Severity:
('Low', ['ELSLANG-26249'])
Release date:
2026-04-17 10:00:12 UTC
Description:
* SECURITY UPDATE: command-line option injection in webbrowser.open()
- debian/patches/CVE-2026-4519.patch: reject leading dashes in
webbrowser.open() URLs to prevent command-line option injection
in browser subprocesses
- CVE-2026-4519
Updated packages:
-
alt-python27_2.7.18-14_amd64.deb
sha:0fdb5ab952f16d21ccead4a1aaf326f741e5607f
-
alt-python27-debug_2.7.18-14_amd64.deb
sha:7b14bbfb76acd8bb104873c19cb327d900effbf6
-
alt-python27-devel_2.7.18-14_amd64.deb
sha:d83b7d372267972ebe4837b35f59504933dfeec8
-
alt-python27-idle_2.7.18-14_amd64.deb
sha:0803f3bced50b0a3f9735a31beb2e2785d553a2d
-
alt-python27-libs_2.7.18-14_amd64.deb
sha:54c034057d7113569e03a8881015f339e7cd5f81
-
alt-python27-test_2.7.18-14_amd64.deb
sha:44570944202b95dc609f1aafd74093aefc1bc9d1
-
alt-python27-tkinter_2.7.18-14_amd64.deb
sha:5d8d6825837cd513867bbc21f7d62f5637700e69
-
alt-python27-tools_2.7.18-14_amd64.deb
sha:33641b43f92825057e6451e53048a649044e1cf7
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
