CLSA-2026-1778768341

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2026-1778768341.json
JSON Data
https://api.osv.dev/v1/vulns/CLSA-2026-1778768341
Upstream
Published
2026-05-14T20:22:42Z
Modified
2026-06-01T00:33:25.972976181Z
Summary
python: Fix of 4 CVEs
Details
  • CVE-2019-9740: reject control characters in HTTP URL paths in httplib.HTTPConnection.putrequest to prevent CRLF header injection
  • CVE-2019-18348: reject control characters in hostnames in httplib.HTTPConnection.init via a new validatehost helper to prevent CRLF header injection (the glibc CVE-2016-10739 mitigation shipped on RHEL 7+ is not present on CentOS 6 / Oracle Linux 6 ELS)
  • CVE-2018-1000030: cache the readahead buffer thread-locally inside file_iternext to fix heap buffer corruption and crashes when multiple threads iterate over the same file object
References

Affected packages

TuxCare:OracleLinux:6
python

Package

Name
python
Purl
pkg:rpm/tuxcare/python?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.6.6-70.el6.tuxcare.els22

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2026-1778768341.json"
python-devel

Package

Name
python-devel
Purl
pkg:rpm/tuxcare/python-devel?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.6.6-70.el6.tuxcare.els22

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2026-1778768341.json"
python-libs

Package

Name
python-libs
Purl
pkg:rpm/tuxcare/python-libs?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.6.6-70.el6.tuxcare.els22

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2026-1778768341.json"
python-test

Package

Name
python-test
Purl
pkg:rpm/tuxcare/python-test?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.6.6-70.el6.tuxcare.els22

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2026-1778768341.json"
python-tools

Package

Name
python-tools
Purl
pkg:rpm/tuxcare/python-tools?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.6.6-70.el6.tuxcare.els22

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2026-1778768341.json"
tkinter

Package

Name
tkinter
Purl
pkg:rpm/tuxcare/tkinter?distro=oraclelinux-6

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.6.6-70.el6.tuxcare.els22

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/oraclelinux6els/CLSA-2026-1778768341.json"