[ALSA-2026:19034] Moderate: python-tornado security update
Type:
security
Severity:
moderate
Release date:
2026-05-26
Description:
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * tornado-python: Tornado: Denial of Service via large multipart bodies (CVE-2026-31958) * tornado: Tornado: Cookie attribute injection due to improper handling of cookie arguments (CVE-2026-35536) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 python3-tornado-6.5.5-1.el10_2.aarch64.rpm 2c7978345b875f667e1ef6d83fe3c9cd5446d27328df86a8726258330b720984
ppc64le python3-tornado-6.5.5-1.el10_2.ppc64le.rpm 1f4ef09f2e82403f66745bbf9a06ce10c68a5ccfebc6174b97cdedd5fb0d49f7
s390x python3-tornado-6.5.5-1.el10_2.s390x.rpm 17b68a9295977150ccabe720c587dd482f15e1a815f081bec50a3cd7a649bfe5
x86_64 python3-tornado-6.5.5-1.el10_2.x86_64.rpm 286cda998fc032588262e4117c2e4504fade173da29106c96ccd74eefe18ff7d
x86_64_v2 python3-tornado-6.5.5-1.el10_2.x86_64_v2.rpm bea5502d3a4a8cd6e8b8c5f35b98b2b05ddfd7ae7b06c436f40a10d07f929e70
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.