- What: Security update for Python 3.11 in Red Hat Enterprise Linux 9
- Impact: Systems using Python 3.11 may be vulnerable to security issues
Red Hat Product Errata RHSA-2026:18957 - Security Advisory Issued: 2026-05-19 Updated: 2026-05-19 RHSA-2026:18957 - Security Advisory Overview Updated Packages Synopsis Moderate: python3.11 security update Type/Severity Security Advisory: Moderate Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for python3.11 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): cpython: wsgiref.headers.Headers allows header newline injection in Python (CVE-2026-0865) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 9 Release Notes linked from the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 9 x86_64 Red Hat Enterprise Linux for IBM z Systems 9 s390x Red Hat Enterprise Linux for Power, little endian 9 ppc64le Red Hat Enterprise Linux for ARM 64 9 aarch64 Red Hat CodeReady Linux Builder for x86_64 9 x86_64 Red Hat CodeReady Linux Builder for Power, little endian 9 ppc64le Red Hat CodeReady Linux Builder for ARM 64 9 aarch64 Red Hat CodeReady Linux Builder for IBM z Systems 9 s390x Fixes BZ - 2431367 - CVE-2026-0865 cpython: wsgiref.headers.Headers allows header newline injection in Python CVEs CVE-2026-0865 References https://access.redhat.com/security/updates/classification/#moderate https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/9.8_release_notes/index Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 9 SRPM python3.11-3.11.13-7.el9_8.src.rpm SHA-256: 01eb6e4b9e74ecc2f71c1da9181b64a04f0219c980379cf5c2d69fd6e9f5c51d x86_64 python3.11-3.11.13-7.el9_8.x86_64.rpm SHA-256: ad1790c1f027d21de5ec88c56afa3e41cb5ddfadd186579b6b1e2f05f4761b57 python3.11-debuginfo-3.11.13-7.el9_8.i686.rpm SHA-256: 2587ab96a6ab758917ad5a6e16805d7db74d2ea5bf583f764973e9be6866a698 python3.11-debuginfo-3.11.13-7.el9_8.x86_64.rpm SHA-256: b026f666466ed67adc394528f30798753345c043070e06cca5a5fe95602790af python3.11-debugsource-3.11.13-7.el9_8.i686.rpm SHA-256: f87f330f724908e8116395b2051245ffc7a6c894f4ba12012f312cc2020876fe python3.11-debugsource-3.11.13-7.el9_8.x86_64.rpm SHA-256: 1cdc414a109ef2010e6e54395c179573e4bd06be2a64324069b88b565c400e09 python3.11-devel-3.11.13-7.el9_8.i686.rpm SHA-256: 35e0bea7550f56dbabe8bf45e312cc4866dc81fd508a8b918d4c1801eb948b45 python3.11-devel-3.11.13-7.el9_8.x86_64.rpm SHA-256: 8fee4ba23a397bc86e23d44382134ae095e9d31663bdf0a9e6b0a9cba77c04b4 python3.11-libs-3.11.13-7.el9_8.i686.rpm SHA-256: 0cccd855337ea753373b4c9d52980020069628e8a81f93cd3d5108c664ec474f python3.11-libs-3.11.13-7.el9_8.x86_64.rpm SHA-256: 8ff3f2c3fde704b8e7d153e283a2804e75db19d6d69b40bb238ec723f3c91fdd python3.11-tkinter-3.11.13-7.el9_8.x86_64.rpm SHA-256: b943451ada7a84deca814c462a8be6f5c878bd5f9efca4cf322c9d9c1df0f20b Red Hat Enterprise Linux for IBM z Systems 9 SRPM python3.11-3.11.13-7.el9_8.src.rpm SHA-256: 01eb6e4b9e74ecc2f71c1da9181b64a04f0219c980379cf5c2d69fd6e9f5c51d s390x python3.11-3.11.13-7.el9_8.s390x.rpm