Release date:
2026-04-23 18:17:43 UTC
Description:
* SECURITY UPDATE: Command-line option injection in webbrowser.open()
- debian/patches/CVE-2026-4519.patch: reject leading dashes in
webbrowser.open() URLs to prevent command-line option injection
in browser subprocesses
- CVE-2026-4519
Updated packages:
-
alt-python37_3.7.17-15_amd64.deb
sha:e42b7f00501355352a9f526572a8e448e0f69ad2
-
alt-python37-debug_3.7.17-15_amd64.deb
sha:d61c48b6169cfb048807af19c789c8bf2eb8c903
-
alt-python37-devel_3.7.17-15_amd64.deb
sha:61472293070da94c3c84e1dca10bcabab34ab082
-
alt-python37-libs_3.7.17-15_amd64.deb
sha:0639a47257400b733c6d3c50a364eea2340c9379
-
alt-python37-test_3.7.17-15_amd64.deb
sha:e4d01e91043c0e00e351f4d243ef2de17f3227e3
-
alt-python37-tkinter_3.7.17-15_amd64.deb
sha:a228387e7cb8e8951204ef83e584e2da7b2b3ec3
-
alt-python37-tools_3.7.17-15_amd64.deb
sha:fc0a891e2cf980c3f2b21c986896ad4ed5bc1cc8
-
alt-python37_3.7.17-15_arm64.deb
sha:2cda6f9e7c29e4f3c984c61555928e9912968efc
-
alt-python37-debug_3.7.17-15_arm64.deb
sha:dc3156901ccaccd244ab09b22221b9953a811d15
-
alt-python37-devel_3.7.17-15_arm64.deb
sha:610d5188c7ccd7aa86d093b869f7ed2a5bcbf48f
-
alt-python37-libs_3.7.17-15_arm64.deb
sha:a7b816976feefb6d4fc47efed0845cf9a695a1eb
-
alt-python37-test_3.7.17-15_arm64.deb
sha:92910796f6ccb14035953d40cf1a2d845f8efe95
-
alt-python37-tkinter_3.7.17-15_arm64.deb
sha:09425e3aeb1b12f048fb29ab9368426f3ab0da29
-
alt-python37-tools_3.7.17-15_arm64.deb
sha:7ea3d49db329a76596fdcd8d4cd79d25c3fbfae6
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
