红帽产品勘误 RHSA-2026:4463 - Security Advisory
发布:
2026-03-12
已更新:
2026-03-12

RHSA-2026:4463 - Security Advisory

概述

Moderate: python3.12 security update

类型/严重性

Security Advisory: Moderate

Red Hat Insights 补丁分析

识别并修复受此公告影响的系统。

查看受影响的系统

标题

An update for python3.12 is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

描述

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.

Security Fix(es):

  • cpython: wsgiref.headers.Headers allows header newline injection in Python (CVE-2026-0865)
  • cpython: IMAP command injection in user-controlled commands (CVE-2025-15366)
  • cpython: POP3 command injection in user-controlled commands (CVE-2025-15367)
  • cpython: email header injection due to unquoted newlines (CVE-2026-1299)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

解决方案

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

受影响的产品

  • Red Hat Enterprise Linux for x86_64 8 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 8 s390x
  • Red Hat Enterprise Linux for Power, little endian 8 ppc64le
  • Red Hat Enterprise Linux for ARM 64 8 aarch64
  • Red Hat CodeReady Linux Builder for x86_64 8 x86_64
  • Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
  • Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
  • Red Hat CodeReady Linux Builder for IBM z Systems 8 s390x
  • Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 8.10 x86_64
  • Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 8.10 aarch64
  • Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 8.10 ppc64le
  • Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 8.10 s390x

修复

  • BZ - 2431367 - CVE-2026-0865 cpython: wsgiref.headers.Headers allows header newline injection in Python
  • BZ - 2431368 - CVE-2025-15366 cpython: IMAP command injection in user-controlled commands
  • BZ - 2431373 - CVE-2025-15367 cpython: POP3 command injection in user-controlled commands
  • BZ - 2432437 - CVE-2026-1299 cpython: email header injection due to unquoted newlines

Red Hat Enterprise Linux for x86_64 8

SRPM
python3.12-3.12.12-3.el8_10.src.rpm SHA-256: b9b5d0db667ac952e1261f8409cb13828f1c1945549159f26f200732b5d50fad
x86_64
python3.12-3.12.12-3.el8_10.x86_64.rpm SHA-256: 5d2ffff6190781b9455eb314c912096143fc824f7666d742eb868bfc341077a0
python3.12-debuginfo-3.12.12-3.el8_10.i686.rpm SHA-256: 5f8f9328e737ea2d7c67f82aa76f58bc2b00dc26ce9c7de2607105db9a2ee3be
python3.12-debuginfo-3.12.12-3.el8_10.x86_64.rpm SHA-256: e0da945648ad6bc18963d9d862fd3b98386250e65317b5659ab3fae70667512d
python3.12-debugsource-3.12.12-3.el8_10.i686.rpm SHA-256: 1d230369882aaa1927c5a7099d2848729b67654fb6e655f39ec49bfd4e007009
python3.12-debugsource-3.12.12-3.el8_10.x86_64.rpm SHA-256: ce52fa6ec6cb2b3dec40d2bcfad3c8c08ce4fb0d9e25f165759004f1e2cbf02a
python3.12-devel-3.12.12-3.el8_10.i686.rpm SHA-256: 267406be532b4d0c0634b60155f9a07833d712f9f93044c581a1a77f0c9656ba
python3.12-devel-3.12.12-3.el8_10.x86_64.rpm SHA-256: ef21400c97a35124f89018ee867b55de3d75f0f8c2b2398ea18778a0c7850592
python3.12-libs-3.12.12-3.el8_10.i686.rpm SHA-256: 38821bfcafbf45e8456db45f453855d79b2f72e016d886c5503081dc6e3c0f80
python3.12-libs-3.12.12-3.el8_10.x86_64.rpm SHA-256: 5239e7b6e98bf5b11b6355fdbc175bf46b639c7f792a70da8154db8881af1b03
python3.12-rpm-macros-3.12.12-3.el8_10.noarch.rpm SHA-256: b139a9a1744dd460972e8caf99ee563c5a52bd4ec481d85e45688c4c1b974eef
python3.12-tkinter-3.12.12-3.el8_10.x86_64.rpm SHA-256: 333758b5a75facd86746d02758de60382e46fff0a39f3b893977ea46b3ba92e2

