Issued:: 2026-04-27
Updated:: 2026-04-27

RHSA-2026:11062 - Security Advisory

Overview
Updated Packages

Synopsis

Important: python3.11 security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for python3.11 is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.

Security Fix(es):

python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules (CVE-2026-6100)
python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API (CVE-2026-4786)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux for x86_64 8 x86_64
Red Hat Enterprise Linux for IBM z Systems 8 s390x
Red Hat Enterprise Linux for Power, little endian 8 ppc64le
Red Hat Enterprise Linux for ARM 64 8 aarch64
Red Hat CodeReady Linux Builder for x86_64 8 x86_64
Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
Red Hat CodeReady Linux Builder for IBM z Systems 8 s390x
Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 8.10 x86_64
Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 8.10 aarch64
Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 8.10 ppc64le
Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 8.10 s390x

Fixes

BZ - 2457932 - CVE-2026-6100 python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules
BZ - 2458049 - CVE-2026-4786 python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API

CVEs

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 8

SRPM
python3.11-3.11.13-7.el8_10.src.rpm	SHA-256: 6d10d2af3c64ab893cd3bb7915c315bd7d73db8b882fbc409d82f243403412e2
x86_64
python3.11-3.11.13-7.el8_10.x86_64.rpm	SHA-256: 00e8e7693f9e19abd4cc7ed2f842127a1d3205b451cdde36da1ce14962dd2934
python3.11-debuginfo-3.11.13-7.el8_10.i686.rpm	SHA-256: 1206bd2c520bb3f3b74d02779667e78d79bf7cb8afaf9ce2a6ae350ec4a40576
python3.11-debuginfo-3.11.13-7.el8_10.x86_64.rpm	SHA-256: a2edc2ffd653705ed2b40ff8ad9bedcf75c1e6aabc7518c7d3870c9fee35fc95
python3.11-debugsource-3.11.13-7.el8_10.i686.rpm	SHA-256: 46041ebb9f0e32f963fbc809734b449382a4dcc600942ff3daca4b1f3350148b
python3.11-debugsource-3.11.13-7.el8_10.x86_64.rpm	SHA-256: cd31d2e187942d3302a576d9ca38b56eecf3539847b742f69502a8722bdf5845
python3.11-devel-3.11.13-7.el8_10.i686.rpm	SHA-256: 8140e88d7df001f2c42de30d47356c34ba6fb307e4c3a9302b7bff781343bb24
python3.11-devel-3.11.13-7.el8_10.x86_64.rpm	SHA-256: 15cf731ec8c9548e62fc661caa3599d11989e12a00f26b6d6f82f9ac22836edd
python3.11-libs-3.11.13-7.el8_10.i686.rpm	SHA-256: 54829f9519be70f824de5346406dfdd3d9adc66ee28006bda008f921d33c379c
python3.11-libs-3.11.13-7.el8_10.x86_64.rpm	SHA-256: 73e7ea4744bbf645c173435187389677a25c1720d77030455d7c4c4088a8616e
python3.11-rpm-macros-3.11.13-7.el8_10.noarch.rpm	SHA-256: 287d0cdbbc49c1172e907435585d0876fca5a020239b161c3267e1c17eaecbd4
python3.11-tkinter-3.11.13-7.el8_10.x86_64.rpm	SHA-256: 7b33b91692fbd0979f00aa9a63c985d4375e0eaa6fae5f3b8b841b9e296c920a

Red Hat Enterprise Linux for IBM z Systems 8

SRPM
python3.11-3.11.13-7.el8_10.src.rpm	SHA-256: 6d10d2af3c64ab893cd3bb7915c315bd7d73db8b882fbc409d82f243403412e2
s390x
python3.11-3.11.13-7.el8_10.s390x.rpm	SHA-256: 6467e8416d4b827de9db7f51c31ed0fa7040b0497d6d17a7e2e0b9accc0e3ac3
python3.11-debuginfo-3.11.13-7.el8_10.s390x.rpm	SHA-256: 768a2d0f578049b41961c4d9a5cfd9eeb48d3ccaf5096041608862ad10bcfe21
python3.11-debugsource-3.11.13-7.el8_10.s390x.rpm	SHA-256: 6999122c3e5060b015705aad4860576d4d4f548a14c14c5e3e0c4874448bfdcb
python3.11-devel-3.11.13-7.el8_10.s390x.rpm	SHA-256: 05a0e6357cf9532a933d8bd41d7dcc45eae331ca30359c19f696928b10e019d9
python3.11-libs-3.11.13-7.el8_10.s390x.rpm	SHA-256: e142b95a736e771ea568c976122e32b38cc30bcc05c3270447c907b12bcac334
python3.11-rpm-macros-3.11.13-7.el8_10.noarch.rpm	SHA-256: 287d0cdbbc49c1172e907435585d0876fca5a020239b161c3267e1c17eaecbd4
python3.11-tkinter-3.11.13-7.el8_10.s390x.rpm	SHA-256: 398a4921a0ee1a58bf444b3b05352244f98d2798bbab821b684a94e7bed773dd

