Severity:
('Low', ['ELSLANG-26267'])
Release date:
2026-04-17 14:40:02 UTC
Description:
* SECURITY UPDATE: command-line option injection in webbrowser.open()
- debian/patches/CVE-2026-4519.patch: reject leading dashes in
webbrowser.open() URLs to prevent command-line option injection
in browser subprocesses
- CVE-2026-4519
Updated packages:
-
alt-python27_2.7.18-14_amd64.deb
sha:94b047eb04235e685826c3af61a0fc394f544ffa
-
alt-python27-debug_2.7.18-14_amd64.deb
sha:dbfce3f77a0572ddd694be576e922e1dd85fa3b1
-
alt-python27-devel_2.7.18-14_amd64.deb
sha:282b24742a00dc6b634023e287d620146a7f5a0b
-
alt-python27-idle_2.7.18-14_amd64.deb
sha:35264dbc27ea890b66ed61c7cd7771e3bccb2a04
-
alt-python27-libs_2.7.18-14_amd64.deb
sha:263971ce97a59029afe5eaa7e272560217634887
-
alt-python27-test_2.7.18-14_amd64.deb
sha:1a063cade00533a0d809d5fc24122c2794730a05
-
alt-python27-tkinter_2.7.18-14_amd64.deb
sha:2065746f0b22cbf3ac78c3b2d274d65b2f2c7358
-
alt-python27-tools_2.7.18-14_amd64.deb
sha:5325da8b4c136273f44fd3228ef35797df02f53e
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