Red Hat Enterprise Linux for IBM z Systems 8

SRPM
python3.12-3.12.12-3.el8_10.src.rpm SHA-256: b9b5d0db667ac952e1261f8409cb13828f1c1945549159f26f200732b5d50fad
s390x
python3.12-3.12.12-3.el8_10.s390x.rpm SHA-256: b5c49b955ab1759726d36356a22bf50491c241352fb863b3fc9805c846e74aff
python3.12-debuginfo-3.12.12-3.el8_10.s390x.rpm SHA-256: fb259108a54e2bdf165982e9a53be6487a246b7d733ba289ad3113ab6ac0e2b0
python3.12-debugsource-3.12.12-3.el8_10.s390x.rpm SHA-256: 1a3e2fffe6104543ecc63fcc38f981f5b61257ee5a6414bea03d91d7b3696d1e
python3.12-devel-3.12.12-3.el8_10.s390x.rpm SHA-256: c24914526042c89fe270146b784ced102787f2e3ffa0b38368f04927130bd4b5
python3.12-libs-3.12.12-3.el8_10.s390x.rpm SHA-256: 90a651b78586c77ca94c27bfdde72db06d89ae4d3357089c598813f854af653e
python3.12-rpm-macros-3.12.12-3.el8_10.noarch.rpm SHA-256: b139a9a1744dd460972e8caf99ee563c5a52bd4ec481d85e45688c4c1b974eef
python3.12-tkinter-3.12.12-3.el8_10.s390x.rpm SHA-256: feaa97b06d5006eb2293f33d8bd391ac49715d0a7c5defb53e0400d6c2894461

Red Hat Enterprise Linux for Power, little endian 8

SRPM
python3.12-3.12.12-3.el8_10.src.rpm SHA-256: b9b5d0db667ac952e1261f8409cb13828f1c1945549159f26f200732b5d50fad
ppc64le
python3.12-3.12.12-3.el8_10.ppc64le.rpm SHA-256: 09bf019c344df5811bbc0357bba3f917448cbf5fc870c3e81d1c9e960dcf222a
python3.12-debuginfo-3.12.12-3.el8_10.ppc64le.rpm SHA-256: 5328b4e55bcba48234856d92f4a0eaedeb656432a37824629d58192a4ec4a933
python3.12-debugsource-3.12.12-3.el8_10.ppc64le.rpm SHA-256: 685f49693d986d1fa5a095a6a69676117588665c389a8879570da861746d1cae
python3.12-devel-3.12.12-3.el8_10.ppc64le.rpm SHA-256: 67c5f800295099d08251cf286f3b8f72c56ab9e3574586f7b629383390976882
python3.12-libs-3.12.12-3.el8_10.ppc64le.rpm SHA-256: 77109cce7fe540fe6e9646e982436ec2eba735d4308f9b8f5e147b2442035d98
python3.12-rpm-macros-3.12.12-3.el8_10.noarch.rpm SHA-256: b139a9a1744dd460972e8caf99ee563c5a52bd4ec481d85e45688c4c1b974eef
python3.12-tkinter-3.12.12-3.el8_10.ppc64le.rpm SHA-256: 6244533a7a6fd1f4bcc448d33bccb3c4cf54f953955221d137d27492a0dbfcd6

Red Hat Enterprise Linux for ARM 64 8

SRPM
python3.12-3.12.12-3.el8_10.src.rpm SHA-256: b9b5d0db667ac952e1261f8409cb13828f1c1945549159f26f200732b5d50fad
aarch64
python3.12-3.12.12-3.el8_10.aarch64.rpm SHA-256: 15a8c928360511b7207b08b030b31e47634730b9cd31855d5fef84d447c2c82c
python3.12-debuginfo-3.12.12-3.el8_10.aarch64.rpm SHA-256: 12d9325a5ddc74ff18335450d471aac059ae7031b8e1a1d0ab4faf712ddccd5d
python3.12-debugsource-3.12.12-3.el8_10.aarch64.rpm SHA-256: c8c01662910bc63d023d99b429ff4fefcf0be0ec4a5dd8037f70624e2caced1c
python3.12-devel-3.12.12-3.el8_10.aarch64.rpm SHA-256: 78f428f6e87235c97db5dd515b3d77aec8bf94551cf0274ed3d9f6f83c0c9cbb
python3.12-libs-3.12.12-3.el8_10.aarch64.rpm SHA-256: ce776ead5e9333a95850b978f20f07435b56fac652704a1beb2807640cb03d1d
python3.12-rpm-macros-3.12.12-3.el8_10.noarch.rpm SHA-256: b139a9a1744dd460972e8caf99ee563c5a52bd4ec481d85e45688c4c1b974eef
python3.12-tkinter-3.12.12-3.el8_10.aarch64.rpm SHA-256: 2269b68df3ebaa36ac490a323386e751ea23677e743d2d91d5769e6becb1f74f

