- What: Security update for Python 3.12 in Red Hat Enterprise Linux 9
- Impact: Systems using Python 3.12 may be vulnerable to security issues
Red Hat Product Errata RHSA-2026:18958 - Security Advisory Issued: 2026-05-19 Updated: 2026-05-19 RHSA-2026:18958 - Security Advisory Overview Updated Packages Synopsis Moderate: python3.12 security update Type/Severity Security Advisory: Moderate Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for python3.12 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix(es): cpython: wsgiref.headers.Headers allows header newline injection in Python (CVE-2026-0865) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 9 Release Notes linked from the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 9 x86_64 Red Hat Enterprise Linux for IBM z Systems 9 s390x Red Hat Enterprise Linux for Power, little endian 9 ppc64le Red Hat Enterprise Linux for ARM 64 9 aarch64 Red Hat CodeReady Linux Builder for x86_64 9 x86_64 Red Hat CodeReady Linux Builder for Power, little endian 9 ppc64le Red Hat CodeReady Linux Builder for ARM 64 9 aarch64 Red Hat CodeReady Linux Builder for IBM z Systems 9 s390x Fixes BZ - 2431367 - CVE-2026-0865 cpython: wsgiref.headers.Headers allows header newline injection in Python CVEs CVE-2026-0865 References https://access.redhat.com/security/updates/classification/#moderate https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/9.8_release_notes/index Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 9 SRPM python3.12-3.12.12-6.el9_8.src.rpm SHA-256: 63276261b34a49ca55d5d7c9c289aa2bd4197dbe13872d169483b8534991ea7a x86_64 python3.12-3.12.12-6.el9_8.x86_64.rpm SHA-256: 08b12e610f796e0054ceeba98405dd99dfabe4ce3207247d33898bd33ca41404 python3.12-debuginfo-3.12.12-6.el9_8.i686.rpm SHA-256: 889d216617ad9b1f4dfd6bec7b1c73d4ce99f775dba576deb8a7fd537b61649c python3.12-debuginfo-3.12.12-6.el9_8.x86_64.rpm SHA-256: fcf5c797e5555549416353aa51ffa43c01b3ebe8bc37c14e166270485c03fa3c python3.12-debugsource-3.12.12-6.el9_8.i686.rpm SHA-256: 550e72f600f9babbc5e277a23038f0c254c47025f8e1a814cdb5728770831c06 python3.12-debugsource-3.12.12-6.el9_8.x86_64.rpm SHA-256: 758aa6fafb9381e62b5a542303283ed443a68690d72e1b0e198efc1a316b184e python3.12-devel-3.12.12-6.el9_8.i686.rpm SHA-256: 1f516246d32b8c437355df7f9e1a70f5640645c41e79c05e9c5860037bfb424c python3.12-devel-3.12.12-6.el9_8.x86_64.rpm SHA-256: be02822f69e010f77e1f9078cf04b4fc98621f6b3f49b91e38838ef9347025eb python3.12-libs-3.12.12-6.el9_8.i686.rpm SHA-256: 3bc68a4e0b6cbee16c36bb18d3dad24169982b5b7f49b71473bffab0165f9d37 python3.12-libs-3.12.12-6.el9_8.x86_64.rpm SHA-256: 50965f518e0c14608d3fa49261a4635d7d35c261b5a94ab7f7a2fd05a0d54847 python3.12-tkinter-3.12.12-6.el9_8.x86_64.rpm SHA-256: 7b7cbb3f4b8ab9d0988a2f9e940971030dded3e29f199dab2e96a323bc855b56 Red Hat Enterprise Linux for IBM z Systems 9 SRPM python3.12-3.12.12-6.el9_8.src.rpm SHA-256: 63276261b34a49ca55d5d7c9c289aa2bd4197dbe13872d169483b8534991ea7a s390x python3.12-3.12.12-6.el9_8.s390x.rpm