Severity:
('Low', ['ELSLANG-26259'])
Release date:
2026-04-17 14:24:47 UTC
Description:
* SECURITY UPDATE: command-line option injection in webbrowser.open()
- debian/patches/CVE-2026-4519.patch: reject leading dashes in
webbrowser.open() URLs to prevent command-line option injection
in browser subprocesses
- CVE-2026-4519
Updated packages:
-
alt-python27_2.7.18-14_amd64.deb
sha:1e18c991d9ac21d6946426d2077c424e998e340e
-
alt-python27-debug_2.7.18-14_amd64.deb
sha:58d8cb3c6c4fa65e9ce5a16312d4be2e2e509851
-
alt-python27-devel_2.7.18-14_amd64.deb
sha:3aa79a9201c06ab7d9393f93efd6233859a67f50
-
alt-python27-idle_2.7.18-14_amd64.deb
sha:2463c7f6865c10d1ce5a2fffadd50de7aaf98769
-
alt-python27-libs_2.7.18-14_amd64.deb
sha:f20465374f9b1675dc08cd2ab6e343b48f67ca28
-
alt-python27-test_2.7.18-14_amd64.deb
sha:188734c1f8f340e14ac19c73c73aeebee9ae28f0
-
alt-python27-tkinter_2.7.18-14_amd64.deb
sha:c462745238dee9cf6c1eff3786a75a1ab8483fb2
-
alt-python27-tools_2.7.18-14_amd64.deb
sha:a5da9bb683687a9cfaa66a6a2a303a768851aa4e
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
