[ALSA-2026:19189] Moderate: python-tornado security update
Type:
security
Severity:
moderate
Release date:
2026-05-26
Description:
Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): * tornado-python: Tornado: Denial of Service via large multipart bodies (CVE-2026-31958) * tornado: Tornado: Cookie attribute injection due to improper handling of cookie arguments (CVE-2026-35536) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 python3-tornado-6.5.5-1.el9_8.aarch64.rpm 3cc57d80302c467396ae22abdadda421241f19c16c55749cfabb3fc08e2c09f6
ppc64le python3-tornado-6.5.5-1.el9_8.ppc64le.rpm 4b48fdd36b6e8606d354a221cc653be4b62d3d5535458a873e87f7fe79d339db
s390x python3-tornado-6.5.5-1.el9_8.s390x.rpm e437acb6608e9cfbfa8c737d0f5c28137baaa707cf47d02b5b2fb1764158c514
x86_64 python3-tornado-6.5.5-1.el9_8.x86_64.rpm 3655733b10b3a7cc8d6193cfa67636ec8cb32f85552768f8386d2ec0cf38a2d0
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.