Issued:: 2026-03-23
Updated:: 2026-03-23

RHSA-2026:5216 - Security Advisory

Overview
Updated Packages

Synopsis

Moderate: python3 security update

Type/Severity

Security Advisory: Moderate

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for python3 is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.

Security Fix(es):

cpython: IMAP command injection in user-controlled commands (CVE-2025-15366)
cpython: POP3 command injection in user-controlled commands (CVE-2025-15367)
cpython: email header injection due to unquoted newlines (CVE-2026-1299)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux Server - AUS 8.2 x86_64

Fixes

BZ - 2431368 - CVE-2025-15366 cpython: IMAP command injection in user-controlled commands
BZ - 2431373 - CVE-2025-15367 cpython: POP3 command injection in user-controlled commands
BZ - 2432437 - CVE-2026-1299 cpython: email header injection due to unquoted newlines

CVEs

References

https://access.redhat.com/security/updates/classification/#moderate

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - AUS 8.2

SRPM
python3-3.6.8-24.el8_2.6.src.rpm	SHA-256: 6b5cfd14c9fb9af112b813456a266843e09ba1a881a4f54c3c6ed60eaa389fbd
x86_64
platform-python-3.6.8-24.el8_2.6.i686.rpm	SHA-256: abb140fa4e8ca922fc119c9d8fa42bbc8e87aa2f968521eb2c1c8d8a8f1bc2fc
platform-python-3.6.8-24.el8_2.6.x86_64.rpm	SHA-256: e7ccd3cb573d7a9217b734979f7fcba1f5231874999f67c0835c70f6bdf88cc1
platform-python-debug-3.6.8-24.el8_2.6.i686.rpm	SHA-256: efa88b3db4b1cae8a4a937149b7fbced878fceb8a174ecbabb1ce00b882262b2
platform-python-debug-3.6.8-24.el8_2.6.x86_64.rpm	SHA-256: 3840f0a38c9da82f0590a3a6a8476cebce1d66e33772724657b135a635745601
platform-python-devel-3.6.8-24.el8_2.6.i686.rpm	SHA-256: b0d72e4f0adc2e36d7c2ee7eb28652b8c28057a7eb422bbff450b6c3efb79a92
platform-python-devel-3.6.8-24.el8_2.6.x86_64.rpm	SHA-256: b725a695e9ee910c025f4724bc4153ffd2da6c329776489ba783f8eaf8e6abf6
python3-debuginfo-3.6.8-24.el8_2.6.i686.rpm	SHA-256: 548b32f006223cb8e7a9c08bb619da6cadeb28860033086609d2131b9de38ac5
python3-debuginfo-3.6.8-24.el8_2.6.i686.rpm	SHA-256: 548b32f006223cb8e7a9c08bb619da6cadeb28860033086609d2131b9de38ac5
python3-debuginfo-3.6.8-24.el8_2.6.x86_64.rpm	SHA-256: 08ba68537bc89a0431ba238ee8e887cadac57f4ece6d873d5a531eb3d81b7ced
python3-debuginfo-3.6.8-24.el8_2.6.x86_64.rpm	SHA-256: 08ba68537bc89a0431ba238ee8e887cadac57f4ece6d873d5a531eb3d81b7ced
python3-debugsource-3.6.8-24.el8_2.6.i686.rpm	SHA-256: 4f54e6c7dbd6a612b093f54b20de5018b5f25c37cd8fc3b7765674886010e942
python3-debugsource-3.6.8-24.el8_2.6.i686.rpm	SHA-256: 4f54e6c7dbd6a612b093f54b20de5018b5f25c37cd8fc3b7765674886010e942
python3-debugsource-3.6.8-24.el8_2.6.x86_64.rpm	SHA-256: 8d37aeb2c7565a057fb72627fce9a2d8309320f533bcac2093093954d1efbf65
python3-debugsource-3.6.8-24.el8_2.6.x86_64.rpm	SHA-256: 8d37aeb2c7565a057fb72627fce9a2d8309320f533bcac2093093954d1efbf65
python3-idle-3.6.8-24.el8_2.6.i686.rpm	SHA-256: ba3cc4e9f78fd1b28b25601c77c583d77cd3d09e9f2e7c218d56969e8e201c35
python3-idle-3.6.8-24.el8_2.6.x86_64.rpm	SHA-256: 58449fc3c6656719a8acb6362c132a7aee81de582004c1692d4841d332034297
python3-libs-3.6.8-24.el8_2.6.i686.rpm	SHA-256: 1c83934b90993c10042e24e83722171a67fdf712fea3e7c82eb5557837ca9c10
python3-libs-3.6.8-24.el8_2.6.x86_64.rpm	SHA-256: 76b0e33b682e008a59a829bc0700acd96fb9821701ccdaa4c57cff83147e3efd
python3-test-3.6.8-24.el8_2.6.i686.rpm	SHA-256: 5d873f1f846d3e4fe20a515bdc1b108e8b770910974bd3915a479b3a1411db31
python3-test-3.6.8-24.el8_2.6.x86_64.rpm	SHA-256: 3f900296ca15f35170b86b0b11c97200d88ae91302f943559ae63c5b60d7be87
python3-tkinter-3.6.8-24.el8_2.6.i686.rpm	SHA-256: 03bc9e5a288633acfc96676ad249704463d13a5274b4dfaed5aa07b878ecfcba
python3-tkinter-3.6.8-24.el8_2.6.x86_64.rpm	SHA-256: f00ffb18d51ae0b845e4ba5e91b40d1fe7782ffb68281d956194a42fc796c45f

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation