Release date:
2026-05-08 13:14:06 UTC
Description:
- CVE-2026-3446: binascii.a2b_base64 / base64.b64decode no longer abort the
decoder loop on the first padded quad. The pad character is treated as
non-alphabet data per RFC 4648 section 3.3, so excess data after the
padding is decoded instead of being silently dropped.
Updated packages:
-
alt-python27-2.7.18-31.el10.x86_64.rpm
sha:0e3066d0e31d4f4bfb10a2fe05abd1fb8ea7aba076f651b2a8798b3cf0eb95a5
-
alt-python27-debug-2.7.18-31.el10.x86_64.rpm
sha:235804fb614b7cbead64e1891f499710c79814aa016530458ad8e321cb001966
-
alt-python27-devel-2.7.18-31.el10.x86_64.rpm
sha:bce0047383272183b317e610f69969b6dcdda8d19219c312f498868c536f2d85
-
alt-python27-libs-2.7.18-31.el10.x86_64.rpm
sha:0a4b394eb562f2eefe6d4de31debda90073d6fe3e56273102c0d1a930f0d2752
-
alt-python27-test-2.7.18-31.el10.x86_64.rpm
sha:e21814c8b765693693cfee8d83d6582d28563657c9e0983b92c22f74e122e6dd
-
alt-python27-tkinter-2.7.18-31.el10.x86_64.rpm
sha:320859fd177f61074d4799662c06e888140a294112ca891b33967d27a58de06b
-
alt-python27-tools-2.7.18-31.el10.x86_64.rpm
sha:71bad8be483d4a789fd9cc418ca81cf457ed0e7882f029abfa3ec2a7dbc2722f
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
