CLSA-2026-1778831359 python3.9: Fix of CVE-2026-6100

CVE-2026-6100: fix possible use-after-free in bz2.BZ2Decompressor and lzma.LZMADecompressor by clearing dangling nextin input pointer on the MemoryError error path...

Internet Bug Bounty: LZMADecompressor.decompress Use After Free

I have submitted a vulnerability that has now been fixed. The report includes a proof of concept that demonstrates code execution. The submitted patch was accepted with minor changes. https://bugs.python.org/issue28275 --- Python 3.5.2 suffers from a use after free vulnerability caused by the...