- What: Security update for OpenEXR in Red Hat Enterprise Linux
- Impact: Systems using OpenEXR may be vulnerable if not updated
Red Hat Product Errata RHSA-2026:17660 - Security Advisory Issued: 2026-05-14 Updated: 2026-05-14 RHSA-2026:17660 - Security Advisory Overview Updated Packages Synopsis Important: openexr security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for openexr is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents a brief overview of OpenEXR and explains concepts that are specific to this format. This package containes the binaries for OpenEXR. Security Fix(es): OpenEXR: OpenEXR: Arbitrary code execution and information disclosure via crafted EXR file (CVE-2026-34588) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64 Red Hat Enterprise Linux Server - AUS 9.6 x86_64 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64 Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.6 x86_64 Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.6 ppc64le Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.6 s390x Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.6 aarch64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.6 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.6 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.6 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.6 s390x Fixes BZ - 2455408 - CVE-2026-34588 OpenEXR: OpenEXR: Arbitrary code execution and information disclosure via crafted EXR file CVEs CVE-2026-34588 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 SRPM openexr-3.1.1-3.el9_6.2.src.rpm SHA-256: 3e5c28e052c21395d5a0c10242dc47359b0518cb5d01811e991419323fa90b66 x86_64 openexr-3.1.1-3.el9_6.2.x86_64.rpm SHA-256: 8c1a830063b59212f282efbcb460f5209c2eadcd8a77714b8408ac4b4e94e256 openexr-debuginfo-3.1.1-3.el9_6.2.i686.rpm SHA-256: 565b0bee803888893e28fc8360914088d891f9d2aaa036fe24d5137e17fd4724 openexr-debuginfo-3.1.1-3.el9_6.2.x86_64.rpm SHA-256: 231b51f74b246fded991c737d9d7d1a395824fd49e27faafd3b320c33a508acd openexr-debugsource-3.1.1-3.el9_6.2.i686.rpm SHA-256: 3fd975d60ca1a809a7bb0b6e75f18ec51c2faff981e7a5fbc333eb60e039b9c5 openexr-debugsource-3.1.1-3.el9_6.2.x86_64.rpm SHA-256: ae87163dbfc1ee0b1c637a29948e75736b6413b5425c2dc6a327eb583c8d7832 openexr-libs-3.1.1-3.el9_6.2.i686.rpm SHA-256: 57828416f831ba4ea1846f36ee66d4d7c16b783347c5d882078f3ae7f61b0e59 openexr-libs-3.1.1-3.el9_6.2.x86_64.rpm SHA-256: 5ab306053d8c36ee591b30cf99b62d78fd6be53cb06ec48a9bd3e965a6b93e49 openexr-libs-debuginfo-3.1.1-3.el9_6.2.i686.rpm SHA-256: c1f48937d5feeb24086b0c2e65d54afbe4081ef08128388b85be554f1e32d62e openexr-libs-debuginfo-3.1.1-3.el9_6.2.x86_64.rpm SHA-256: 535fbc5c3eeb419504a8d2ab50b2ad236500ca676a267cff4b5d1c800fb73fdc Red Hat