[ALSA-2026:13641] Moderate: python-tornado security update
Type:
security
Severity:
moderate
Release date:
2026-05-06
Description:
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * tornado-python: Tornado: Denial of Service via large multipart bodies (CVE-2026-31958) * tornado: Tornado: Cookie attribute injection due to improper handling of cookie arguments (CVE-2026-35536) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 python3-tornado-6.5.5-1.el10_1.1.aarch64.rpm 33ec3856ae68eba38370646ce39fb2404decf7bd4e7e0df08e78d567de372ed8
ppc64le python3-tornado-6.5.5-1.el10_1.1.ppc64le.rpm 290596996531ffe6f853fdcfe828c943569fda4b24a642d8659ffd39cd5e926d
s390x python3-tornado-6.5.5-1.el10_1.1.s390x.rpm dcc1e873ec4ddaef9ece80e04b77409be1cf36db9f2b08a91b6086a486d24645
x86_64 python3-tornado-6.5.5-1.el10_1.1.x86_64.rpm 4e0a0b8a0c8134e058779ded54b917ab76848b132a8d0987cdd6ff959dd00754
x86_64_v2 python3-tornado-6.5.5-1.el10_1.1.x86_64_v2.rpm f6914833b8fbf3d3e3e5921a76872fb48b0bce8c9da88bbfadda838b22c4420e
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.