Red Hat CodeReady Linux Builder for x86_64 8

SRPM
x86_64
python3.12-3.12.12-3.el8_10.i686.rpm SHA-256: bad06cface50c6e56dc00645cf13313131d7e5279b5602d5b2c6babc4c04bc58
python3.12-debug-3.12.12-3.el8_10.i686.rpm SHA-256: f8fc9cdde32dc2fd374aa158e79f50ab219a3001c34a4afd4fc0bb8c7fb88ee8
python3.12-debug-3.12.12-3.el8_10.x86_64.rpm SHA-256: a2d73c174853057992281eabf0b2401f073561901bd03e659b8d6e4caca0b7d0
python3.12-debuginfo-3.12.12-3.el8_10.i686.rpm SHA-256: 5f8f9328e737ea2d7c67f82aa76f58bc2b00dc26ce9c7de2607105db9a2ee3be
python3.12-debuginfo-3.12.12-3.el8_10.x86_64.rpm SHA-256: e0da945648ad6bc18963d9d862fd3b98386250e65317b5659ab3fae70667512d
python3.12-debugsource-3.12.12-3.el8_10.i686.rpm SHA-256: 1d230369882aaa1927c5a7099d2848729b67654fb6e655f39ec49bfd4e007009
python3.12-debugsource-3.12.12-3.el8_10.x86_64.rpm SHA-256: ce52fa6ec6cb2b3dec40d2bcfad3c8c08ce4fb0d9e25f165759004f1e2cbf02a
python3.12-idle-3.12.12-3.el8_10.i686.rpm SHA-256: ca1b17a05d0a11ee804bd34f8845b157927961dfcf7dca655994218ed48c11a1
python3.12-idle-3.12.12-3.el8_10.x86_64.rpm SHA-256: 39a8daae2a0ee35362d950c7f902aa3cf1d3f4eac7dfd209fbacf4234e6ea77e
python3.12-test-3.12.12-3.el8_10.i686.rpm SHA-256: 14c231dec2110f85aa5087abe451eb88e86e9ef187bc1fa3c6b2447be01bcc6e
python3.12-test-3.12.12-3.el8_10.x86_64.rpm SHA-256: 8341f61fa4f46316d4a506f7091bd2c02f27b28bc9a1711f655c1b37e7057241
python3.12-tkinter-3.12.12-3.el8_10.i686.rpm SHA-256: 8da7e361bb0ca1171f3b642f483dc7dd024bb3beb86cb5a0f646f639f39552bc

Red Hat CodeReady Linux Builder for Power, little endian 8

SRPM
ppc64le
python3.12-debug-3.12.12-3.el8_10.ppc64le.rpm SHA-256: 7ea175d9893c7530129159c5fb663bede9b34d569a18cdaeb50d4e0e5bef1c12
python3.12-debuginfo-3.12.12-3.el8_10.ppc64le.rpm SHA-256: 5328b4e55bcba48234856d92f4a0eaedeb656432a37824629d58192a4ec4a933
python3.12-debugsource-3.12.12-3.el8_10.ppc64le.rpm SHA-256: 685f49693d986d1fa5a095a6a69676117588665c389a8879570da861746d1cae
python3.12-idle-3.12.12-3.el8_10.ppc64le.rpm SHA-256: 332de80a80c9d8dc948d2f43a3df78c3c4d6a7a3916b72092e3fe5abcaa7dbd5
python3.12-test-3.12.12-3.el8_10.ppc64le.rpm SHA-256: 09183129e74d122c60e51ec42087067c6994ac458663b73152b1d28337a84081

Red Hat CodeReady Linux Builder for ARM 64 8

SRPM
aarch64
python3.12-debug-3.12.12-3.el8_10.aarch64.rpm SHA-256: 11a394335865fcd96008936146f542efbe7a28c9ec16271b0b399962b4100f94
python3.12-debuginfo-3.12.12-3.el8_10.aarch64.rpm SHA-256: 12d9325a5ddc74ff18335450d471aac059ae7031b8e1a1d0ab4faf712ddccd5d
python3.12-debugsource-3.12.12-3.el8_10.aarch64.rpm SHA-256: c8c01662910bc63d023d99b429ff4fefcf0be0ec4a5dd8037f70624e2caced1c
python3.12-idle-3.12.12-3.el8_10.aarch64.rpm SHA-256: d46788e210e8a90f1ede977d137f3de7ebbd86f1e20ab3fb85ae7aa5f95bc911
python3.12-test-3.12.12-3.el8_10.aarch64.rpm SHA-256: 2935f0e6d21af44bc0c620819dd89ec711e770232e8ec02c0864c9cab3b59279

