Red Hat Product Errata RHSA-2026:19359 - Security Advisory Issued: 2026-05-19 Updated: 2026-05-19 RHSA-2026:19359 - Security Advisory Overview Updated Packages Synopsis Important: openexr security update Type/Severity Security Advisory: Important Red Hat Lightspeed patch analysis Identify and remediate systems affected by this advisory. View affected systems Topic An update for openexr is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Description OpenEXR is an open-source high-dynamic-range floating-point image file format for high-quality image processing and storage. This document presents a brief overview of OpenEXR and explains concepts that are specific to this format. This package containes the binaries for OpenEXR. Security Fix(es): OpenEXR: OpenEXR: Arbitrary code execution and information disclosure via crafted EXR file (CVE-2026-34588) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Solution For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Affected Products Red Hat Enterprise Linux for x86_64 9 x86_64 Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.8 x86_64 Red Hat Enterprise Linux for IBM z Systems 9 s390x Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.8 s390x Red Hat Enterprise Linux for Power, little endian 9 ppc64le Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.8 ppc64le Red Hat Enterprise Linux for ARM 64 9 aarch64 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.8 aarch64 Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.8 ppc64le Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.8 x86_64 Red Hat CodeReady Linux Builder for x86_64 9 x86_64 Red Hat CodeReady Linux Builder for Power, little endian 9 ppc64le Red Hat CodeReady Linux Builder for ARM 64 9 aarch64 Red Hat CodeReady Linux Builder for IBM z Systems 9 s390x Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.8 x86_64 Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.8 ppc64le Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.8 s390x Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.8 aarch64 Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.8 aarch64 Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.8 s390x Red Hat Enterprise Linux for x86_64 - Extended Life Cycle 9.8 x86_64 Red Hat Enterprise Linux for ARM 64 - Extended Life Cycle 9.8 aarch64 Red Hat Enterprise Linux for Power, little endian - Extended Life Cycle 9.8 ppc64le Red Hat Enterprise Linux for IBM z Systems - Extended Life Cycle 9.8 s390x Fixes BZ - 2455408 - CVE-2026-34588 OpenEXR: OpenEXR: Arbitrary code execution and information disclosure via crafted EXR file CVEs CVE-2026-34588 References https://access.redhat.com/security/updates/classification/#important Note: More recent versions of these packages may be available. Click a package name for more details. Red Hat Enterprise Linux for x86_64 9 SRPM openexr-3.1.1-3.el9_8.2.src.rpm SHA-256: 3e956f486a0366caace8ea4a7e709731aa6940a40e6f8b54ddc39502c3985bb8 x86_64 openexr-3.1.1-3.el9_8.2.x86_64.rpm SHA-256: 39bc1b4c423ac5ea23bf0a3fe71dd720b7d23894214b7d9aadacc63055882ff4 