Release date:
2026-05-08 13:02:15 UTC
Description:
- CVE-2026-3446: binascii.a2b_base64 / base64.b64decode no longer abort the
decoder loop on the first padded quad. The pad character is treated as
non-alphabet data per RFC 4648 section 3.3, so excess data after the
padding is decoded instead of being silently dropped.
Updated packages:
-
alt-python27-2.7.18-31.el9.x86_64.rpm
sha:b5eb478ec6cc7432ec91e5f87e790d8d0c8bdf3f5aa3c8e82c82686e30dd1af7
-
alt-python27-debug-2.7.18-31.el9.x86_64.rpm
sha:8bfbf58e3e76c6af942702600b7a44e307d62d72de2a9662c5a2fc7ad38ac377
-
alt-python27-devel-2.7.18-31.el9.x86_64.rpm
sha:fe0af542524d0ca54064a9523efa956369314c5eff66f022e16980a5b8bfdf5c
-
alt-python27-libs-2.7.18-31.el9.x86_64.rpm
sha:d823d06e89c70fdc297df81d48cb9852622dc106ec5b18cf7068ff244456dfc1
-
alt-python27-test-2.7.18-31.el9.x86_64.rpm
sha:ee57463853791549764337a6e3eab9a9e6603a8ed75645ef9dcb172c7ed6a59d
-
alt-python27-tkinter-2.7.18-31.el9.x86_64.rpm
sha:728660909dfd058701bc232d0f2d38fc286ec57fb02368c3255d7429ad3e3f27
-
alt-python27-tools-2.7.18-31.el9.x86_64.rpm
sha:6c8fd412452c23fdd42dd3ae49093bac24b3de9dbb736523f704ee4a8fdaaa80
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
