- What: Security update for OpenEXR in Red Hat Enterprise Linux
- Impact: Red Hat Enterprise Linux 10.0 Extended Update Support users
Red Hat Product Errata RHSA-2026:17656 - Security Advisory Issued: 2026-05-14 Updated: 2026-05-14 RHSA-2026:17656 - Security Advisory Overview Updated Packages Synopsis Important: openexr security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for openexr is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents a brief overview of OpenEXR and explains concepts that are specific to this format. This package containes the binaries for OpenEXR. Security Fix(es): OpenEXR: OpenEXR: Arbitrary code execution and information disclosure via crafted EXR file (CVE-2026-34588) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.0 x86_64 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.0 s390x Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.0 ppc64le Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.0 aarch64 Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 10.0 x86_64 Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 10.0 ppc64le Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 10.0 s390x Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 10.0 aarch64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.0 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.0 s390x Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.0 ppc64le Red Hat Enterprise Linux for x86_64 - 4 years of updates 10.0 x86_64 Fixes BZ - 2455408 - CVE-2026-34588 OpenEXR: OpenEXR: Arbitrary code execution and information disclosure via crafted EXR file CVEs CVE-2026-34588 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 - Extended Update Support 10.0 SRPM openexr-3.1.10-8.el10_0.2.src.rpm SHA-256: 565fac28572e34f533b2af7cb45fe90781c78569db12147b76e8d9b26d28ae33 x86_64 openexr-3.1.10-8.el10_0.2.x86_64.rpm SHA-256: 03f15901a28019f7a24d4b988b75e70ad19cc3aefbbc1a77e711e85b6e6e623d openexr-debuginfo-3.1.10-8.el10_0.2.x86_64.rpm SHA-256: 54248d634760daf19d591d61e592a62465183938db5500d1bd09445362950263 openexr-debugsource-3.1.10-8.el10_0.2.x86_64.rpm SHA-256: 1094ed92306cd7b0cd7f35fd6fa8b59d5bd64bec56c7b8daf25e5e62229e0c4a openexr-libs-3.1.10-8.el10_0.2.x86_64.rpm SHA-256: 3db7be8503f6b69737359123a139c8d9ebc577d7e95de10529e617192424835c openexr-libs-debuginfo-3.1.10-8.el10_0.2.x86_64.rpm SHA-256: 913f1d3390a5bbb09a63904482462388d6bed5ed76369ed20e2fff0b39738033 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 10.0 SRPM openexr-3.1.10-8.el10_0.2.src.rpm SHA-256: 565fac28572e34f533b2af7cb45fe90781c78569db12147b76e8d9b26d28ae33 s390x openexr-3.1.10-8.el10_0.2.s390x.rpm SHA-256: 73935ac7bf7f2c72e255a8865a3ac0a391894d5145956034a08e34652fe13ac9 openexr-debuginfo-3.1.10-8.el10_0.2.s390x.rpm SHA-256: 54ff80a55b6ee1d54171578967837da6151bf295abcedabfeff2393c716d632e openexr-debugsource-3.1.10-8.el10_0.2.s390x.rpm SHA-256: 