Severity:
('Low', ['ELSLANG-26210'])
Release date:
2026-04-17 09:50:51 UTC
Description:
* SECURITY UPDATE: command-line option injection in webbrowser.open()
- debian/patches/CVE-2026-4519.patch: reject leading dashes in
webbrowser.open() URLs to prevent command-line option injection
in browser subprocesses
- CVE-2026-4519
Updated packages:
-
alt-python27_2.7.18-14_amd64.deb
sha:70970648a066b19c1e21eaa746abbb1c6bcbf316
-
alt-python27-debug_2.7.18-14_amd64.deb
sha:a8051ad60619f68f1320234cf054caacb23c92c6
-
alt-python27-devel_2.7.18-14_amd64.deb
sha:5bb27ac5c5157ff43734ae8cd489606e45f478f3
-
alt-python27-idle_2.7.18-14_amd64.deb
sha:0803f3bced50b0a3f9735a31beb2e2785d553a2d
-
alt-python27-libs_2.7.18-14_amd64.deb
sha:36253fe33a7d517dbf7187426836f451365a8636
-
alt-python27-test_2.7.18-14_amd64.deb
sha:1a25be8e40b27fb26f7d2f51c667c01eee313a7e
-
alt-python27-tkinter_2.7.18-14_amd64.deb
sha:08db32927faccd73ef323fbea80209b403556603
-
alt-python27-tools_2.7.18-14_amd64.deb
sha:33641b43f92825057e6451e53048a649044e1cf7
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
