_arm64.deb
sha:3de589ab0f19e52b9c76b854ceec67718bf09c56
-
alt-python36-debug_3.6.15-29_arm64.deb
sha:421a1e816881393fca8a5ecfe951b1ae5563b60d
-
alt-python36-devel_3.6.15-29_arm64.deb
sha:3e140c306c39d85f46eea6e1b00033a112bcc1ce
-
alt-python36-libs_3.6.15-29_arm64.deb
sha:3d4e9dfeb8429c0bc7b80098199ecc31d635c285
-
alt-python36-test_3.6.15-29_arm64.deb
sha:9b3e858f93e470fe2c53a25a595a89baa473536d
-
alt-python36-tkinter_3.6.15-29_arm64.deb
sha:4d2994706e1feccb7555191b5a9354aeefaa56f6
-
alt-python36-tools_3.6.15-29_arm64.deb
sha:cbbf7a5cc232d15e8cdce3338338132c196cefa6
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