Enterprise Linux Server - AUS 9.6 SRPM openexr-3.1.1-3.el9_6.2.src.rpm SHA-256: 3e5c28e052c21395d5a0c10242dc47359b0518cb5d01811e991419323fa90b66 x86_64 openexr-3.1.1-3.el9_6.2.x86_64.rpm SHA-256: 8c1a830063b59212f282efbcb460f5209c2eadcd8a77714b8408ac4b4e94e256 openexr-debuginfo-3.1.1-3.el9_6.2.i686.rpm SHA-256: 565b0bee803888893e28fc8360914088d891f9d2aaa036fe24d5137e17fd4724 openexr-debuginfo-3.1.1-3.el9_6.2.x86_64.rpm SHA-256: 231b51f74b246fded991c737d9d7d1a395824fd49e27faafd3b320c33a508acd openexr-debugsource-3.1.1-3.el9_6.2.i686.rpm SHA-256: 3fd975d60ca1a809a7bb0b6e75f18ec51c2faff981e7a5fbc333eb60e039b9c5 openexr-debugsource-3.1.1-3.el9_6.2.x86_64.rpm SHA-256: ae87163dbfc1ee0b1c637a29948e75736b6413b5425c2dc6a327eb583c8d7832 openexr-libs-3.1.1-3.el9_6.2.i686.rpm SHA-256: 57828416f831ba4ea1846f36ee66d4d7c16b783347c5d882078f3ae7f61b0e59 openexr-libs-3.1.1-3.el9_6.2.x86_64.rpm SHA-256: 5ab306053d8c36ee591b30cf99b62d78fd6be53cb06ec48a9bd3e965a6b93e49 openexr-libs-debuginfo-3.1.1-3.el9_6.2.i686.rpm SHA-256: c1f48937d5feeb24086b0c2e65d54afbe4081ef08128388b85be554f1e32d62e openexr-libs-debuginfo-3.1.1-3.el9_6.2.x86_64.rpm SHA-256: 535fbc5c3eeb419504a8d2ab50b2ad236500ca676a267cff4b5d1c800fb73fdc Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 SRPM openexr-3.1.1-3.el9_6.2.src.rpm SHA-256: 3e5c28e052c21395d5a0c10242dc47359b0518cb5d01811e991419323fa90b66 s390x openexr-3.1.1-3.el9_6.2.s390x.rpm SHA-256: ab18ba11ecde151b4e611d3d6ef3e8deb5ada096b1079cdd35d6904b952cc62c openexr-debuginfo-3.1.1-3.el9_6.2.s390x.rpm SHA-256: 7da8bfd56d3bb4e1be48158b882198c5338701baeba2199dc180e8b151413bf4 openexr-debugsource-3.1.1-3.el9_6.2.s390x.rpm SHA-256: 3a3de27e3ea216403eefb2d4e9483c6d3cea0b2efe17db0745df5970d4fa617a openexr-libs-3.1.1-3.el9_6.2.s390x.rpm SHA-256: 95f850e122028d7dbc93eeba3b7dbdfcd18d25cedd36e66429ac4183f5af217e openexr-libs-debuginfo-3.1.1-3.el9_6.2.s390x.rpm SHA-256: 3b7a72604f8e74883762aff41c44352ac024277be89b160fc6ddcebd498a591a Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 SRPM openexr-3.1.1-3.el9_6.2.src.rpm SHA-256: 3e5c28e052c21395d5a0c10242dc47359b0518cb5d01811e991419323fa90b66 ppc64le openexr-3.1.1-3.el9_6.2.ppc64le.rpm SHA-256: 65c75fc2867988e6f3748ad1d9006e9acfc49e458506bb677d4b821e38849699 openexr-debuginfo-3.1.1-3.el9_6.2.ppc64le.rpm SHA-256: 0bebd9c3f16e7e71742b0755bd1b247f625d66c57dbdb0e75df82eab4cde23ed openexr-debugsource-3.1.1-3.el9_6.2.ppc64le.rpm SHA-256: 3b44f3a3a780dfcb2e50781354092270072e98cd66a7d50f8e02df8ec83db101 openexr-libs-3.1.1-3.el9_6.2.ppc64le.rpm SHA-256: b15833b63b345431abe3d23095a77e5c934352fbd753c2790338c53a7c22e0a4 openexr-libs-debuginfo-3.1.1-3.el9_6.2.ppc64le.rpm SHA-256: 0d50ef0e6965c0658206c2731f400bab7b04beedd2732c126d59332f57f76bd1 