[CLSA-2026:1780972752] python3.11: Fix of CVE-2026-7210
Type:
security
Severity:
Critical
Release date:
2026-06-09 02:39:28 UTC
Description:
- CVE-2026-7210: seed pyexpat/_elementtree with 16-byte XML hash salt via XML_SetHashSalt16Bytes; detect the symbol at runtime through a weak declaration so the fix engages against system libexpat 2.5.0 with the CVE-2026-41080 backport; add hard Requires on expat >= 2.5.0-1.el9_2.tuxcare.els12
CVEs fixed:
Updated packages:
  • python3.11-3.11.2-2.el9_2.2.tuxcare.els27.i686.rpm
    sha:70f327f602a835a750ca1d6be491330b88a43e2335b6065aeeb2554b1f44a64b
  • python3.11-3.11.2-2.el9_2.2.tuxcare.els27.x86_64.rpm
    sha:961b53ddff68597efea9aab03bd61d0235ab4cc419aefb6250454887f530c0bf
  • python3.11-debug-3.11.2-2.el9_2.2.tuxcare.els27.i686.rpm
    sha:941098d55b8e7f16e2021d44eedb5ef9416db19307e662547d1802ffc54224f5
  • python3.11-debug-3.11.2-2.el9_2.2.tuxcare.els27.x86_64.rpm
    sha:e20ad80852613796892215339a76fab68d176b97c0a3bc5e1ab928d242b5082f
  • python3.11-devel-3.11.2-2.el9_2.2.tuxcare.els27.i686.rpm
    sha:62b4626b357ce3181e833e583760022a9872b5e9c0bfab2354e2faabc356586a
  • python3.11-devel-3.11.2-2.el9_2.2.tuxcare.els27.x86_64.rpm
    sha:b7c97e79bc4d762be9bd44a536e80b7ea14b247e8b44a6078afc1d8104e1cfe5
  • python3.11-idle-3.11.2-2.el9_2.2.tuxcare.els27.i686.rpm
    sha:063141e95034228f4af01465ee722ef9c7bc737b5c4b13a07043e3030330d7ff
  • python3.11-idle-3.11.2-2.el9_2.2.tuxcare.els27.x86_64.rpm
    sha:129ccc956206788199dde1e6609ecbebef55c61f0dabd46fefd2c107e4c5e642
  • python3.11-libs-3.11.2-2.el9_2.2.tuxcare.els27.i686.rpm
    sha:177a454e7d0c910d6807969c73d720dfb75ca5f4847d7893a404d7aafbde97fd
  • python3.11-libs-3.11.2-2.el9_2.2.tuxcare.els27.x86_64.rpm
    sha:48ede63dd66effbe5157e1997b1e053a3bc779ad82cb8ff81eea561b09a0d836
  • python3.11-test-3.11.2-2.el9_2.2.tuxcare.els27.i686.rpm
    sha:1b64c64dc353fe4fede703387d637ddce711e9e73d30cbd135f39b79f85757a6
  • python3.11-test-3.11.2-2.el9_2.2.tuxcare.els27.x86_64.rpm
    sha:c8e11108ceb9865b1bed510d5e4fe3aa7c5a3eabd69722a0d290f9564cef7b74
  • python3.11-tkinter-3.11.2-2.el9_2.2.tuxcare.els27.i686.rpm
    sha:e8f85e67a7b7383f6ca8cb22e525fe31dc7cce1a6f4ee8027070b50b262c182a
  • python3.11-tkinter-3.11.2-2.el9_2.2.tuxcare.els27.x86_64.rpm
    sha:6a05f9a43a0a329bc678547b779a946dd85b806cac1b59ba8dd3fb3f897c2aba
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.