Severity:
('Low', ['ELSLANG-26266'])
Release date:
2026-04-17 14:55:46 UTC
Description:
* SECURITY UPDATE: command-line option injection in webbrowser.open()
- debian/patches/CVE-2026-4519.patch: reject leading dashes in
webbrowser.open() URLs to prevent command-line option injection
in browser subprocesses
- CVE-2026-4519
Updated packages:
-
alt-python36_3.6.15-29_amd64.deb
sha:c9a08e092ec292eaeabad27512fd2b0337494cd1
-
alt-python36-debug_3.6.15-29_amd64.deb
sha:02c756dfbb513fe260810f8661ea1efa50f80ef8
-
alt-python36-devel_3.6.15-29_amd64.deb
sha:83d442c00e174703b6c9910a949d2e7382da44b8
-
alt-python36-libs_3.6.15-29_amd64.deb
sha:74cccd7182d654898d2627b2061683252f0b0307
-
alt-python36-test_3.6.15-29_amd64.deb
sha:0df3f7d16d3e7bddf792ade8f4baa9962d013fed
-
alt-python36-tkinter_3.6.15-29_amd64.deb
sha:ac3bb1205b24ce7a69aaf25397ba03299870ecae
-
alt-python36-tools_3.6.15-29_amd64.deb
sha:24a0e63fd82a2b172ede637225d5285a9882a01f
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
