Issued:: 2026-03-17
Updated:: 2026-03-17

RHSA-2026:4713 - Security Advisory

Overview
Updated Packages

Synopsis

Moderate: python3.12 security update

Type/Severity

Security Advisory: Moderate

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for python3.12 is now available for Red Hat Enterprise Linux 10.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.

Security Fix(es):

cpython: wsgiref.headers.Headers allows header newline injection in Python (CVE-2026-0865)
cpython: IMAP command injection in user-controlled commands (CVE-2025-15366)
cpython: POP3 command injection in user-controlled commands (CVE-2025-15367)
cpython: email header injection due to unquoted newlines (CVE-2026-1299)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux for x86_64 10 x86_64
Red Hat Enterprise Linux for IBM z Systems 10 s390x
Red Hat Enterprise Linux for Power, little endian 10 ppc64le
Red Hat Enterprise Linux for ARM 64 10 aarch64
Red Hat CodeReady Linux Builder for x86_64 10 x86_64
Red Hat CodeReady Linux Builder for Power, little endian 10 ppc64le
Red Hat CodeReady Linux Builder for ARM 64 10 aarch64
Red Hat CodeReady Linux Builder for IBM z Systems 10 s390x

Fixes

BZ - 2431367 - CVE-2026-0865 cpython: wsgiref.headers.Headers allows header newline injection in Python
BZ - 2431368 - CVE-2025-15366 cpython: IMAP command injection in user-controlled commands
BZ - 2431373 - CVE-2025-15367 cpython: POP3 command injection in user-controlled commands
BZ - 2432437 - CVE-2026-1299 cpython: email header injection due to unquoted newlines

CVEs

References

https://access.redhat.com/security/updates/classification/#moderate

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 10

SRPM
python3.12-3.12.12-3.el10_1.1.src.rpm	SHA-256: 338a819b5cf0df0e7fb0bcf9708d1878b1ff3d92e3656580e60a79c77e40fb17
x86_64
python-unversioned-command-3.12.12-3.el10_1.1.noarch.rpm	SHA-256: d4966378592a974ff00183a587e62d602815e83b2aae7d1236cd7c64787312d6
python3-3.12.12-3.el10_1.1.x86_64.rpm	SHA-256: fb49f95c608aca94a83ea56de659568bd6098a6c41221edf4e321f8eedd9f6fc
python3-devel-3.12.12-3.el10_1.1.x86_64.rpm	SHA-256: 3acaba510ea80d66e6e244a50b568a48bb18ea72cfc5ac8cc5793867e46d6c5e
python3-libs-3.12.12-3.el10_1.1.x86_64.rpm	SHA-256: 73c7e3aca0a7049bc0be16b19a8bb7662661c75ffa1485b0301495ca630a4d35
python3-tkinter-3.12.12-3.el10_1.1.x86_64.rpm	SHA-256: d377e07511b78dead65a9d8859c5f83ecb272073ee742f9749e4f682dc71ea9d
python3.12-debuginfo-3.12.12-3.el10_1.1.x86_64.rpm	SHA-256: 29ec7584d220a0c49549ee1453b1185f463c35064a8f2605e5381feb97f03d23
python3.12-debuginfo-3.12.12-3.el10_1.1.x86_64.rpm	SHA-256: 29ec7584d220a0c49549ee1453b1185f463c35064a8f2605e5381feb97f03d23
python3.12-debugsource-3.12.12-3.el10_1.1.x86_64.rpm	SHA-256: 9d408e399c20957b9be0a1e9c36c7c1c5d65e785e59944ec8637b434f5c0063e
python3.12-debugsource-3.12.12-3.el10_1.1.x86_64.rpm	SHA-256: 9d408e399c20957b9be0a1e9c36c7c1c5d65e785e59944ec8637b434f5c0063e

Red Hat Enterprise Linux for IBM z Systems 10

SRPM
python3.12-3.12.12-3.el10_1.1.src.rpm	SHA-256: 338a819b5cf0df0e7fb0bcf9708d1878b1ff3d92e3656580e60a79c77e40fb17
s390x
python-unversioned-command-3.12.12-3.el10_1.1.noarch.rpm	SHA-256: d4966378592a974ff00183a587e62d602815e83b2aae7d1236cd7c64787312d6
python3-3.12.12-3.el10_1.1.s390x.rpm	SHA-256: 4a62d628ea59876114ee01033559369a464436fe4bc2943af5df22fd8f790cd8
python3-devel-3.12.12-3.el10_1.1.s390x.rpm	SHA-256: 685bd7b2bcd00c9d290e9920b61a7672dfc6e28558a45ca04e9bc3fe5a5e7c9a
python3-libs-3.12.12-3.el10_1.1.s390x.rpm	SHA-256: 217e0f3348d09308ae3090d7d089105c24206f23200c45a0e00cc9e4f7e6efc8
python3-tkinter-3.12.12-3.el10_1.1.s390x.rpm	SHA-256: 98f1aabb820e53d571dfb6e9630659be2a5b4aa914f8aac28a71514ff77d3075
python3.12-debuginfo-3.12.12-3.el10_1.1.s390x.rpm	SHA-256: 5b258990a08cd260bb98cd617c9c406bba1b9a4a59067c0951f46251e204e3d6
python3.12-debuginfo-3.12.12-3.el10_1.1.s390x.rpm	SHA-256: 5b258990a08cd260bb98cd617c9c406bba1b9a4a59067c0951f46251e204e3d6
python3.12-debugsource-3.12.12-3.el10_1.1.s390x.rpm	SHA-256: 33d5d6b3c9b27fd89cb5c53292dfbad0b70fdbc5a6fad8f27585fd02e12c3c57
python3.12-debugsource-3.12.12-3.el10_1.1.s390x.rpm	SHA-256: 33d5d6b3c9b27fd89cb5c53292dfbad0b70fdbc5a6fad8f27585fd02e12c3c57

Red Hat Enterprise Linux for Power, little endian 10

SRPM
python3.12-3.12.12-3.el10_1.1.src.rpm	SHA-256: 338a819b5cf0df0e7fb0bcf9708d1878b1ff3d92e3656580e60a79c77e40fb17
ppc64le
python-unversioned-command-3.12.12-3.el10_1.1.noarch.rpm	SHA-256: d4966378592a974ff00183a587e62d602815e83b2aae7d1236cd7c64787312d6
python3-3.12.12-3.el10_1.1.ppc64le.rpm	SHA-256: 34f8fb754e27c54710c9fa6b7ace5c561f991d5cf9dba5aef88a1603b1a7d77e
python3-devel-3.12.12-3.el10_1.1.ppc64le.rpm	SHA-256: 32f8da8f61e855a9c9c0806f2fc0ca5c840184414fc72883047684e4e381117a
python3-libs-3.12.12-3.el10_1.1.ppc64le.rpm	SHA-256: a17d35f48a4f199c1a2922284ff3ff238554141ab763a1037a4a92fefddfd77e
python3-tkinter-3.12.12-3.el10_1.1.ppc64le.rpm	SHA-256: e3448a8de8c9fa0cb257827c98dbd36a35c824ddd8e190553e3ce27ac886897f
python3.12-debuginfo-3.12.12-3.el10_1.1.ppc64le.rpm	SHA-256: 6bae7abe3489470309e34499b8230e8460ceee425d2e56a06dafd044b196e9e1
python3.12-debuginfo-3.12.12-3.el10_1.1.ppc64le.rpm	SHA-256: 6bae7abe3489470309e34499b8230e8460ceee425d2e56a06dafd044b196e9e1
python3.12-debugsource-3.12.12-3.el10_1.1.ppc64le.rpm	SHA-256: b436993cf949bc6616fdf6da67688ef2b7b5c2e7286dfb3db5f9b398d44249cb
python3.12-debugsource-3.12.12-3.el10_1.1.ppc64le.rpm	SHA-256: b436993cf949bc6616fdf6da67688ef2b7b5c2e7286dfb3db5f9b398d44249cb

Red Hat Enterprise Linux for ARM 64 10

SRPM
python3.12-3.12.12-3.el10_1.1.src.rpm	SHA-256: 338a819b5cf0df0e7fb0bcf9708d1878b1ff3d92e3656580e60a79c77e40fb17
aarch64
python-unversioned-command-3.12.12-3.el10_1.1.noarch.rpm	SHA-256: d4966378592a974ff00183a587e62d602815e83b2aae7d1236cd7c64787312d6
python3-3.12.12-3.el10_1.1.aarch64.rpm	SHA-256: 82482ef9177ff0e51940d5cbda6ce9ff0e44ab7456a04c8266d833a59702a70a
python3-devel-3.12.12-3.el10_1.1.aarch64.rpm	SHA-256: c1d826405bfe4d8389334c07faf2f90cf871fdc519778749832a37f81e0d2e52
python3-libs-3.12.12-3.el10_1.1.aarch64.rpm	SHA-256: bfd81db7837ae49b5756f2cbe30c2fd93419fc64ccd616f06346be1ffead423c
python3-tkinter-3.12.12-3.el10_1.1.aarch64.rpm	SHA-256: e882debeaf93962f47dc833708c330703378fa98e91295495c104b3da3bb2c55
python3.12-debuginfo-3.12.12-3.el10_1.1.aarch64.rpm	SHA-256: badcb59260db823b444f16f5caaee7c9d7e747b8528d23faa0f34c55c250f342
python3.12-debuginfo-3.12.12-3.el10_1.1.aarch64.rpm	SHA-256: badcb59260db823b444f16f5caaee7c9d7e747b8528d23faa0f34c55c250f342
python3.12-debugsource-3.12.12-3.el10_1.1.aarch64.rpm	SHA-256: 413ecd08ce194983c33c686e43712d3efaf1b97c433d0fc0507fad13184b6965
python3.12-debugsource-3.12.12-3.el10_1.1.aarch64.rpm	SHA-256: 413ecd08ce194983c33c686e43712d3efaf1b97c433d0fc0507fad13184b6965