openexr-debuginfo-3.1.1-3.el9_8.2.i686.rpm SHA-256: 9926aa647e9dd8285b40a1bb6340110cec9de91882ee578e88634924816b6b46 openexr-debuginfo-3.1.1-3.el9_8.2.x86_64.rpm SHA-256: cb7637596e805fbff4229bb13d863702f9db085c09eb6dfba74f36fc2d1f5612 openexr-debugsource-3.1.1-3.el9_8.2.i686.rpm SHA-256: 3c509c58bd7e8247f2bbc7c704da95c9ce34d05c1001902148eda78b29db72af openexr-debugsource-3.1.1-3.el9_8.2.x86_64.rpm SHA-256: b2964fa50f936037b1ce5524b6ac2546c595abe312719f789a97876f2e4ab22b openexr-libs-3.1.1-3.el9_8.2.i686.rpm SHA-256: ca4049e81e6c321ce42a38c0448a4ddb9111c63a5a7a2b64bc242419823edef5 openexr-libs-3.1.1-3.el9_8.2.x86_64.rpm SHA-256: 0272523186cc510d8d38444bee700cf719d3582926ca5c2784c82486ab3fea2c openexr-libs-debuginfo-3.1.1-3.el9_8.2.i686.rpm SHA-256: 2740679c19abeba573def5a90db03102f94043e131415c80aab5ad5f8cc192f2 openexr-libs-debuginfo-3.1.1-3.el9_8.2.x86_64.rpm SHA-256: 32129690e190e9f410b7fd5d2e6c7b756e52023e8278689827e8039ae9d1ca29 Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.8 SRPM openexr-3.1.1-3.el9_8.2.src.rpm SHA-256: 3e956f486a0366caace8ea4a7e709731aa6940a40e6f8b54ddc39502c3985bb8 x86_64 openexr-3.1.1-3.el9_8.2.x86_64.rpm SHA-256: 39bc1b4c423ac5ea23bf0a3fe71dd720b7d23894214b7d9aadacc63055882ff4 openexr-debuginfo-3.1.1-3.el9_8.2.i686.rpm SHA-256: 9926aa647e9dd8285b40a1bb6340110cec9de91882ee578e88634924816b6b46 openexr-debuginfo-3.1.1-3.el9_8.2.x86_64.rpm SHA-256: cb7637596e805fbff4229bb13d863702f9db085c09eb6dfba74f36fc2d1f5612 openexr-debugsource-3.1.1-3.el9_8.2.i686.rpm SHA-256: 3c509c58bd7e8247f2bbc7c704da95c9ce34d05c1001902148eda78b29db72af openexr-debugsource-3.1.1-3.el9_8.2.x86_64.rpm SHA-256: b2964fa50f936037b1ce5524b6ac2546c595abe312719f789a97876f2e4ab22b openexr-libs-3.1.1-3.el9_8.2.i686.rpm SHA-256: ca4049e81e6c321ce42a38c0448a4ddb9111c63a5a7a2b64bc242419823edef5 openexr-libs-3.1.1-3.el9_8.2.x86_64.rpm SHA-256: 0272523186cc510d8d38444bee700cf719d3582926ca5c2784c82486ab3fea2c openexr-libs-debuginfo-3.1.1-3.el9_8.2.i686.rpm SHA-256: 2740679c19abeba573def5a90db03102f94043e131415c80aab5ad5f8cc192f2 openexr-libs-debuginfo-3.1.1-3.el9_8.2.x86_64.rpm SHA-256: 32129690e190e9f410b7fd5d2e6c7b756e52023e8278689827e8039ae9d1ca29 Red Hat Enterprise Linux for IBM z Systems 9 SRPM openexr-3.1.1-3.el9_8.2.src.rpm SHA-256: 3e956f486a0366caace8ea4a7e709731aa6940a40e6f8b54ddc39502c3985bb8 s390x openexr-3.1.1-3.el9_8.2.s390x.rpm SHA-256: b11cfac8a102c1601d38079f3f054373d888d2033d17992dd4e9d2bfc53bde1e openexr-debuginfo-3.1.1-3.el9_8.2.s390x.rpm SHA-256: 8270847ffaf9a6c28318b70efb4e55a654dd4985a9abb8c5a13553d3685bfd2c openexr-debugsource-3.1.1-3.el9_8.2.s390x.rpm SHA-256: d23484e79afd0dd7a0404192f13d0b2e44b0c2ea6e0627bdba85821d67e62cbb openexr-libs-3.1.1-3.el9_8.2.s390x.rpm SHA-256: 71dcc56caba6882cb6881bb4d557729076afc76c9d89ac36074a71bd5e4919ba openexr-libs-debuginfo-3.1.1-3.el9_8.2.s390x.rpm SHA-256: de5d7e632e9724639eef95c03fa93d188c89a0f55cf59e2e418299dd994e72e2 Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.8 SRPM openexr-3.1.1-3.el9_8.2.src.rpm SHA-256: 3e956f486a0366caace8ea4a7e709731aa6940a40e6f8b54ddc39502c3985bb8 s390x openexr-3.1.1-3.el9_8.2.s390x.rpm SHA-256: b11cfac8a102c1601d38079f3f054373d888d2033d17992dd4e9d2bfc53bde1e openexr-debuginfo-3.1.1-3.el9_8.2.s390x.rpm SHA-256: 8270847ffaf9a6c28318b70efb4e55a654dd4985a9abb8c5a13553d3685bfd2c openexr-debugsource-3.1.1-3.el9_8.2.s390x.rpm SHA-256: d23484e79afd0dd7a0404192f13d0b2e44b0c2ea6e0627bdba85821d67e62cbb openexr-libs-3.1.1-3.el9_8.2.s390x.rpm SHA-256: 71dcc56caba6882cb6881bb4d557729076afc76c9d89ac36074a71bd5e4919ba openexr-libs-debuginfo-3.1.1-3.el9_8.2.s390x.rpm SHA-256: de5d7e632e9724639eef95c03fa93d188c89a0f55cf59e2e418299dd994e72e2 Red Hat Enterprise Linux for Power, little endian 9 SRPM openexr-3.1.1-3.el9_8.2.src.rpm SHA-256: 3e956f486a0366caace8ea4a7e709731aa6940a40e6f8b54ddc39502c3985bb8 ppc64le openexr-3.1.1-3.el9_8.2.ppc64le.rpm SHA-256: 7073baddb2d8a7b34842f07dc15101ab072093087219c8596d5f8cda9590771f openexr-debuginfo-3.1.1-3.el9_8.2.ppc64le.rpm SHA-256: 81e0310e70340072c934cf0408dfae24876bd03c3716d37d67a7b2aa5fb04a65 openexr-debugsource-3.1.1-3.el9_8.2.ppc64le.rpm SHA-256: f837ac20c8434a4ab0d434e694af90dc192598584424df6083a71cd7b521f0f9 openexr-libs-3.1.1-3.el9_8.2.ppc64le.rpm SHA-256: b453e0c4d6f51e165cd68695c100b88193708455b81a5598644135a5e8901b61 openexr-libs-debuginfo-3.1.1-3.el9_8.2.ppc64le.rpm SHA-256: 1332640c8c92db8d3d07ea9e1dd6f6712eda583c20df7acb55381fd02615ae8f Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.8 SRPM openexr-3.1.1-3.el9_8.2.src.rpm SHA-256: 3e956f486a0366caace8ea4a7e709731aa6940a40e6f8b54ddc39502c3985bb8 ppc64le openexr-3.1.1-3.el9_8.2.ppc64le.rpm SHA-256: 7073baddb2d8a7b34842f07dc15101ab072093087219c8596d5f8cda9590771f openexr-debuginfo-3.1.1-3.el9_8.2.ppc64le.rpm SHA-256: 81e0310e70340072c934cf0408dfae24876bd03c3716d37d67a7b2aa5fb04a65 openexr-debugsource-3.1.1-3.el9_8.2.ppc64le.rpm SHA-256: f837ac20c8434a4ab0d434e694af90dc192598584424df6083a71cd7b521f0f9 openexr-libs-3.1.1-3.el9_8.2.ppc64le.rpm SHA-256: b453e0c4d6f51e165cd68695c100b88193708455b81a5598644135a5e8901b61 openexr-libs-debuginfo-3.1.1-3.el9_8.2.ppc64le.rpm SHA-256: 1332640c8c92db8d3d07ea9e1dd6f6712eda583c20df7acb55381fd02615ae8f Red Hat Enterprise Linux for ARM 64 9 SRPM openexr-3.1.1-3.el9_8.2.src.rpm SHA-256: 3e956f486a0366caace8ea4a7e709731aa6940a40e6f8b54ddc39502c3985bb8 aarch64 openexr-3.1.1-3.el9_8.2.aarch64.rpm SHA-256: e0a6192e905444f9acea89b13984eec8ba7f0dafb973a4c234ba6765c01d5f2e openexr-debuginfo-3.1.1-3.el9_8.2.aarch64.rpm SHA-256: 59ab115b62ab41369c239d8a0349d40935ef78a1e4aa0e1226f0681e7b455170 openexr-debugsource-3.1.1-3.el9_8.2.aarch64.rpm SHA-256: 909e84041c846fea26c88a286fcc0af17ff1799b7835081ccfa5b847c18ef52b openexr-libs-3.1.1-3.el9_8.2.aarch64.rpm SHA-256: 4bfa8bace9e3829339e572992fea51cf19926f02ca52f04b19089431c765d435 openexr-libs-debuginfo-3.1.1-3.el9_8.2.aarch64.rpm SHA-256: 179eee872d36f60e304269380a82c4337ad8c4fe2443b4dbba554d5940629ff3 Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.8 SRPM openexr-3.1.1-3.el9_8.2.src.rpm SHA-256: 3e956f486a0366caace8ea4a7e709731aa6940a40e6f8b54ddc39502c3985bb8 aarch64 openexr-3.1.1-3.el