Severity:
('Low', ['ELSLANG-26205'])
Release date:
2026-04-17 09:47:08 UTC
Description:
* SECURITY UPDATE: command-line option injection in webbrowser.open()
- debian/patches/CVE-2026-4519.patch: reject leading dashes in
webbrowser.open() URLs to prevent command-line option injection
in browser subprocesses
- CVE-2026-4519
Updated packages:
-
alt-python27_2.7.18-14_amd64.deb
sha:58112b992a6718ad7cbd71db0b7b8fd29245e405
-
alt-python27-debug_2.7.18-14_amd64.deb
sha:8219c09aca6a6e652186464e6a088e3c52cfecc4
-
alt-python27-devel_2.7.18-14_amd64.deb
sha:bca39ed21010e1786550c0787df76c5ebffb53d6
-
alt-python27-idle_2.7.18-14_amd64.deb
sha:0803f3bced50b0a3f9735a31beb2e2785d553a2d
-
alt-python27-libs_2.7.18-14_amd64.deb
sha:3ba0a62a9c2d0ded87d7c7879ac9fc0958f6714a
-
alt-python27-test_2.7.18-14_amd64.deb
sha:3ac14a65f372f8e97ed8dd4c3a962af145a1d974
-
alt-python27-tkinter_2.7.18-14_amd64.deb
sha:737c21b80ca8d56413bc210c3ba1e28b76be0cf7
-
alt-python27-tools_2.7.18-14_amd64.deb
sha:33641b43f92825057e6451e53048a649044e1cf7
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