Red Hat Enterprise Linux for Power, little endian 8

SRPM
python3.11-3.11.13-7.el8_10.src.rpm	SHA-256: 6d10d2af3c64ab893cd3bb7915c315bd7d73db8b882fbc409d82f243403412e2
ppc64le
python3.11-3.11.13-7.el8_10.ppc64le.rpm	SHA-256: 183ffb7a2d25ac05c58c22cd8ec0921cbd913c9e629a2e3c1c1dc6e000a6f4bd
python3.11-debuginfo-3.11.13-7.el8_10.ppc64le.rpm	SHA-256: 0f7bc9f0c619ca8de49a74034bb64969829600983da279bc4aab35f525921723
python3.11-debugsource-3.11.13-7.el8_10.ppc64le.rpm	SHA-256: b8b4aa3c9c22c11a50174c8814ec44cb974173351a1ab8ffb7f562b94cd87a0e
python3.11-devel-3.11.13-7.el8_10.ppc64le.rpm	SHA-256: 7a2fe51ad21233012d76d19b96e9e519a2cb5310d39cf4f5d9e5f9a3299cb9c7
python3.11-libs-3.11.13-7.el8_10.ppc64le.rpm	SHA-256: 251c990dff042b200d3c5d92ee126677e9de1984f7d3d3cb8be705968850c875
python3.11-rpm-macros-3.11.13-7.el8_10.noarch.rpm	SHA-256: 287d0cdbbc49c1172e907435585d0876fca5a020239b161c3267e1c17eaecbd4
python3.11-tkinter-3.11.13-7.el8_10.ppc64le.rpm	SHA-256: 56e3e736d22b1b90d98d702f652c67c864a6fdd5624f22d30d7e0ff0c0b9f348

Red Hat Enterprise Linux for ARM 64 8

SRPM
python3.11-3.11.13-7.el8_10.src.rpm	SHA-256: 6d10d2af3c64ab893cd3bb7915c315bd7d73db8b882fbc409d82f243403412e2
aarch64
python3.11-3.11.13-7.el8_10.aarch64.rpm	SHA-256: 5916c49021ffd4e737a24ee4dae35f31ac29f89ccd5c0b39526b9af74095110a
python3.11-debuginfo-3.11.13-7.el8_10.aarch64.rpm	SHA-256: 5082772f1696f0d46a43670cf2b86cc8cf1a360ddbbf23b976b70bf0074511ed
python3.11-debugsource-3.11.13-7.el8_10.aarch64.rpm	SHA-256: fdcfa0a2debaec31b43a8e3447d02f105ebc14518a5fbea2f1299421672d7e61
python3.11-devel-3.11.13-7.el8_10.aarch64.rpm	SHA-256: c4f8c0adbe51623dd5c30fa940e58c9e36c2f41747e3875440542e66f5d7b374
python3.11-libs-3.11.13-7.el8_10.aarch64.rpm	SHA-256: dfdd41b6023dc8eac3e29d673c51b75f49ed12e08a5c5e1dc98c7f1cfcf117f6
python3.11-rpm-macros-3.11.13-7.el8_10.noarch.rpm	SHA-256: 287d0cdbbc49c1172e907435585d0876fca5a020239b161c3267e1c17eaecbd4
python3.11-tkinter-3.11.13-7.el8_10.aarch64.rpm	SHA-256: a485ce9479bd996b62407ea6990f7355580efb383c954e6b3481d0042612cb81

