[CLSA-2026:1781086040] python3.11: Fix of CVE-2025-13462
Type:
security
Severity:
Critical
Release date:
2026-06-10 10:08:50 UTC
Description:
- CVE-2025-13462: do not apply the v7 AREGTYPE->DIRTYPE normalization when re-parsing GNU LONGNAME/LONGLINK follow-up headers in tarfile, preventing crafted archives from flipping an entry's type
CVEs fixed:
Updated packages:
  • python3.11-3.11.2-2.el9_2.2.tuxcare.els28.i686.rpm
    sha:15d0b42998b0747c8e47caf79fae73fd8e2a95bfc1cb9e5a3700209e2e13969f
  • python3.11-3.11.2-2.el9_2.2.tuxcare.els28.x86_64.rpm
    sha:83608a6a6c95704e3750c86bb74c671910ce1b6461611f13f9327dd4770a4da3
  • python3.11-debug-3.11.2-2.el9_2.2.tuxcare.els28.i686.rpm
    sha:a9cbd71a1e77427776e89b1735e747f094a83dfd0d058acd44f7f67f1276c04c
  • python3.11-debug-3.11.2-2.el9_2.2.tuxcare.els28.x86_64.rpm
    sha:3d17f500630889f9372e7f46cc7d05725cbab01a0845ffb89da82bdaf25930db
  • python3.11-devel-3.11.2-2.el9_2.2.tuxcare.els28.i686.rpm
    sha:c9c8b22a43a032129ef9700479ff5e2c77ba42028f775974c17b8874b8be1d60
  • python3.11-devel-3.11.2-2.el9_2.2.tuxcare.els28.x86_64.rpm
    sha:85dbe9a6a48d7d0956eb516c97135fceb81b0655e6df8cd5b1dda0f281e9a024
  • python3.11-idle-3.11.2-2.el9_2.2.tuxcare.els28.i686.rpm
    sha:55882464e032959b844dca73fda56a96475f0848e6ef8d7bc6739fb7e28a47ae
  • python3.11-idle-3.11.2-2.el9_2.2.tuxcare.els28.x86_64.rpm
    sha:25d9ec0bb24f0a4b655f62102547dad3dc2bef31bb1b6f25a772960477bc9fd8
  • python3.11-libs-3.11.2-2.el9_2.2.tuxcare.els28.i686.rpm
    sha:765487c8c5c7033fe417311132f4e2a6ebffc4d315fe32f1058d7c7a6eaa3dd0
  • python3.11-libs-3.11.2-2.el9_2.2.tuxcare.els28.x86_64.rpm
    sha:dba9fdbb7324ab10407e122cbac1a8e593748f121f68550bee785f684567439d
  • python3.11-test-3.11.2-2.el9_2.2.tuxcare.els28.i686.rpm
    sha:5bbde207bc674c0c9f2e8a3fb018220a047afef1ff2eb8a63ae1864e128bfa63
  • python3.11-test-3.11.2-2.el9_2.2.tuxcare.els28.x86_64.rpm
    sha:458fd6d3506ccf558746492352630918362b896afb9b300a71fd5a6848fc9db4
  • python3.11-tkinter-3.11.2-2.el9_2.2.tuxcare.els28.i686.rpm
    sha:9f5915e7a45d83c7d81e2dff422d97ffa97d719f48caa3cc1fe7bcb2c0532bb3
  • python3.11-tkinter-3.11.2-2.el9_2.2.tuxcare.els28.x86_64.rpm
    sha:a3873bebdca295cff142796a4c5521ddfb88fa6576dfc159e72079d2e3a26797
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.