Release date:
2026-05-08 13:06:09 UTC
Description:
- CVE-2026-3446: binascii.a2b_base64 / base64.b64decode no longer abort the
decoder loop on the first padded quad. The pad character is treated as
non-alphabet data per RFC 4648 section 3.3, so excess data after the
padding is decoded instead of being silently dropped.
Updated packages:
-
alt-python27-2.7.18-31.el8.x86_64.rpm
sha:da7cbd47442b977dab0018612f5a08c0c8f0f5d752bc3a1ddbdba93bdb4d79ce
-
alt-python27-debug-2.7.18-31.el8.x86_64.rpm
sha:f496c4cb6ad76d9848e0acb84c7597fa56e306f210482afe37e1e86f1e21ca7a
-
alt-python27-devel-2.7.18-31.el8.x86_64.rpm
sha:40f14a5033880f3c46a89952a0dc21e6154eddffc6cc18eb90806c93b5ac7d61
-
alt-python27-libs-2.7.18-31.el8.x86_64.rpm
sha:ebe970b5c0f87a6b428280a5f4e0d8f3a52f894eb00f2420edfd297e2d884c94
-
alt-python27-test-2.7.18-31.el8.x86_64.rpm
sha:81c2c5d3acfab390b18251ec0299625e9e6d8b7ef2b9b6a39edd92adb193e40f
-
alt-python27-tkinter-2.7.18-31.el8.x86_64.rpm
sha:89e18620b5d77cb38349a8f8d5a8b51218ab43ab37241b0479d282056e5f2e32
-
alt-python27-tools-2.7.18-31.el8.x86_64.rpm
sha:411d5f3225357f77f78435c934e3a149d43ec5b75519710356968d5cbce2ff06
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