SHA-256: 4b088924710a48ab0451d74e113005579bf52ad4bc70c185e1fbb90a3408d5ac python3.11-debuginfo-3.11.13-7.el9_8.s390x.rpm SHA-256: d229c0bdef1179aa609129be51a07299dcaaca67295e900d3642ad4dc1e51d02 python3.11-debugsource-3.11.13-7.el9_8.s390x.rpm SHA-256: 405857dcfd738be33dec63395d1909f0bfc5f057fa39eeec07c3138b7415c443 python3.11-devel-3.11.13-7.el9_8.s390x.rpm SHA-256: 007150fed567354b62d5ca89141043e263b006756d140926263bd2649a8f077a python3.11-libs-3.11.13-7.el9_8.s390x.rpm SHA-256: 2f3714dfe06a2eeda2d9e3a912b8b29ac1981490e8db92e4c4a2b07c79ecc9f1 python3.11-tkinter-3.11.13-7.el9_8.s390x.rpm SHA-256: 269a9d472776b6a89b8603092f872d2059dbfae9d580f13cdde9ea044be7c7a2 Red Hat Enterprise Linux for Power, little endian 9 SRPM python3.11-3.11.13-7.el9_8.src.rpm SHA-256: 01eb6e4b9e74ecc2f71c1da9181b64a04f0219c980379cf5c2d69fd6e9f5c51d ppc64le python3.11-3.11.13-7.el9_8.ppc64le.rpm SHA-256: 76457845de806ab0667f5b409a4bb2afe01595e6df81dc8f21ff8dc5c30a1ad4 python3.11-debuginfo-3.11.13-7.el9_8.ppc64le.rpm SHA-256: 2253a019a8ba2dfe07162af138cb23d57f19039aae3300b45275b3a80b2197ff python3.11-debugsource-3.11.13-7.el9_8.ppc64le.rpm SHA-256: 44520b72a2c8bddc673ed9b257d7086408d9e7581dae9c9abf99bae001c53287 python3.11-devel-3.11.13-7.el9_8.ppc64le.rpm SHA-256: f96896282fba3308a481b320468b29c039adfc46fdb5f3a40eac8bae445d88a9 python3.11-libs-3.11.13-7.el9_8.ppc64le.rpm SHA-256: 6f92ad9e2e13c8b8cca5faf68dcd7faa8ad056b4a331f2bba9fa7ef80a52cf82 python3.11-tkinter-3.11.13-7.el9_8.ppc64le.rpm SHA-256: e954f3a65ca7a9fdc5a8583cb710380dcb79c55b697b9c577356394e323f1341 Red Hat Enterprise Linux for ARM 64 9 SRPM python3.11-3.11.13-7.el9_8.src.rpm SHA-256: 01eb6e4b9e74ecc2f71c1da9181b64a04f0219c980379cf5c2d69fd6e9f5c51d aarch64 python3.11-3.11.13-7.el9_8.aarch64.rpm SHA-256: 9726007d7bda72fa954b1f4341239110ece279e9ea16045c062241a58d249f5e python3.11-debuginfo-3.11.13-7.el9_8.aarch64.rpm SHA-256: b71608232ea910853059be8da5938f05650c1880c8408f96d3d6857ebdeb8e95 python3.11-debugsource-3.11.13-7.el9_8.aarch64.rpm SHA-256: 2e7b64db1b85b9dea501d15204ae05b820db44aa451e15785b3dbfbc3bebe54b python3.11-devel-3.11.13-7.el9_8.aarch64.rpm SHA-256: d0eb2cdc85949182385462c75c0e25e3a7620bd25da66ea694bc6ec40a7ddd74 python3.11-libs-3.11.13-7.el9_8.aarch64.rpm SHA-256: 557415d4fa486def0628bbd37d8920badda05b045e585f6756ab58217ca517cb python3.11-tkinter-3.11.13-7.el9_8.aarch64.rpm SHA-256: 17aeac811d9aa0dff467a2edebe96cc52c66a2044f59bf1270dadef081bb05fb Red Hat CodeReady Linux Builder for x86_64 9 SRPM x86_64 python3.11-3.11.13-7.el9_8.i686.rpm SHA-256: 2862e96d88e35c717e8f5aecc873c063f75e55f03d9936084d1b49f252e26bf3 python3.11-debug-3.11.13-7.el9_8.i686.rpm SHA-256: 607931be5ad53550ae6af92f1518ebcefce998a9ad8bbbcb84753e26b13421d0 python3.11-debug-3.11.13-7.el9_8.x86_64.rpm SHA-256: bb138eb99ab4f59ab74bec2197328158f7ad90305ee3ce441d00bab1d00d3033 python3.11-debuginfo-3.11.13-7.el9_8.i686.rpm SHA-256: 2587ab96a6ab758917ad5a6e16805d7db74d2ea5bf583f764973e9be6866a698 python3.11-debuginfo-3.11.13-7.el9_8.x86_64.rpm