Red Hat CodeReady Linux Builder for x86_64 8

SRPM
x86_64
python3.11-3.11.13-7.el8_10.i686.rpm	SHA-256: 2498d40d6062a4b49c5fce0f4bca284f2a5acd841f53aa05b027f083e62912e6
python3.11-debug-3.11.13-7.el8_10.i686.rpm	SHA-256: 0cafb439ce5ae528083fad476062338893fc12bef3ac13db98ffd07e50e076f6
python3.11-debug-3.11.13-7.el8_10.x86_64.rpm	SHA-256: 08a4b3cebefc669f9656a1e0119d619280114826f03eac468db869c5dafefe11
python3.11-debuginfo-3.11.13-7.el8_10.i686.rpm	SHA-256: 1206bd2c520bb3f3b74d02779667e78d79bf7cb8afaf9ce2a6ae350ec4a40576
python3.11-debuginfo-3.11.13-7.el8_10.x86_64.rpm	SHA-256: a2edc2ffd653705ed2b40ff8ad9bedcf75c1e6aabc7518c7d3870c9fee35fc95
python3.11-debugsource-3.11.13-7.el8_10.i686.rpm	SHA-256: 46041ebb9f0e32f963fbc809734b449382a4dcc600942ff3daca4b1f3350148b
python3.11-debugsource-3.11.13-7.el8_10.x86_64.rpm	SHA-256: cd31d2e187942d3302a576d9ca38b56eecf3539847b742f69502a8722bdf5845
python3.11-idle-3.11.13-7.el8_10.i686.rpm	SHA-256: c8ea1d6efff4c0eb5e50bd2d3408e839c98260904fe097c22fd4ab0799a3b5d9
python3.11-idle-3.11.13-7.el8_10.x86_64.rpm	SHA-256: 53c15da0f34b667d2c8f51e7d31ba27231d2c82dbb4e882ea7a331c71f398ec2
python3.11-test-3.11.13-7.el8_10.i686.rpm	SHA-256: 76be86c4d89f3851dbcd073e840b75292e2b2822301dea5ee0efeed9719b4eb5
python3.11-test-3.11.13-7.el8_10.x86_64.rpm	SHA-256: 94883e97a4389d300b6de8c5782a3872b0899596c0dc4435c52c406d44c69064
python3.11-tkinter-3.11.13-7.el8_10.i686.rpm	SHA-256: 39fccc93ffad5bd58bc744a916ca71bb1a024db9ed4220defa5c42cda55d2014

Red Hat CodeReady Linux Builder for Power, little endian 8

SRPM
ppc64le
python3.11-debug-3.11.13-7.el8_10.ppc64le.rpm	SHA-256: 59c249606f87c12eef887adc603610d0ae9966a233bf8225013a21c5d9003ecc
python3.11-debuginfo-3.11.13-7.el8_10.ppc64le.rpm	SHA-256: 0f7bc9f0c619ca8de49a74034bb64969829600983da279bc4aab35f525921723
python3.11-debugsource-3.11.13-7.el8_10.ppc64le.rpm	SHA-256: b8b4aa3c9c22c11a50174c8814ec44cb974173351a1ab8ffb7f562b94cd87a0e
python3.11-idle-3.11.13-7.el8_10.ppc64le.rpm	SHA-256: 73d55da72f3bac90879a3facb4af1fe25d23ed0737aee79f4337ee369e5099f3
python3.11-test-3.11.13-7.el8_10.ppc64le.rpm	SHA-256: 6173f4b37d1f602493cb801256ab474cbc87e4c85c8ef1cbfbc87d7fc8fc8f2e

Red Hat CodeReady Linux Builder for ARM 64 8

SRPM
aarch64
python3.11-debug-3.11.13-7.el8_10.aarch64.rpm	SHA-256: e5452deae16fca631499e012ee6a58e6ad78949e71c3620d518c173b65f50622
python3.11-debuginfo-3.11.13-7.el8_10.aarch64.rpm	SHA-256: 5082772f1696f0d46a43670cf2b86cc8cf1a360ddbbf23b976b70bf0074511ed
python3.11-debugsource-3.11.13-7.el8_10.aarch64.rpm	SHA-256: fdcfa0a2debaec31b43a8e3447d02f105ebc14518a5fbea2f1299421672d7e61
python3.11-idle-3.11.13-7.el8_10.aarch64.rpm	SHA-256: b6b9457e3f50f2bc2979b145b566e74201663e1b6d01cdad286ace63299788b6
python3.11-test-3.11.13-7.el8_10.aarch64.rpm	SHA-256: fde81cdcc3ec4102eede05c2a866757a645ecc22f19f70bbbe99ef0be99140d0

