Release date:
2026-05-13 14:07:56 UTC
Description:
- CVE-2026-3446: binascii.a2b_base64 / base64.b64decode no longer abort the
decoder loop on the first padded quad. The pad character is treated as
non-alphabet data per RFC 4648 section 3.3, so excess data after the
padding is decoded instead of being silently dropped.
Updated packages:
-
alt-python36-3.6.15-23.el7.x86_64.rpm
sha:fc35be926d3623bdcb3d29a2fd4665ea89dd87bf38e569b9337b094e3fdf2430
-
alt-python36-debug-3.6.15-23.el7.x86_64.rpm
sha:a5618c6f37060c53fdb594a7d4b82acfdfe85300087953ab2878fe44cb05d33b
-
alt-python36-devel-3.6.15-23.el7.x86_64.rpm
sha:431c138d0949ba242c47e653b65212da56c9e43c7d7ea734f3c0e24678cd0023
-
alt-python36-libs-3.6.15-23.el7.x86_64.rpm
sha:1cffb94d8fe1f8021d30f9c9416fff8e13ac331fdc6b575dbdf9facf6d32034b
-
alt-python36-test-3.6.15-23.el7.x86_64.rpm
sha:a3c3379e8de4bc6b2031e7fdc6b4ca30517f2790cb56604d88e970be7bd896da
-
alt-python36-tkinter-3.6.15-23.el7.x86_64.rpm
sha:b045ee5e0a122961cc813cbf2113337f2af8a58c533a75654bd6c2cc07c9c6ea
-
alt-python36-tools-3.6.15-23.el7.x86_64.rpm
sha:1608f7e1962bb9b65f1428795af7f3e0553c25af451ac8c313a2ef836d9cfc74
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
