Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Lightspeed
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Lightspeed
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2026:26187 - Security Advisory
Issued:
2026-06-16
Updated:
2026-06-16

RHSA-2026:26187 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: python3.11 security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for python3.11 is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.

Security Fix(es):

  • python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules (CVE-2026-6100)
  • python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API (CVE-2026-4786)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Life Cycle Long Life 8.8 x86_64
  • Red Hat Enterprise Linux Server - TUS 8.8 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8 x86_64

Fixes

  • BZ - 2457932 - CVE-2026-6100 python: Python: Arbitrary code execution or information disclosure via use-after-free in decompression modules
  • BZ - 2458049 - CVE-2026-4786 python: cpython: Python: Arbitrary code execution via command injection in webbrowser.open() API

CVEs

  • CVE-2026-4786
  • CVE-2026-6100

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 - Extended Life Cycle Long Life 8.8

SRPM
python3.11-3.11.2-2.el8_8.10.src.rpm SHA-256: 25377f31593e5278406757d85b1d904bb7a6e49434b59be798d9430458bc4de9
x86_64
python3.11-3.11.2-2.el8_8.10.x86_64.rpm SHA-256: 55c29c5e8da900459042ba9b0e5bae1269cc03bd954726dbc961c5b965dfbebc
python3.11-debuginfo-3.11.2-2.el8_8.10.i686.rpm SHA-256: b6b8f0ddefa3912b0decf7b17807b3e665c6aafecfb231d29daddffa69926650
python3.11-debuginfo-3.11.2-2.el8_8.10.x86_64.rpm SHA-256: b65168b89caf9e45f6ad60b4f5b3e1abb8e81427db869bd7ddaa6b383069b558
python3.11-debugsource-3.11.2-2.el8_8.10.i686.rpm SHA-256: 1182d912ff2eb7671ef9b421d435cad32f5d722586172f9f21f718274858bffa
python3.11-debugsource-3.11.2-2.el8_8.10.x86_64.rpm SHA-256: 4c6336af195eba9d96589f6787a1e3e663e048dcca8cb62d2910aed6ab44cd28
python3.11-devel-3.11.2-2.el8_8.10.i686.rpm SHA-256: 000855836cac14251f1c7c161f71853afe1ffef1cf9cab62e1ef6f66f12d7392
python3.11-devel-3.11.2-2.el8_8.10.x86_64.rpm SHA-256: 1f6400c5f129eb1e9ed0898ed3efdddb0bb40521d2e523f0df766dc8b2c5afcd
python3.11-libs-3.11.2-2.el8_8.10.i686.rpm SHA-256: bb6b690814eed2dd1b93898bbfa541fc457b53fe8d6fe0b5de186df37ef450e4
python3.11-libs-3.11.2-2.el8_8.10.x86_64.rpm SHA-256: 3bfbf723f22d56126b1fffc00ad26c0b5abb033894d75d1223cd4466887874c1
python3.11-rpm-macros-3.11.2-2.el8_8.10.noarch.rpm SHA-256: 06e7f3ffeb250c43bfdccef9e1f0838962a234ada34610d14e995d75b4997d7c
python3.11-tkinter-3.11.2-2.el8_8.10.x86_64.rpm SHA-256: 291866b0809442316e1c134d29ab6a511ced7e900cdf664209a8a58848c27939

Red Hat Enterprise Linux Server - TUS 8.8

SRPM
python3.11-3.11.2-2.el8_8.10.src.rpm SHA-256: 25377f31593e5278406757d85b1d904bb7a6e49434b59be798d9430458bc4de9
x86_64
python3.11-3.11.2-2.el8_8.10.x86_64.rpm SHA-256: 55c29c5e8da900459042ba9b0e5bae1269cc03bd954726dbc961c5b965dfbebc
python3.11-debuginfo-3.11.2-2.el8_8.10.i686.rpm SHA-256: b6b8f0ddefa3912b0decf7b17807b3e665c6aafecfb231d29daddffa69926650
python3.11-debuginfo-3.11.2-2.el8_8.10.x86_64.rpm SHA-256: b65168b89caf9e45f6ad60b4f5b3e1abb8e81427db869bd7ddaa6b383069b558
python3.11-debugsource-3.11.2-2.el8_8.10.i686.rpm SHA-256: 1182d912ff2eb7671ef9b421d435cad32f5d722586172f9f21f718274858bffa
python3.11-debugsource-3.11.2-2.el8_8.10.x86_64.rpm SHA-256: 4c6336af195eba9d96589f6787a1e3e663e048dcca8cb62d2910aed6ab44cd28
python3.11-devel-3.11.2-2.el8_8.10.i686.rpm SHA-256: 000855836cac14251f1c7c161f71853afe1ffef1cf9cab62e1ef6f66f12d7392
python3.11-devel-3.11.2-2.el8_8.10.x86_64.rpm SHA-256: 1f6400c5f129eb1e9ed0898ed3efdddb0bb40521d2e523f0df766dc8b2c5afcd
python3.11-libs-3.11.2-2.el8_8.10.i686.rpm SHA-256: bb6b690814eed2dd1b93898bbfa541fc457b53fe8d6fe0b5de186df37ef450e4
python3.11-libs-3.11.2-2.el8_8.10.x86_64.rpm SHA-256: 3bfbf723f22d56126b1fffc00ad26c0b5abb033894d75d1223cd4466887874c1
python3.11-rpm-macros-3.11.2-2.el8_8.10.noarch.rpm SHA-256: 06e7f3ffeb250c43bfdccef9e1f0838962a234ada34610d14e995d75b4997d7c
python3.11-tkinter-3.11.2-2.el8_8.10.x86_64.rpm SHA-256: 291866b0809442316e1c134d29ab6a511ced7e900cdf664209a8a58848c27939

