ELS for OS
- CVEs
- Releases
- Projects
- Documentation
Live Patches
ELS for PHP
- CVEs
- Releases
- Projects
- Documentation
ELS for Python
- CVEs
- Releases
- Projects
- Documentation
ELS for Dotnet
- CVEs
- Releases
- Projects
- Documentation
ELS for Node.js
- CVEs
- Releases
- Projects
- Documentation

Release Info

Advisory: CLSA-2026:1768571053

OS: Debian 12

Public date: 2026-01-16 13:44:15.365522

Project: python

Version: 3.7.17-8

Errata link: https://errata.tuxcare.com/els_alt_python/debian12/CLSA-2026-1768571053.html

Changelog

* SECURITY UPDATE: Quadratic complexity in xml.minidom node ID cache clearing - debian/patches/CVE-2025-12084.patch: remove quadratic behavior in xml.minidom node ID cache clearing - CVE-2025-12084 * SECURITY UPDATE: Overwriting of arbitrary files by remote attackers - debian/patches/CVE-2007-4559.patch: implement PEP 706 - a filter in the tarfile module to prevent directory traversal vulnerability - CVE-2007-4559

Update

Update command: apt-get update apt-get --only-upgrade install alt-python*

Packages list

alt-python37_3.7.17-8_amd64.deb alt-python37-debug_3.7.17-8_amd64.deb alt-python37-devel_3.7.17-8_amd64.deb alt-python37-libs_3.7.17-8_amd64.deb alt-python37-test_3.7.17-8_amd64.deb alt-python37-tkinter_3.7.17-8_amd64.deb alt-python37-tools_3.7.17-8_amd64.deb

CVEs

CVE-2007-4559

CVE-2025-12084