SHA-256: d2f89c72e6ac1f84fb3415375e3bdee253fa0d2c4ab689cdc0b6fbd13ae85b72 python3.12-debuginfo-3.12.12-6.el9_8.s390x.rpm SHA-256: 7372c585fa6f5e4007732f01899bad200ee2f93e2c2595e0b26827ee4915734e python3.12-debugsource-3.12.12-6.el9_8.s390x.rpm SHA-256: 6d15ff346a5e95d6a3ef1c051781364f59bb9e08f223763142fe39699c8b1096 python3.12-devel-3.12.12-6.el9_8.s390x.rpm SHA-256: 8fcbe4979fda40f35937dc789fb1cc8c68d10f04d8cc958fb22e5edb716532ba python3.12-libs-3.12.12-6.el9_8.s390x.rpm SHA-256: c0797681020fa66d6b19d44ff78f23978d370bab446a3246db9288ce11eb7f05 python3.12-tkinter-3.12.12-6.el9_8.s390x.rpm SHA-256: c821decde34e47bc083563c50af33e99539cc2f4c88286606848b2e4bd773e6b Red Hat Enterprise Linux for Power, little endian 9 SRPM python3.12-3.12.12-6.el9_8.src.rpm SHA-256: 63276261b34a49ca55d5d7c9c289aa2bd4197dbe13872d169483b8534991ea7a ppc64le python3.12-3.12.12-6.el9_8.ppc64le.rpm SHA-256: 79495c8f3be1c67082117e4a5c03002826bb89d95f04edd6f5322b83c0fd6241 python3.12-debuginfo-3.12.12-6.el9_8.ppc64le.rpm SHA-256: 0714013f119d1f3a7f40ec6efef85bc6bcd5d162b0b352109fa1798d87c270a1 python3.12-debugsource-3.12.12-6.el9_8.ppc64le.rpm SHA-256: f3776826adb9f6464cd2e09a08df1ada83d3440f509f21a22e66ea558eaab886 python3.12-devel-3.12.12-6.el9_8.ppc64le.rpm SHA-256: 4a3b73238a7be04b0fbc32e8e90df5f17c442f9edc472c7ff9e0e012b70fa244 python3.12-libs-3.12.12-6.el9_8.ppc64le.rpm SHA-256: 4f54d64b1fe11769bdb3f683047ce9c2e5a6c6fee4de291246508c521f540561 python3.12-tkinter-3.12.12-6.el9_8.ppc64le.rpm SHA-256: d3051ec74ae0b7d55f80629c89fe6f39e94028081947d4223cd7b6ab24a24653 Red Hat Enterprise Linux for ARM 64 9 SRPM python3.12-3.12.12-6.el9_8.src.rpm SHA-256: 63276261b34a49ca55d5d7c9c289aa2bd4197dbe13872d169483b8534991ea7a aarch64 python3.12-3.12.12-6.el9_8.aarch64.rpm SHA-256: 5b78bc461d3fb94808f128dc39ae047e31568aa1c1c7c7c50e253b30b10cc896 python3.12-debuginfo-3.12.12-6.el9_8.aarch64.rpm SHA-256: 99d56134b6dd31db8fc7194a0c4ccd082cb4e2208c400ec29623d8a41ed78d7d python3.12-debugsource-3.12.12-6.el9_8.aarch64.rpm SHA-256: 5945e956b8fd9a515ee89f857f45c26f8a4340bd4f8c754a290e7113565ef78f python3.12-devel-3.12.12-6.el9_8.aarch64.rpm SHA-256: 1dfabbd27c983cf4b51b8e46bd4f5bd4f1b060094c155c105604e95c9858f88a python3.12-libs-3.12.12-6.el9_8.aarch64.rpm SHA-256: 8a18a4a83b2c584b79d5b10eb5ac12942285d7199f64c0e421f909e4763d7567 python3.12-tkinter-3.12.12-6.el9_8.aarch64.rpm SHA-256: 154e7567b910351682859fcb9eb29199476d3e0bfa73d06215e25152dc74efe5 Red Hat CodeReady Linux Builder for x86_64 9 SRPM x86_64 python3.12-3.12.12-6.el9_8.i686.rpm SHA-256: 39b9d79fba67a33b85f3745f27cadf543958fe55c6078e18638fac233fab0253 python3.12-debug-3.12.12-6.el9_8.i686.rpm SHA-256: 428a011089b7ff56806db2563541d1f0afb76b9397f0cb22d97314b110b85b96 python3.12-debug-3.12.12-6.el9_8.x86_64.rpm SHA-256: 9ceed626b290a661878dbf3c0a2f1b0a134088b8ed8d6fcdf24e28624bec981c python3.12-debuginfo-3.12.12-6.el9_8.i686.rpm SHA-256: 889d216617ad9b1f4dfd6bec7b1c73d4ce99f775dba576deb8a7fd537b61649c python3.12-debuginfo-3.12.12-6.el9_8.x86_64.rpm SHA-256: fcf5c797e5555549416353aa51ffa43c01b3ebe8bc37c14e166270485c03fa3c python3.12-debugsource-3.12.12-6.el9_8.i686.rpm SHA-256: 550e72f600f9babbc5e277a23038f0c254c47025f8e1a814cdb5728770831c06 python3.12-debugsource-3.12.12-6.el9_8.x86_64.rpm SHA-256: 758aa6fafb9381e62b5a542303283ed443a68690d72e1b0e198efc1a316b184e python3.12-idle-3.12.12-6.el9_8.i686.rpm SHA-256: 380ea18149a92e57c30933e9bba9d53e830fd2f513e4dd7a3148b3b8723465d6 python3.12-idle-3.12.12-6.el9_8.x86_64.rpm SHA-256: 445d5054ae12c4c342e2d5acafec15816fae6a97764ee50dea31e617ae9a03cf python3.12-test-3.12.12-6.el9_8.i686.rpm SHA-256: f008a00ec8ae3387e4de878a7a5a0f7c7387abdfa2137353cfe78e352ab430cc python3.12-test-3.12.12-6.el9_8.x86_64.rpm SHA-256: f258f5a19262ee6f2cdd97e13b4646c8fb31663e472d5b7b723a7fa81be4da53 python3.12-tkinter-3.12.12-6.el9_8.i686.rpm SHA-256: 7adb87b079ad843b58bf5583bdafdfe30ceebcb6c71e64c6b5cb7c2daaef02dd Red Hat CodeReady Linux Builder for Power, little endian 9 SRPM ppc64le python3.12-debug-3.12.12-6.el9_8.ppc64le.rpm SHA-256: 8196921496df3acbb2329017ddae5ced435689a205f0dc25860b3666550f6bb7 python3.12-debuginfo-3.12.12-6.el9_8.ppc64le.rpm SHA-256: 0714013f119d1f3a7f40ec6efef85bc6bcd5d162b0b352109fa1798d87c270a1 python3.12-debugsource-3.12.12-6.el9_8.ppc64le.rpm SHA-256: f3776826adb9f6464cd2e09a08df1ada83d3440f509f21a22e66ea558eaab886 python3.12-idle-3.12.12-6.el9_8.ppc64le.rpm SHA-256: ed3e50ba2180f5cb2f1688d664eb848bbc2820783f75e446d45e7f286bfb3778 python3.12-test-3.12.12-6.el9_8.ppc64le.rpm SHA-256: 7b38969e93a66c9781bab50292aa9010a5d97d719eab7b814e30cc4109d99843 Red Hat CodeReady Linux Builder for ARM 64 9 SRPM aarch64 python3.12-debug-3.12.12-6.el9_8.aarch64.rpm SHA-256: c020d41e283b8da0873b1b4e2287f67f7839e38457d333136762ae0fbbd3df97 python3.12-debuginfo-3.12.12-6.el9_8.aarch64.rpm SHA-256: 99d56134b6dd31db8fc7194a0c4ccd082cb4e2208c400ec29623d8a41ed78d7d python3.12-debugsource-3.12.12-6.el9_8.aarch64.rpm SHA-256: 5945e956b8fd9a515ee89f857f45c26f8a4340bd4f8c754a290e7113565ef78f python3.12-idle-3.12.12-6.el9_8.aarch64.rpm SHA-256: 1be033d53372081a02107fc5745c4d82b97f68c67f5b24f165f06f28b68dc3ee python3.12-test-3.12.12-6.el9_8.aarch64.rpm SHA-256: d30fdd4d3c652016bcecd478f0efaa7f2633fd4de1e0620fa0d2d2322ced376f Red Hat CodeReady Linux Builder for IBM z Systems 9 SRPM s390x python3.12-debug-3.12.12-6.el9_8.s390x.rpm SHA-256: 7661817b0fd3cb27c95c6f42aebc2c544a1891b7b96abc7c77410b3412b514e1 python3.12-debuginfo-3.12.12-6.el9_8.s390x.rpm SHA-256: 7372c585fa6f5e4007732f01899bad200ee2f93e2c2595e0b26827ee4915734e python3.12-debugsource-3.12.12-6.el9_8.s390x.rpm SHA-256: 6d15ff346a5e95d6a3ef1c051781364f59bb9e08f223763142fe39699c8b1096 python3.12-idle-3.12.12-6.el9_8.s390x.rpm SHA-256: 69c27e0d4eb7ffdb9125ba2b7e71b5312b7ca3dd10642b3e8b3107332081d1ca python3.12-test-3.12.12-6.el9_8.s390x.rpm SHA-256: 9f05d871204675f060611f5f04c708484e3e9abec17e39013b20a03d298757f2 The Red Hat security contact is secalert@redhat.com . More contact details