Release date:
2026-04-30 11:23:54 UTC
Description:
- CVE-2026-6100: defensively null bzs->next_in on the error path of
BZ2Decomp_decompress to align with upstream; the UAF window does
not exist in Python 2.7 (next_in is reassigned at function entry,
lzma/gzip are not C extensions)
Updated packages:
-
python2-2.7.18-7.module_el8.5.0+2386+c0bb17f5.tuxcare.els20.x86_64.rpm
sha:94a4e3bcd809bc9b7ca71de16d54539d3c5415a160041da2891f283ca11b712b
-
python2-debug-2.7.18-7.module_el8.5.0+2386+c0bb17f5.tuxcare.els20.x86_64.rpm
sha:f446927127731f7eba2dfa99f472515dc0860bd3d04389a29b1bd3417dbfa026
-
python2-devel-2.7.18-7.module_el8.5.0+2386+c0bb17f5.tuxcare.els20.x86_64.rpm
sha:45532efdc2dc0813234945c20c639d0c920cbef3f1c070f1e2f3f0057fd1d7fd
-
python2-libs-2.7.18-7.module_el8.5.0+2386+c0bb17f5.tuxcare.els20.x86_64.rpm
sha:2c23655f3bb791850998245b57d396646fed08b72d5ddd1a4aeac2588ceacfb9
-
python2-test-2.7.18-7.module_el8.5.0+2386+c0bb17f5.tuxcare.els20.x86_64.rpm
sha:fe89e2266e40810c1a4503d69f2c2abe55297af4f4e77dc7abb1ef99fb1c9d88
-
python2-tkinter-2.7.18-7.module_el8.5.0+2386+c0bb17f5.tuxcare.els20.x86_64.rpm
sha:d50fcb16ee5acf30348f2e0a90f55ca941d8d540803b705a1943d93efc20b4d3
-
python2-tools-2.7.18-7.module_el8.5.0+2386+c0bb17f5.tuxcare.els20.x86_64.rpm
sha:8b57851a561bdc7e49688d4cb0ddf231317acdd9cc2849b24af3b778778df36b
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