Red Hat CodeReady Linux Builder for IBM z Systems 8

SRPM
s390x
python3.12-debug-3.12.12-3.el8_10.s390x.rpm SHA-256: 5bc8cb94715d65c41d07b83c05431573f1753439dcfb79bcb9f580225928a7b7
python3.12-debuginfo-3.12.12-3.el8_10.s390x.rpm SHA-256: fb259108a54e2bdf165982e9a53be6487a246b7d733ba289ad3113ab6ac0e2b0
python3.12-debugsource-3.12.12-3.el8_10.s390x.rpm SHA-256: 1a3e2fffe6104543ecc63fcc38f981f5b61257ee5a6414bea03d91d7b3696d1e
python3.12-idle-3.12.12-3.el8_10.s390x.rpm SHA-256: 304150d888ca232b5a12a0f485cb7333f616d8f2e573505b16eab24b01d8c692
python3.12-test-3.12.12-3.el8_10.s390x.rpm SHA-256: 96a298cfba015a9fbeaf447c0be27d2874df9045b3497d3cae083eae10f04944

Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 8.10

SRPM
python3.12-3.12.12-3.el8_10.src.rpm SHA-256: b9b5d0db667ac952e1261f8409cb13828f1c1945549159f26f200732b5d50fad
x86_64
python3.12-3.12.12-3.el8_10.x86_64.rpm SHA-256: 5d2ffff6190781b9455eb314c912096143fc824f7666d742eb868bfc341077a0
python3.12-debuginfo-3.12.12-3.el8_10.i686.rpm SHA-256: 5f8f9328e737ea2d7c67f82aa76f58bc2b00dc26ce9c7de2607105db9a2ee3be
python3.12-debuginfo-3.12.12-3.el8_10.x86_64.rpm SHA-256: e0da945648ad6bc18963d9d862fd3b98386250e65317b5659ab3fae70667512d
python3.12-debugsource-3.12.12-3.el8_10.i686.rpm SHA-256: 1d230369882aaa1927c5a7099d2848729b67654fb6e655f39ec49bfd4e007009
python3.12-debugsource-3.12.12-3.el8_10.x86_64.rpm SHA-256: ce52fa6ec6cb2b3dec40d2bcfad3c8c08ce4fb0d9e25f165759004f1e2cbf02a
python3.12-devel-3.12.12-3.el8_10.i686.rpm SHA-256: 267406be532b4d0c0634b60155f9a07833d712f9f93044c581a1a77f0c9656ba
python3.12-devel-3.12.12-3.el8_10.x86_64.rpm SHA-256: ef21400c97a35124f89018ee867b55de3d75f0f8c2b2398ea18778a0c7850592
python3.12-libs-3.12.12-3.el8_10.i686.rpm SHA-256: 38821bfcafbf45e8456db45f453855d79b2f72e016d886c5503081dc6e3c0f80
python3.12-libs-3.12.12-3.el8_10.x86_64.rpm SHA-256: 5239e7b6e98bf5b11b6355fdbc175bf46b639c7f792a70da8154db8881af1b03
python3.12-rpm-macros-3.12.12-3.el8_10.noarch.rpm SHA-256: b139a9a1744dd460972e8caf99ee563c5a52bd4ec481d85e45688c4c1b974eef
python3.12-tkinter-3.12.12-3.el8_10.x86_64.rpm SHA-256: 333758b5a75facd86746d02758de60382e46fff0a39f3b893977ea46b3ba92e2

Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 8.10

SRPM
python3.12-3.12.12-3.el8_10.src.rpm SHA-256: b9b5d0db667ac952e1261f8409cb13828f1c1945549159f26f200732b5d50fad
aarch64
python3.12-3.12.12-3.el8_10.aarch64.rpm SHA-256: 15a8c928360511b7207b08b030b31e47634730b9cd31855d5fef84d447c2c82c
python3.12-debuginfo-3.12.12-3.el8_10.aarch64.rpm SHA-256: 12d9325a5ddc74ff18335450d471aac059ae7031b8e1a1d0ab4faf712ddccd5d
python3.12-debugsource-3.12.12-3.el8_10.aarch64.rpm SHA-256: c8c01662910bc63d023d99b429ff4fefcf0be0ec4a5dd8037f70624e2caced1c
python3.12-devel-3.12.12-3.el8_10.aarch64.rpm SHA-256: 78f428f6e87235c97db5dd515b3d77aec8bf94551cf0274ed3d9f6f83c0c9cbb
python3.12-libs-3.12.12-3.el8_10.aarch64.rpm SHA-256: ce776ead5e9333a95850b978f20f07435b56fac652704a1beb2807640cb03d1d
python3.12-rpm-macros-3.12.12-3.el8_10.noarch.rpm SHA-256: b139a9a1744dd460972e8caf99ee563c5a52bd4ec481d85e45688c4c1b974eef
python3.12-tkinter-3.12.12-3.el8_10.aarch64.rpm SHA-256: 2269b68df3ebaa36ac490a323386e751ea23677e743d2d91d5769e6becb1f74f

Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 8.10

SRPM
python3.12-3.12.12-3.el8_10.src.rpm SHA-256: b9b5d0db667ac952e1261f8409cb13828f1c1945549159f26f200732b5d50fad
ppc64le
python3.12-3.12.12-3.el8_10.ppc64le.rpm SHA-256: 09bf019c344df5811bbc0357bba3f917448cbf5fc870c3e81d1c9e960dcf222a
python3.12-debuginfo-3.12.12-3.el8_10.ppc64le.rpm SHA-256: 5328b4e55bcba48234856d92f4a0eaedeb656432a37824629d58192a4ec4a933
python3.12-debugsource-3.12.12-3.el8_10.ppc64le.rpm SHA-256: 685f49693d986d1fa5a095a6a69676117588665c389a8879570da861746d1cae
python3.12-devel-3.12.12-3.el8_10.ppc64le.rpm SHA-256: 67c5f800295099d08251cf286f3b8f72c56ab9e3574586f7b629383390976882
python3.12-libs-3.12.12-3.el8_10.ppc64le.rpm SHA-256: 77109cce7fe540fe6e9646e982436ec2eba735d4308f9b8f5e147b2442035d98
python3.12-rpm-macros-3.12.12-3.el8_10.noarch.rpm SHA-256: b139a9a1744dd460972e8caf99ee563c5a52bd4ec481d85e45688c4c1b974eef
python3.12-tkinter-3.12.12-3.el8_10.ppc64le.rpm SHA-256: 6244533a7a6fd1f4bcc448d33bccb3c4cf54f953955221d137d27492a0dbfcd6

Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 8.10

SRPM
python3.12-3.12.12-3.el8_10.src.rpm SHA-256: b9b5d0db667ac952e1261f8409cb13828f1c1945549159f26f200732b5d50fad
s390x
python3.12-3.12.12-3.el8_10.s390x.rpm SHA-256: b5c49b955ab1759726d36356a22bf50491c241352fb863b3fc9805c846e74aff
python3.12-debuginfo-3.12.12-3.el8_10.s390x.rpm SHA-256: fb259108a54e2bdf165982e9a53be6487a246b7d733ba289ad3113ab6ac0e2b0
python3.12-debugsource-3.12.12-3.el8_10.s390x.rpm SHA-256: 1a3e2fffe6104543ecc63fcc38f981f5b61257ee5a6414bea03d91d7b3696d1e
python3.12-devel-3.12.12-3.el8_10.s390x.rpm SHA-256: c24914526042c89fe270146b784ced102787f2e3ffa0b38368f04927130bd4b5
python3.12-libs-3.12.12-3.el8_10.s390x.rpm SHA-256: 90a651b78586c77ca94c27bfdde72db06d89ae4d3357089c598813f854af653e
python3.12-rpm-macros-3.12.12-3.el8_10.noarch.rpm SHA-256: b139a9a1744dd460972e8caf99ee563c5a52bd4ec481d85e45688c4c1b974eef
python3.12-tkinter-3.12.12-3.el8_10.s390x.rpm SHA-256: feaa97b06d5006eb2293f33d8bd391ac49715d0a7c5defb53e0400d6c2894461

Red Hat 安全团队联络方式为 secalert@redhat.com。 更多联络细节请参考 https://access.redhat.com/security/team/contact/