Red Hat CodeReady Linux Builder for x86_64 10

SRPM
x86_64
python3-debug-3.12.12-3.el10_1.1.x86_64.rpm	SHA-256: df9a4ea6d8dfa0b96b672d80c308425ac544ce4d2c370b91eb774c6f5d382777
python3-idle-3.12.12-3.el10_1.1.x86_64.rpm	SHA-256: a00385500627e25d8910ae302e5f47cbc7dfe001385443a17b54f4657ae63626
python3-test-3.12.12-3.el10_1.1.x86_64.rpm	SHA-256: 08862009ad34373e2415acec66fc4e95dee5024dd27d214faed10c6d256edfcf
python3.12-debuginfo-3.12.12-3.el10_1.1.x86_64.rpm	SHA-256: 29ec7584d220a0c49549ee1453b1185f463c35064a8f2605e5381feb97f03d23
python3.12-debugsource-3.12.12-3.el10_1.1.x86_64.rpm	SHA-256: 9d408e399c20957b9be0a1e9c36c7c1c5d65e785e59944ec8637b434f5c0063e

Red Hat CodeReady Linux Builder for Power, little endian 10

SRPM
ppc64le
python3-debug-3.12.12-3.el10_1.1.ppc64le.rpm	SHA-256: 6b3c01964812b9d3778aa653d55ba1cd1e47742fb3e40024254a380a69974e20
python3-idle-3.12.12-3.el10_1.1.ppc64le.rpm	SHA-256: 9ddbacfe10f41856dc197f043b0b1bd5ee7d831f1562f77870b71b45541fe628
python3-test-3.12.12-3.el10_1.1.ppc64le.rpm	SHA-256: ccb2dc304dbac3616036be767338d101f64040015d51e07b4c6c1aad73e18437
python3.12-debuginfo-3.12.12-3.el10_1.1.ppc64le.rpm	SHA-256: 6bae7abe3489470309e34499b8230e8460ceee425d2e56a06dafd044b196e9e1
python3.12-debugsource-3.12.12-3.el10_1.1.ppc64le.rpm	SHA-256: b436993cf949bc6616fdf6da67688ef2b7b5c2e7286dfb3db5f9b398d44249cb

Red Hat CodeReady Linux Builder for ARM 64 10

SRPM
aarch64
python3-debug-3.12.12-3.el10_1.1.aarch64.rpm	SHA-256: bb2aead3ca90bbe9b6fee8aa11da95fd67ec8507a79aa8d6971b5e405a228775
python3-idle-3.12.12-3.el10_1.1.aarch64.rpm	SHA-256: cbda748ab8e5db7f60d00891240be3e6acea30fee2219b74b77e0a263ede565a
python3-test-3.12.12-3.el10_1.1.aarch64.rpm	SHA-256: 68bdeae95f04a5c9d0f4bd9c1e3cfd63946fb37682f1b459cf5f9740eb9ec199
python3.12-debuginfo-3.12.12-3.el10_1.1.aarch64.rpm	SHA-256: badcb59260db823b444f16f5caaee7c9d7e747b8528d23faa0f34c55c250f342
python3.12-debugsource-3.12.12-3.el10_1.1.aarch64.rpm	SHA-256: 413ecd08ce194983c33c686e43712d3efaf1b97c433d0fc0507fad13184b6965

Red Hat CodeReady Linux Builder for IBM z Systems 10

SRPM
s390x
python3-debug-3.12.12-3.el10_1.1.s390x.rpm	SHA-256: fb1deaa981b21984514703acb0693d4ba449b66cd2dc4b19233f089a2a8b0145
python3-idle-3.12.12-3.el10_1.1.s390x.rpm	SHA-256: 698b51cf4bb19ea9bd22f224548b922d7082b2a27d96704bb15b58447db18a80
python3-test-3.12.12-3.el10_1.1.s390x.rpm	SHA-256: 1ccdcbb601e137462b2eec44d042f262eed46db0416bfb158e83bb2f4edbf457
python3.12-debuginfo-3.12.12-3.el10_1.1.s390x.rpm	SHA-256: 5b258990a08cd260bb98cd617c9c406bba1b9a4a59067c0951f46251e204e3d6
python3.12-debugsource-3.12.12-3.el10_1.1.s390x.rpm	SHA-256: 33d5d6b3c9b27fd89cb5c53292dfbad0b70fdbc5a6fad8f27585fd02e12c3c57

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation