[CLSA-2026:1780736179] python3.9: Fix of CVE-2026-7210
Type:
security
Severity:
Critical
Release date:
2026-06-08 09:04:06 UTC
Description:
- CVE-2026-7210: seed Expat with 16 bytes of hash salt via XML_SetHashSalt16Bytes when the linked libexpat exposes it, fixing the hash-flooding entropy gap in pyexpat and xml.etree.ElementTree - require expat >= 2.5.0-1.el9_2.tuxcare.els12 (CVE-2026-41080, XML_SetHashSalt16Bytes) so the runtime mitigation is guaranteed in effect
CVEs fixed:
Updated packages:
  • python-unversioned-command-3.9.16-1.el9_2.2.tuxcare.els27.noarch.rpm
    sha:5da012dd92ab4401d10fb96d11fdb08137fcc27e7f6b71137eabf6608c9ce787
  • python3-3.9.16-1.el9_2.2.tuxcare.els27.i686.rpm
    sha:64bf2588428df5125a32c26ca786db4dd5a8698fe02dc8a23932a197295457bd
  • python3-3.9.16-1.el9_2.2.tuxcare.els27.x86_64.rpm
    sha:5e7920a9c709356950880d1ab1ba07bc395f8728ae064dac839409ceb6c512bc
  • python3-debug-3.9.16-1.el9_2.2.tuxcare.els27.i686.rpm
    sha:c9e55af59d0fe7cbcc685a21600b617c9ad609f97075799de30357c5d72b2f66
  • python3-debug-3.9.16-1.el9_2.2.tuxcare.els27.x86_64.rpm
    sha:28fffca2f376432957a59b39bf38e12620e1cb0a313c011ba4cefe0e94dd1415
  • python3-devel-3.9.16-1.el9_2.2.tuxcare.els27.i686.rpm
    sha:531990acec08654fafefe9bf27669686de2c129b9d55839a133015cf4652ca13
  • python3-devel-3.9.16-1.el9_2.2.tuxcare.els27.x86_64.rpm
    sha:4915ad3a084398b3847c01b61c05a26a074f69e236575627a10872c0393a745e
  • python3-idle-3.9.16-1.el9_2.2.tuxcare.els27.i686.rpm
    sha:98bb31f993d58e706b183fc44b787062c6a30345c7a35dfdf1ad59589a214094
  • python3-idle-3.9.16-1.el9_2.2.tuxcare.els27.x86_64.rpm
    sha:50372d46dc389c503306dc5070d2ba902cfdaf108ffe360d46d64d388ba67c5a
  • python3-libs-3.9.16-1.el9_2.2.tuxcare.els27.i686.rpm
    sha:f07c77758f3b8394ab8b07333fb6aebfd54bee7efe4a071f1978313c7e6574b0
  • python3-libs-3.9.16-1.el9_2.2.tuxcare.els27.x86_64.rpm
    sha:d80bc95de4dc5d6b39c25df246114f8c579804ab670fe731e54babed5890a541
  • python3-test-3.9.16-1.el9_2.2.tuxcare.els27.i686.rpm
    sha:2796c08f68063623f55170657cb7cd3205cb7d8a85f7383ccb8dbb9ec7414970
  • python3-test-3.9.16-1.el9_2.2.tuxcare.els27.x86_64.rpm
    sha:b2c23fd8098cc5c998685b53eb8bd3acd3c4a9dc6fc57272a1c99eed396f372b
  • python3-tkinter-3.9.16-1.el9_2.2.tuxcare.els27.i686.rpm
    sha:5775e7bf40816762ba3127c0e25593de76b8e20e7909cdf256c0a33ab73feeda
  • python3-tkinter-3.9.16-1.el9_2.2.tuxcare.els27.x86_64.rpm
    sha:b324aa0c44c0c0f27c13f0e6ed37e60d5f8e76f1b49cf0ce708af6fa15163a4c
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.