Red Hat CodeReady Linux Builder for IBM z Systems 8

SRPM
s390x
python3.11-debug-3.11.13-7.el8_10.s390x.rpm	SHA-256: 8296548d03a152bbea06a096a4ca9798cf4cbb9b046697eed438c962c1842e43
python3.11-debuginfo-3.11.13-7.el8_10.s390x.rpm	SHA-256: 768a2d0f578049b41961c4d9a5cfd9eeb48d3ccaf5096041608862ad10bcfe21
python3.11-debugsource-3.11.13-7.el8_10.s390x.rpm	SHA-256: 6999122c3e5060b015705aad4860576d4d4f548a14c14c5e3e0c4874448bfdcb
python3.11-idle-3.11.13-7.el8_10.s390x.rpm	SHA-256: c14a4416b2766e84ea2a1119c856342d0ddc8eb39c14d7711395bd5e6c251e6e
python3.11-test-3.11.13-7.el8_10.s390x.rpm	SHA-256: 516e862f22831cecf837dff0de54593da2939e7f4b99950126ccfa4ff5480531

Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 8.10

SRPM
python3.11-3.11.13-7.el8_10.src.rpm	SHA-256: 6d10d2af3c64ab893cd3bb7915c315bd7d73db8b882fbc409d82f243403412e2
x86_64
python3.11-3.11.13-7.el8_10.x86_64.rpm	SHA-256: 00e8e7693f9e19abd4cc7ed2f842127a1d3205b451cdde36da1ce14962dd2934
python3.11-debuginfo-3.11.13-7.el8_10.i686.rpm	SHA-256: 1206bd2c520bb3f3b74d02779667e78d79bf7cb8afaf9ce2a6ae350ec4a40576
python3.11-debuginfo-3.11.13-7.el8_10.x86_64.rpm	SHA-256: a2edc2ffd653705ed2b40ff8ad9bedcf75c1e6aabc7518c7d3870c9fee35fc95
python3.11-debugsource-3.11.13-7.el8_10.i686.rpm	SHA-256: 46041ebb9f0e32f963fbc809734b449382a4dcc600942ff3daca4b1f3350148b
python3.11-debugsource-3.11.13-7.el8_10.x86_64.rpm	SHA-256: cd31d2e187942d3302a576d9ca38b56eecf3539847b742f69502a8722bdf5845
python3.11-devel-3.11.13-7.el8_10.i686.rpm	SHA-256: 8140e88d7df001f2c42de30d47356c34ba6fb307e4c3a9302b7bff781343bb24
python3.11-devel-3.11.13-7.el8_10.x86_64.rpm	SHA-256: 15cf731ec8c9548e62fc661caa3599d11989e12a00f26b6d6f82f9ac22836edd
python3.11-libs-3.11.13-7.el8_10.i686.rpm	SHA-256: 54829f9519be70f824de5346406dfdd3d9adc66ee28006bda008f921d33c379c
python3.11-libs-3.11.13-7.el8_10.x86_64.rpm	SHA-256: 73e7ea4744bbf645c173435187389677a25c1720d77030455d7c4c4088a8616e
python3.11-rpm-macros-3.11.13-7.el8_10.noarch.rpm	SHA-256: 287d0cdbbc49c1172e907435585d0876fca5a020239b161c3267e1c17eaecbd4
python3.11-tkinter-3.11.13-7.el8_10.x86_64.rpm	SHA-256: 7b33b91692fbd0979f00aa9a63c985d4375e0eaa6fae5f3b8b841b9e296c920a

Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 8.10

SRPM
python3.11-3.11.13-7.el8_10.src.rpm	SHA-256: 6d10d2af3c64ab893cd3bb7915c315bd7d73db8b882fbc409d82f243403412e2
aarch64
python3.11-3.11.13-7.el8_10.aarch64.rpm	SHA-256: 5916c49021ffd4e737a24ee4dae35f31ac29f89ccd5c0b39526b9af74095110a
python3.11-debuginfo-3.11.13-7.el8_10.aarch64.rpm	SHA-256: 5082772f1696f0d46a43670cf2b86cc8cf1a360ddbbf23b976b70bf0074511ed
python3.11-debugsource-3.11.13-7.el8_10.aarch64.rpm	SHA-256: fdcfa0a2debaec31b43a8e3447d02f105ebc14518a5fbea2f1299421672d7e61
python3.11-devel-3.11.13-7.el8_10.aarch64.rpm	SHA-256: c4f8c0adbe51623dd5c30fa940e58c9e36c2f41747e3875440542e66f5d7b374
python3.11-libs-3.11.13-7.el8_10.aarch64.rpm	SHA-256: dfdd41b6023dc8eac3e29d673c51b75f49ed12e08a5c5e1dc98c7f1cfcf117f6
python3.11-rpm-macros-3.11.13-7.el8_10.noarch.rpm	SHA-256: 287d0cdbbc49c1172e907435585d0876fca5a020239b161c3267e1c17eaecbd4
python3.11-tkinter-3.11.13-7.el8_10.aarch64.rpm	SHA-256: a485ce9479bd996b62407ea6990f7355580efb383c954e6b3481d0042612cb81

Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 8.10

SRPM
python3.11-3.11.13-7.el8_10.src.rpm	SHA-256: 6d10d2af3c64ab893cd3bb7915c315bd7d73db8b882fbc409d82f243403412e2
ppc64le
python3.11-3.11.13-7.el8_10.ppc64le.rpm	SHA-256: 183ffb7a2d25ac05c58c22cd8ec0921cbd913c9e629a2e3c1c1dc6e000a6f4bd
python3.11-debuginfo-3.11.13-7.el8_10.ppc64le.rpm	SHA-256: 0f7bc9f0c619ca8de49a74034bb64969829600983da279bc4aab35f525921723
python3.11-debugsource-3.11.13-7.el8_10.ppc64le.rpm	SHA-256: b8b4aa3c9c22c11a50174c8814ec44cb974173351a1ab8ffb7f562b94cd87a0e
python3.11-devel-3.11.13-7.el8_10.ppc64le.rpm	SHA-256: 7a2fe51ad21233012d76d19b96e9e519a2cb5310d39cf4f5d9e5f9a3299cb9c7
python3.11-libs-3.11.13-7.el8_10.ppc64le.rpm	SHA-256: 251c990dff042b200d3c5d92ee126677e9de1984f7d3d3cb8be705968850c875
python3.11-rpm-macros-3.11.13-7.el8_10.noarch.rpm	SHA-256: 287d0cdbbc49c1172e907435585d0876fca5a020239b161c3267e1c17eaecbd4
python3.11-tkinter-3.11.13-7.el8_10.ppc64le.rpm	SHA-256: 56e3e736d22b1b90d98d702f652c67c864a6fdd5624f22d30d7e0ff0c0b9f348

Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 8.10

SRPM
python3.11-3.11.13-7.el8_10.src.rpm	SHA-256: 6d10d2af3c64ab893cd3bb7915c315bd7d73db8b882fbc409d82f243403412e2
s390x
python3.11-3.11.13-7.el8_10.s390x.rpm	SHA-256: 6467e8416d4b827de9db7f51c31ed0fa7040b0497d6d17a7e2e0b9accc0e3ac3
python3.11-debuginfo-3.11.13-7.el8_10.s390x.rpm	SHA-256: 768a2d0f578049b41961c4d9a5cfd9eeb48d3ccaf5096041608862ad10bcfe21
python3.11-debugsource-3.11.13-7.el8_10.s390x.rpm	SHA-256: 6999122c3e5060b015705aad4860576d4d4f548a14c14c5e3e0c4874448bfdcb
python3.11-devel-3.11.13-7.el8_10.s390x.rpm	SHA-256: 05a0e6357cf9532a933d8bd41d7dcc45eae331ca30359c19f696928b10e019d9
python3.11-libs-3.11.13-7.el8_10.s390x.rpm	SHA-256: e142b95a736e771ea568c976122e32b38cc30bcc05c3270447c907b12bcac334
python3.11-rpm-macros-3.11.13-7.el8_10.noarch.rpm	SHA-256: 287d0cdbbc49c1172e907435585d0876fca5a020239b161c3267e1c17eaecbd4
python3.11-tkinter-3.11.13-7.el8_10.s390x.rpm	SHA-256: 398a4921a0ee1a58bf444b3b05352244f98d2798bbab821b684a94e7bed773dd

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation