Release date:
2026-07-15 10:14:14 UTC
Description:
* SECURITY UPDATE: CPU denial of service via quadratic complexity in
HTMLParser incremental parsing
- debian/patches/CVE-2026-15308.patch: accumulate feed() data in a list and
defer joining and rescanning the buffer until enough has piled up in
Lib/HTMLParser.py, avoiding quadratic behaviour on repeated unterminated
markup declarations; add regression test to Lib/test/test_htmlparser.py
- CVE-2026-15308
Updated packages:
-
idle-python2.7_2.7.18-1~20.04.7+tuxcare.els5_all.deb
sha:edb760195f8416af2c66c04e8ba36c82ffbb09f7
-
libpython2.7_2.7.18-1~20.04.7+tuxcare.els5_amd64.deb
sha:541fc44cb7d4870322acd39395709a2675c65eab
-
libpython2.7-dev_2.7.18-1~20.04.7+tuxcare.els5_amd64.deb
sha:bacbc113b0fb8caae2042c53608ce85b46a1537f
-
libpython2.7-minimal_2.7.18-1~20.04.7+tuxcare.els5_amd64.deb
sha:f1ad3a90643e4c579412de3be460f9b150e3ebc2
-
libpython2.7-stdlib_2.7.18-1~20.04.7+tuxcare.els5_amd64.deb
sha:21de10856f13e7e755841ba16ab3b749dd1367ea
-
libpython2.7-testsuite_2.7.18-1~20.04.7+tuxcare.els5_all.deb
sha:47f412ba67e907c9951cdca8687b5925510ec193
-
python2.7_2.7.18-1~20.04.7+tuxcare.els5_amd64.deb
sha:c04e66ad260c4fde4e5109d41b122bbee9ee8f51
-
python2.7-dev_2.7.18-1~20.04.7+tuxcare.els5_amd64.deb
sha:4d331999d28c54d2dbd6c0c8a236167af5fe184d
-
python2.7-doc_2.7.18-1~20.04.7+tuxcare.els5_all.deb
sha:0275aa35233d98a6d4f23051fdf2a90361c8f5bf
-
python2.7-examples_2.7.18-1~20.04.7+tuxcare.els5_all.deb
sha:e9fb9872c52d469425e59b75dc053714f723a87f
-
python2.7-minimal_2.7.18-1~20.04.7+tuxcare.els5_amd64.deb
sha:86680f9f3533f0d59160748282d72e56f42050ed
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.