Release date:
2026-04-30 16:58:19 UTC
Description:
- CVE-2026-6100: defensively null bzs->next_in on the error path of
BZ2Decomp_decompress to align with upstream; the UAF window does
not exist in Python 2.7 (next_in is reassigned at function entry,
lzma/gzip are not C extensions)
Updated packages:
-
python2-2.7.18-4.module_el8.4.0+2389+535225bc.tuxcare.els21.x86_64.rpm
sha:396ac823c0e8b8935e75e03dda9ad9e906ec278e3003b0a5a9669587f480b8a2
-
python2-debug-2.7.18-4.module_el8.4.0+2389+535225bc.tuxcare.els21.x86_64.rpm
sha:2899d7cea96499dd3ae01c406bcd984e13ceb215d9fa3a2098986b5e3425e6a1
-
python2-devel-2.7.18-4.module_el8.4.0+2389+535225bc.tuxcare.els21.x86_64.rpm
sha:77bef8bb2e6fcc8a74f58cb07df28c06b08a82842a9b9977279ba1aa0fe31c43
-
python2-libs-2.7.18-4.module_el8.4.0+2389+535225bc.tuxcare.els21.x86_64.rpm
sha:168465b6c457a41dfbfedc527dd14a7c35ca43bf1e4f86ea2062d2c907cc7d47
-
python2-test-2.7.18-4.module_el8.4.0+2389+535225bc.tuxcare.els21.x86_64.rpm
sha:07f0de74bc6a5dced80606f8fa587722d258fd1332d6e9b0ec64b7c6f14e6696
-
python2-tkinter-2.7.18-4.module_el8.4.0+2389+535225bc.tuxcare.els21.x86_64.rpm
sha:c4ae359b6612280aec41ad0bd6f312746218ba178dff4312083750bd2da1f215
-
python2-tools-2.7.18-4.module_el8.4.0+2389+535225bc.tuxcare.els21.x86_64.rpm
sha:259a1eb21e594c628b77b5977c8cf93c8ced81f49b2213fa6093e45daacfe240
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
