[CLSA-2026:1774438452] python3.11: Fix of 3 CVEs
Type:
security
Severity:
Important
Release date:
2026-03-25 11:34:16 UTC
Description:
- CVE-2026-1299: Fix header injection; quote newlines in email headers and reject incorrectly folded LiteralHeader values during serialization with BytesGenerator. - CVE-2026-0865: Fix header injection via user-controlled header names and values containing newlines; sanitize and reject header names and values containing newline characters. - CVE-2025-15367: Reject control characters in POP3 commands to prevent command injection via newlines in user-controlled input
Updated packages:
  • python3.11-3.11.2-2.el9_2.2.tuxcare.els19.i686.rpm
    sha:a03ecd2077d442857c189b912ece3009d4fb6adee46c70f5ec739c7f46fb9581
  • python3.11-3.11.2-2.el9_2.2.tuxcare.els19.x86_64.rpm
    sha:76c7ae5ef0c0f35d3e6902fb9aad92181c3171c3e5df64c6c20dce35ac40d4f4
  • python3.11-debug-3.11.2-2.el9_2.2.tuxcare.els19.i686.rpm
    sha:b052551d8fa8d1dc959f17201e03f7813e98415cc2c0f246cb5793edd5c67751
  • python3.11-debug-3.11.2-2.el9_2.2.tuxcare.els19.x86_64.rpm
    sha:db9f3b643f9d10ad934ce884f3d6389e37f8d73c0552e4d021f4b90fb85973e8
  • python3.11-devel-3.11.2-2.el9_2.2.tuxcare.els19.i686.rpm
    sha:43fc017b8b8a49ffe804789c105f5a1b7a208ac00b0a5ba9bbec029be0213aff
  • python3.11-devel-3.11.2-2.el9_2.2.tuxcare.els19.x86_64.rpm
    sha:c8527211c9161368a0f0675ed84b0621d24e00a5204d3842106955efb1f74111
  • python3.11-idle-3.11.2-2.el9_2.2.tuxcare.els19.i686.rpm
    sha:ccfdc0e7d6ca9d26816b74ba779edfb71ab701fc8fe5be2409cd321a9381f10b
  • python3.11-idle-3.11.2-2.el9_2.2.tuxcare.els19.x86_64.rpm
    sha:a506ea6f7c1b733685e1217ce0e4ecbfc48fd373a16dadf98ff1916e76ef2d36
  • python3.11-libs-3.11.2-2.el9_2.2.tuxcare.els19.i686.rpm
    sha:31e1da4df0f2ec075c89dd77e4cff1a0f9b87a94b2d2005a667605df2c784ef5
  • python3.11-libs-3.11.2-2.el9_2.2.tuxcare.els19.x86_64.rpm
    sha:a2e0e9a552e274558178276f1e9190a16cc4319799080d674447ae43012c10fd
  • python3.11-test-3.11.2-2.el9_2.2.tuxcare.els19.i686.rpm
    sha:8d79189b606da1464fdea1f822c0fc59c01d5c2d0596f3b2bee323d91da847f1
  • python3.11-test-3.11.2-2.el9_2.2.tuxcare.els19.x86_64.rpm
    sha:cd65bbb84706e8ea416974dcefdff4006c983cd0d14819bdc93a13ceec8a6b75
  • python3.11-tkinter-3.11.2-2.el9_2.2.tuxcare.els19.i686.rpm
    sha:657ba0e2f3234961d1dc1c5e5c77756d9391c3cb7c40338a2bb429a28a31d99f
  • python3.11-tkinter-3.11.2-2.el9_2.2.tuxcare.els19.x86_64.rpm
    sha:1e59620084bfd2d5624bf730ac833a5138217c4e7bda6c4bd4da1f1c98edb38f
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.