5f7e387dd451e9e17b1c45b98aea882ac97bbdc201a55275ddd3b769709a08e8 openexr-libs-3.1.10-8.el10_0.2.s390x.rpm SHA-256: 8d542734cdacfc35a238e4c886999c93af3d9d32e21e18c5fe64a19a0a0bf86f openexr-libs-debuginfo-3.1.10-8.el10_0.2.s390x.rpm SHA-256: 181416cdcd421382e0cfb0b1b428e9d049e419fa79938b51eed9b665fed82861 Red Hat Enterprise Linux for Power, little endian - Extended Update Support 10.0 SRPM openexr-3.1.10-8.el10_0.2.src.rpm SHA-256: 565fac28572e34f533b2af7cb45fe90781c78569db12147b76e8d9b26d28ae33 ppc64le openexr-3.1.10-8.el10_0.2.ppc64le.rpm SHA-256: 78286151ba983f0c332bb3ced74b4dfbbe3224ae17f264924e3073ffde652073 openexr-debuginfo-3.1.10-8.el10_0.2.ppc64le.rpm SHA-256: 097e7f309f352dd83bddf18a12a30ca19c335bf155dc82bdeaabdfedcf62b8f9 openexr-debugsource-3.1.10-8.el10_0.2.ppc64le.rpm SHA-256: 81dbc04fd6ec378aa7a292b1906b7452e58d043904634333ef28166239d50b84 openexr-libs-3.1.10-8.el10_0.2.ppc64le.rpm SHA-256: 7fd76fa6de83c6a07492ee1bd404462d16733c0edfcaa04fb554cb5a1256e8e8 openexr-libs-debuginfo-3.1.10-8.el10_0.2.ppc64le.rpm SHA-256: 64ae403eab5ba59bf7671aac78775d1153d2528f8f72646036ac7792ba9107bc Red Hat Enterprise Linux for ARM 64 - Extended Update Support 10.0 SRPM openexr-3.1.10-8.el10_0.2.src.rpm SHA-256: 565fac28572e34f533b2af7cb45fe90781c78569db12147b76e8d9b26d28ae33 aarch64 openexr-3.1.10-8.el10_0.2.aarch64.rpm SHA-256: e737a222f6db2691a25b0630da44b1f77b56bc26d1e0770aafe121ed05292e78 openexr-debuginfo-3.1.10-8.el10_0.2.aarch64.rpm SHA-256: 7595ac37e1ede7bff4edd86c06d7703383f73235fb72f7b50b0129c36f2ad5f3 openexr-debugsource-3.1.10-8.el10_0.2.aarch64.rpm SHA-256: 89d1c07d6a680e5082ffbcf7c19651b6967337d7c541bf7dc070439906dc5172 openexr-libs-3.1.10-8.el10_0.2.aarch64.rpm SHA-256: 2d9e5add393da3742324cbc7cc6160c09986b322b9bfb8624fdfdac39d36ddea openexr-libs-debuginfo-3.1.10-8.el10_0.2.aarch64.rpm SHA-256: e2c69201a28e50758af5363a30923dbbd944e12c852b17e12facf0b3b9009bd6 Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 10.0 SRPM x86_64 openexr-debuginfo-3.1.10-8.el10_0.2.x86_64.rpm SHA-256: 54248d634760daf19d591d61e592a62465183938db5500d1bd09445362950263 openexr-debugsource-3.1.10-8.el10_0.2.x86_64.rpm SHA-256: 1094ed92306cd7b0cd7f35fd6fa8b59d5bd64bec56c7b8daf25e5e62229e0c4a openexr-devel-3.1.10-8.el10_0.2.x86_64.rpm SHA-256: 363449a5c3a5dea57f1a59d45888018c14ff5865cd49f195d8a28caa7e4e10b7 openexr-libs-debuginfo-3.1.10-8.el10_0.2.x86_64.rpm SHA-256: 913f1d3390a5bbb09a63904482462388d6bed5ed76369ed20e2fff0b39738033 Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 10.0 SRPM ppc64le openexr-debuginfo-3.1.10-8.el10_0.2.ppc64le.rpm SHA-256: 097e7f309f352dd83bddf18a12a30ca19c335bf155dc82bdeaabdfedcf62b8f9 openexr-debugsource-3.1.10-8.el10_0.2.ppc64le.rpm SHA-256: 81dbc04fd6ec378aa7a292b1906b7452e58d043904634333ef28166239d50b84 openexr-devel-3.1.10-8.el10_0.2.ppc64le.rpm SHA-256: 5f2235dad3143e2ad719a15424e0555c1d1e99b79df6a8f1fed45438c0ce662b openexr-libs-debuginfo-3.1.10-8.el10_0.2.ppc64le.rpm