Severity:
('Low', ['ELSLANG-26268'])
Release date:
2026-04-17 15:33:48 UTC
Description:
* SECURITY UPDATE: command-line option injection in webbrowser.open()
- debian/patches/CVE-2026-4519.patch: reject leading dashes in
webbrowser.open() URLs to prevent command-line option injection
in browser subprocesses
- CVE-2026-4519
Updated packages:
-
alt-python36_3.6.15-29_amd64.deb
sha:54045eca783812176cdd6421f4893d81b54c36d0
-
alt-python36-debug_3.6.15-29_amd64.deb
sha:820821985b0dfa2f4ef536a4ccc58448f40d13fb
-
alt-python36-devel_3.6.15-29_amd64.deb
sha:b00d5e7c12d297fc64639219b6caaf2ec416d3e1
-
alt-python36-libs_3.6.15-29_amd64.deb
sha:07d18258fa49278fbc044a88ed62ce3b20d2a49e
-
alt-python36-test_3.6.15-29_amd64.deb
sha:d5b146eb6f2437e8f04e7cedeb69e9d98bf3c491
-
alt-python36-tkinter_3.6.15-29_amd64.deb
sha:9507d8ec386a21edfe68d2f8545022b0e25deb01
-
alt-python36-tools_3.6.15-29_amd64.deb
sha:f3a578be976b17bf352e417297d25666f9cd8573
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