SHA-256: b026f666466ed67adc394528f30798753345c043070e06cca5a5fe95602790af python3.11-debugsource-3.11.13-7.el9_8.i686.rpm SHA-256: f87f330f724908e8116395b2051245ffc7a6c894f4ba12012f312cc2020876fe python3.11-debugsource-3.11.13-7.el9_8.x86_64.rpm SHA-256: 1cdc414a109ef2010e6e54395c179573e4bd06be2a64324069b88b565c400e09 python3.11-idle-3.11.13-7.el9_8.i686.rpm SHA-256: 4256edb87d3a4e3835069241c2fbf36f38908b69cc4d011b8975984529cd07f4 python3.11-idle-3.11.13-7.el9_8.x86_64.rpm SHA-256: a05361ea941a023ff74bd57378f0d16af5526bd95dc26fe20abaf6359a0f8dd0 python3.11-test-3.11.13-7.el9_8.i686.rpm SHA-256: ac685de2c00ebcb55054adc01ffa82ad449ee31aa8d7d4813d0a38ed58ee9133 python3.11-test-3.11.13-7.el9_8.x86_64.rpm SHA-256: dff5c5a128cbaa8008ea65fb09a3994fc11ae49eab20ae699f352874d1fe76b5 python3.11-tkinter-3.11.13-7.el9_8.i686.rpm SHA-256: 119e6a31c9b892eaaff0962643e4a8f690a4327b524fd5cce8212ca1f8d48587 Red Hat CodeReady Linux Builder for Power, little endian 9 SRPM ppc64le python3.11-debug-3.11.13-7.el9_8.ppc64le.rpm SHA-256: 1f0384c8167f057c4a4395ba46841ae407856370abd805dcf9b99a34cdce816b python3.11-debuginfo-3.11.13-7.el9_8.ppc64le.rpm SHA-256: 2253a019a8ba2dfe07162af138cb23d57f19039aae3300b45275b3a80b2197ff python3.11-debugsource-3.11.13-7.el9_8.ppc64le.rpm SHA-256: 44520b72a2c8bddc673ed9b257d7086408d9e7581dae9c9abf99bae001c53287 python3.11-idle-3.11.13-7.el9_8.ppc64le.rpm SHA-256: 2c1e12bff48902f95dfb5f1aed379add20db987f18d87d16fba8cd515e2f3fb8 python3.11-test-3.11.13-7.el9_8.ppc64le.rpm SHA-256: 006bf08c73753928353631aa3c7384a1d226a424509180d9697120eb325c8c1b Red Hat CodeReady Linux Builder for ARM 64 9 SRPM aarch64 python3.11-debug-3.11.13-7.el9_8.aarch64.rpm SHA-256: d4ccd5a8250f3992dcbe9a49bad884731186893730d3100b14ac9a8b66b9a8e8 python3.11-debuginfo-3.11.13-7.el9_8.aarch64.rpm SHA-256: b71608232ea910853059be8da5938f05650c1880c8408f96d3d6857ebdeb8e95 python3.11-debugsource-3.11.13-7.el9_8.aarch64.rpm SHA-256: 2e7b64db1b85b9dea501d15204ae05b820db44aa451e15785b3dbfbc3bebe54b python3.11-idle-3.11.13-7.el9_8.aarch64.rpm SHA-256: fef6efa9c168416e3469d91a6b646b6ce5aeadfbe6e5e01726357206fc2a7eec python3.11-test-3.11.13-7.el9_8.aarch64.rpm SHA-256: 1e6f5b8f409b1655237f248b80d4db9d3b6f4f53a040ba83186d819d87a533af Red Hat CodeReady Linux Builder for IBM z Systems 9 SRPM s390x python3.11-debug-3.11.13-7.el9_8.s390x.rpm SHA-256: 6200f9729653401dd855bcecfd8798274a1e25342308127a5a17e1ea6059c2ea python3.11-debuginfo-3.11.13-7.el9_8.s390x.rpm SHA-256: d229c0bdef1179aa609129be51a07299dcaaca67295e900d3642ad4dc1e51d02 python3.11-debugsource-3.11.13-7.el9_8.s390x.rpm SHA-256: 405857dcfd738be33dec63395d1909f0bfc5f057fa39eeec07c3138b7415c443 python3.11-idle-3.11.13-7.el9_8.s390x.rpm SHA-256: 7b04550c94cad1f23ccf2b25fe903a4e50245ab73aa2ae8aaeff5d7745c5ce89 python3.11-test-3.11.13-7.el9_8.s390x.rpm SHA-256: 9f53b4b6f7814ed99b8fa21ca2d050519a1b34de01d912e484f2ad316a4084a0 The Red Hat security contact is secalert@redhat.com . More contact details