SHA-256: 64ae403eab5ba59bf7671aac78775d1153d2528f8f72646036ac7792ba9107bc Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 10.0 SRPM s390x openexr-debuginfo-3.1.10-8.el10_0.2.s390x.rpm SHA-256: 54ff80a55b6ee1d54171578967837da6151bf295abcedabfeff2393c716d632e openexr-debugsource-3.1.10-8.el10_0.2.s390x.rpm SHA-256: 5f7e387dd451e9e17b1c45b98aea882ac97bbdc201a55275ddd3b769709a08e8 openexr-devel-3.1.10-8.el10_0.2.s390x.rpm SHA-256: b7290d92fa52295b57096751fd22d3822c89cc610d35b5c6969ad1a04d466a7c openexr-libs-debuginfo-3.1.10-8.el10_0.2.s390x.rpm SHA-256: 181416cdcd421382e0cfb0b1b428e9d049e419fa79938b51eed9b665fed82861 Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 10.0 SRPM aarch64 openexr-debuginfo-3.1.10-8.el10_0.2.aarch64.rpm SHA-256: 7595ac37e1ede7bff4edd86c06d7703383f73235fb72f7b50b0129c36f2ad5f3 openexr-debugsource-3.1.10-8.el10_0.2.aarch64.rpm SHA-256: 89d1c07d6a680e5082ffbcf7c19651b6967337d7c541bf7dc070439906dc5172 openexr-devel-3.1.10-8.el10_0.2.aarch64.rpm SHA-256: 39310d91bd27037c520b0034ef321f17bddbc9c76e7c223c7d5fcb7bbb88ccbb openexr-libs-debuginfo-3.1.10-8.el10_0.2.aarch64.rpm SHA-256: e2c69201a28e50758af5363a30923dbbd944e12c852b17e12facf0b3b9009bd6 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 10.0 SRPM openexr-3.1.10-8.el10_0.2.src.rpm SHA-256: 565fac28572e34f533b2af7cb45fe90781c78569db12147b76e8d9b26d28ae33 aarch64 openexr-3.1.10-8.el10_0.2.aarch64.rpm SHA-256: e737a222f6db2691a25b0630da44b1f77b56bc26d1e0770aafe121ed05292e78 openexr-debuginfo-3.1.10-8.el10_0.2.aarch64.rpm SHA-256: 7595ac37e1ede7bff4edd86c06d7703383f73235fb72f7b50b0129c36f2ad5f3 openexr-debugsource-3.1.10-8.el10_0.2.aarch64.rpm SHA-256: 89d1c07d6a680e5082ffbcf7c19651b6967337d7c541bf7dc070439906dc5172 openexr-libs-3.1.10-8.el10_0.2.aarch64.rpm SHA-256: 2d9e5add393da3742324cbc7cc6160c09986b322b9bfb8624fdfdac39d36ddea openexr-libs-debuginfo-3.1.10-8.el10_0.2.aarch64.rpm SHA-256: e2c69201a28e50758af5363a30923dbbd944e12c852b17e12facf0b3b9009bd6 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 10.0 SRPM openexr-3.1.10-8.el10_0.2.src.rpm SHA-256: 565fac28572e34f533b2af7cb45fe90781c78569db12147b76e8d9b26d28ae33 s390x openexr-3.1.10-8.el10_0.2.s390x.rpm SHA-256: 73935ac7bf7f2c72e255a8865a3ac0a391894d5145956034a08e34652fe13ac9 openexr-debuginfo-3.1.10-8.el10_0.2.s390x.rpm SHA-256: 54ff80a55b6ee1d54171578967837da6151bf295abcedabfeff2393c716d632e openexr-debugsource-3.1.10-8.el10_0.2.s390x.rpm SHA-256: 5f7e387dd451e9e17b1c45b98aea882ac97bbdc201a55275ddd3b769709a08e8 openexr-libs-3.1.10-8.el10_0.2.s390x.rpm SHA-256: 8d542734cdacfc35a238e4c886999c93af3d9d32e21e18c5fe64a19a0a0bf86f openexr-libs-debuginfo-3.1.10-8.el10_0.2.s390x.rpm SHA-256: 181416cdcd421382e0cfb0b1b428e9d049e419fa79938b51eed9b665fed82861 Red Hat Enterprise Linux for Power, little endian - 4 years of support 10.0 SRPM openexr-3.1.10-8.el10_0.2.src.rpm SHA-256: 565fac28572e34f533b2af