[CLSA-2026:1784126834] Fix CVE(s): CVE-2026-15308
Type:
security
Severity:
Important
Release date:
2026-07-15 14:47:28 UTC
Description:
* SECURITY UPDATE: CPU denial-of-service in html.parser.HTMLParser via repeated unterminated markup declarations in incremental parsing - debian/patches/CVE-2026-15308.patch: accumulate incrementally fed data in a list and only join and parse it once enough has piled up, avoiding the quadratic rescanning and concatenation of an unterminated construct across feed() calls in Lib/HTMLParser.py - CVE-2026-15308
CVEs fixed:
Updated packages:
  • idle-python2.7_2.7.16-2+deb10u4+tuxcare.els3_all.deb
    sha:ae16be592548a06bdf6f42267f2835ff171b2a7f
  • libpython2.7_2.7.16-2+deb10u4+tuxcare.els3_amd64.deb
    sha:7100432728a355377e6347c6c85540d2789fbf29
  • libpython2.7-dev_2.7.16-2+deb10u4+tuxcare.els3_amd64.deb
    sha:91957b4c423a808bd940edaf491377d83ff08e12
  • libpython2.7-minimal_2.7.16-2+deb10u4+tuxcare.els3_amd64.deb
    sha:4fdef3982dcee7a2fe111ea0bde6c8de3a8ab756
  • libpython2.7-stdlib_2.7.16-2+deb10u4+tuxcare.els3_amd64.deb
    sha:4e7f02e03711c7a2d2955aa3194fd23c0a91aeda
  • libpython2.7-testsuite_2.7.16-2+deb10u4+tuxcare.els3_all.deb
    sha:9e5c07106c8b6cbd50a49308c0d7cc0310d916db
  • python2.7_2.7.16-2+deb10u4+tuxcare.els3_amd64.deb
    sha:ec70e5baabdbc1713f4a1d5247ce9ec2169223e4
  • python2.7-dev_2.7.16-2+deb10u4+tuxcare.els3_amd64.deb
    sha:0cbb9812df00d46448945e17e07d93ed05a85255
  • python2.7-doc_2.7.16-2+deb10u4+tuxcare.els3_all.deb
    sha:7be19e8c191e9c72af113e5b66950faa597f2263
  • python2.7-examples_2.7.16-2+deb10u4+tuxcare.els3_all.deb
    sha:a2914b6519ca89982299fb7195fcf8a14c2927a8
  • python2.7-minimal_2.7.16-2+deb10u4+tuxcare.els3_amd64.deb
    sha:c5664332af33e4dcda4558206d380224bcae9ee7
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.