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.8

SRPM
python3.11-3.11.2-2.el8_8.10.src.rpm SHA-256: 25377f31593e5278406757d85b1d904bb7a6e49434b59be798d9430458bc4de9
ppc64le
python3.11-3.11.2-2.el8_8.10.ppc64le.rpm SHA-256: b2f2257a8fcd33dbf0d82aeecb13c5549a3d855c148d4166879b3fc35b14ae38
python3.11-debuginfo-3.11.2-2.el8_8.10.ppc64le.rpm SHA-256: 1f8caa7c8df0522217320cd0d56bb8757b402f4f2c69bbc17cdb15c9f0eb281c
python3.11-debugsource-3.11.2-2.el8_8.10.ppc64le.rpm SHA-256: 2cef39e95677ad0327b60c346a2b647759c58710cb80569550d5a7204174c51d
python3.11-devel-3.11.2-2.el8_8.10.ppc64le.rpm SHA-256: 79c6816f3c6f172f04685c7374501604e47de1386f11af3a28003bcc58c5bd14
python3.11-libs-3.11.2-2.el8_8.10.ppc64le.rpm SHA-256: 823992b7f1109dd6c92139153c934c4f2f0a3bf0766b1bd63a5075515e08d862
python3.11-rpm-macros-3.11.2-2.el8_8.10.noarch.rpm SHA-256: 06e7f3ffeb250c43bfdccef9e1f0838962a234ada34610d14e995d75b4997d7c
python3.11-tkinter-3.11.2-2.el8_8.10.ppc64le.rpm SHA-256: 9de601196eb163a4441d4a087b9fae1912a6532908f8da509bc3d2f2e4e01e40

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.8

SRPM
python3.11-3.11.2-2.el8_8.10.src.rpm SHA-256: 25377f31593e5278406757d85b1d904bb7a6e49434b59be798d9430458bc4de9
x86_64
python3.11-3.11.2-2.el8_8.10.x86_64.rpm SHA-256: 55c29c5e8da900459042ba9b0e5bae1269cc03bd954726dbc961c5b965dfbebc
python3.11-debuginfo-3.11.2-2.el8_8.10.i686.rpm SHA-256: b6b8f0ddefa3912b0decf7b17807b3e665c6aafecfb231d29daddffa69926650
python3.11-debuginfo-3.11.2-2.el8_8.10.x86_64.rpm SHA-256: b65168b89caf9e45f6ad60b4f5b3e1abb8e81427db869bd7ddaa6b383069b558
python3.11-debugsource-3.11.2-2.el8_8.10.i686.rpm SHA-256: 1182d912ff2eb7671ef9b421d435cad32f5d722586172f9f21f718274858bffa
python3.11-debugsource-3.11.2-2.el8_8.10.x86_64.rpm SHA-256: 4c6336af195eba9d96589f6787a1e3e663e048dcca8cb62d2910aed6ab44cd28
python3.11-devel-3.11.2-2.el8_8.10.i686.rpm SHA-256: 000855836cac14251f1c7c161f71853afe1ffef1cf9cab62e1ef6f66f12d7392
python3.11-devel-3.11.2-2.el8_8.10.x86_64.rpm SHA-256: 1f6400c5f129eb1e9ed0898ed3efdddb0bb40521d2e523f0df766dc8b2c5afcd
python3.11-libs-3.11.2-2.el8_8.10.i686.rpm SHA-256: bb6b690814eed2dd1b93898bbfa541fc457b53fe8d6fe0b5de186df37ef450e4
python3.11-libs-3.11.2-2.el8_8.10.x86_64.rpm SHA-256: 3bfbf723f22d56126b1fffc00ad26c0b5abb033894d75d1223cd4466887874c1
python3.11-rpm-macros-3.11.2-2.el8_8.10.noarch.rpm SHA-256: 06e7f3ffeb250c43bfdccef9e1f0838962a234ada34610d14e995d75b4997d7c
python3.11-tkinter-3.11.2-2.el8_8.10.x86_64.rpm SHA-256: 291866b0809442316e1c134d29ab6a511ced7e900cdf664209a8a58848c27939

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2026 Red Hat

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility