Release date:
2026-05-08 13:10:12 UTC
Description:
- CVE-2026-3446: binascii.a2b_base64 / base64.b64decode no longer abort the
decoder loop on the first padded quad. The pad character is treated as
non-alphabet data per RFC 4648 section 3.3, so excess data after the
padding is decoded instead of being silently dropped.
Updated packages:
-
alt-python27-2.7.18-31.el7.x86_64.rpm
sha:50b928bd80af509ac7a3945e812b3b128d83e37a62290896dedffcb34a49f879
-
alt-python27-debug-2.7.18-31.el7.x86_64.rpm
sha:ac582dcf36bad2574900acbbacf327d4d80bd673bd826c7d33cd539de18db39a
-
alt-python27-devel-2.7.18-31.el7.x86_64.rpm
sha:fb35f5fcdb60b8fa7a5dd00bedc326040d9c51d13a21ff0a715e65589a7b8f73
-
alt-python27-libs-2.7.18-31.el7.x86_64.rpm
sha:332f90c0620f368ebfde06490365ac263fc784262ac04fbef1fe5c67a17ce877
-
alt-python27-test-2.7.18-31.el7.x86_64.rpm
sha:be31f37aae45636b6ecc32b86faaacae1b19af22c8b59bf4111f8519465736db
-
alt-python27-tkinter-2.7.18-31.el7.x86_64.rpm
sha:7ff85899464ee07c280406a09adbb2c30c98158348772af1f80bef8633ed59d6
-
alt-python27-tools-2.7.18-31.el7.x86_64.rpm
sha:62646fca663e2d98bdf6f17fed7e453dd3e841f95e1f773f4da857632e91fd0c
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