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 SRPM openexr-3.1.1-3.el9_6.2.src.rpm SHA-256: 3e5c28e052c21395d5a0c10242dc47359b0518cb5d01811e991419323fa90b66 aarch64 openexr-3.1.1-3.el9_6.2.aarch64.rpm SHA-256: 42dbe2686671e23c4c353cc198bffb0e4e4cdcd3b64003545d7d8665eda02777 openexr-debuginfo-3.1.1-3.el9_6.2.aarch64.rpm SHA-256: 3ea31a27ab1700a98f3232262c71257809781e92ce9df91d0e85315cfaeba462 openexr-debugsource-3.1.1-3.el9_6.2.aarch64.rpm SHA-256: 47465add04495c749b632485938a3b3154c4bf0fa570682cfd46bbce53697f23 openexr-libs-3.1.1-3.el9_6.2.aarch64.rpm SHA-256: 50f657ff84b228cdcee329301563d7013ab1406723cf235e7ac2fe02b77d4d9a openexr-libs-debuginfo-3.1.1-3.el9_6.2.aarch64.rpm SHA-256: 7c28c05623704111561047553ed80b27b358098bb2d75cef90598d692cf31327 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 SRPM openexr-3.1.1-3.el9_6.2.src.rpm SHA-256: 3e5c28e052c21395d5a0c10242dc47359b0518cb5d01811e991419323fa90b66 ppc64le openexr-3.1.1-3.el9_6.2.ppc64le.rpm SHA-256: 65c75fc2867988e6f3748ad1d9006e9acfc49e458506bb677d4b821e38849699 openexr-debuginfo-3.1.1-3.el9_6.2.ppc64le.rpm SHA-256: 0bebd9c3f16e7e71742b0755bd1b247f625d66c57dbdb0e75df82eab4cde23ed openexr-debugsource-3.1.1-3.el9_6.2.ppc64le.rpm SHA-256: 3b44f3a3a780dfcb2e50781354092270072e98cd66a7d50f8e02df8ec83db101 openexr-libs-3.1.1-3.el9_6.2.ppc64le.rpm SHA-256: b15833b63b345431abe3d23095a77e5c934352fbd753c2790338c53a7c22e0a4 openexr-libs-debuginfo-3.1.1-3.el9_6.2.ppc64le.rpm SHA-256: 0d50ef0e6965c0658206c2731f400bab7b04beedd2732c126d59332f57f76bd1 Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 SRPM openexr-3.1.1-3.el9_6.2.src.rpm SHA-256: 3e5c28e052c21395d5a0c10242dc47359b0518cb5d01811e991419323fa90b66 x86_64 openexr-3.1.1-3.el9_6.2.x86_64.rpm SHA-256: 8c1a830063b59212f282efbcb460f5209c2eadcd8a77714b8408ac4b4e94e256 openexr-debuginfo-3.1.1-3.el9_6.2.i686.rpm SHA-256: 565b0bee803888893e28fc8360914088d891f9d2aaa036fe24d5137e17fd4724 openexr-debuginfo-3.1.1-3.el9_6.2.x86_64.rpm SHA-256: 231b51f74b246fded991c737d9d7d1a395824fd49e27faafd3b320c33a508acd openexr-debugsource-3.1.1-3.el9_6.2.i686.rpm SHA-256: 3fd975d60ca1a809a7bb0b6e75f18ec51c2faff981e7a5fbc333eb60e039b9c5 openexr-debugsource-3.1.1-3.el9_6.2.x86_64.rpm SHA-256: ae87163dbfc1ee0b1c637a29948e75736b6413b5425c2dc6a327eb583c8d7832 openexr-libs-3.1.1-3.el9_6.2.i686.rpm SHA-256: 57828416f831ba4ea1846f36ee66d4d7c16b783347c5d882078f3ae7f61b0e59 openexr-libs-3.1.1-3.el9_6.2.x86_64.rpm SHA-256: 5ab306053d8c36ee591b30cf99b62d78fd6be53cb06ec48a9bd3e965a6b93e49 openexr-libs-debuginfo-3.1.1-3.el9_6.2.i686.rpm SHA-256: c1f48937d5feeb24086b0c2e65d54afbe4081ef08128388b85be554f1e32d62e openexr-libs-debuginfo-3.1.1-3.el9_6.2.x86_64.rpm SHA-256: 535fbc5c3eeb419504a8d2ab50b2ad236500ca676a267cff4b5d1