[CLSA-2026:1777883384] python3.11: Fix of CVE-2026-4786
Type:
security
Severity:
Important
Release date:
2026-05-04 08:29:48 UTC
Description:
- CVE-2026-4786: fix webbrowser %action substitution bypass of dash-prefix check by validating url after %action expansion and reordering replace() calls so the dash-prefix check sees the final argument
Updated packages:
  • python3.11-3.11.2-2.el9_2.2.tuxcare.els22.i686.rpm
    sha:e17251d4e40a646cb954b9fa49ef6400f6a1bf9968a023d8044855137b5b5164
  • python3.11-3.11.2-2.el9_2.2.tuxcare.els22.x86_64.rpm
    sha:b66898b501bd3d58b301be88f7a8d22aca44002ffc4bb11d0718c5eca7512b27
  • python3.11-debug-3.11.2-2.el9_2.2.tuxcare.els22.i686.rpm
    sha:279ab4a6e18d39b3d9981dfd9604827c57a39f0628d6792319f1580c810aaafc
  • python3.11-debug-3.11.2-2.el9_2.2.tuxcare.els22.x86_64.rpm
    sha:ad53def0c1d0c533e668cb68193bc8c2b848fccc9f49b63335582e31dd9cf84d
  • python3.11-devel-3.11.2-2.el9_2.2.tuxcare.els22.i686.rpm
    sha:e250e4804b236401a305ac021e02496731eb0d941775f5b65d1f76534a95679c
  • python3.11-devel-3.11.2-2.el9_2.2.tuxcare.els22.x86_64.rpm
    sha:93cd83ce0780348b899efd65a3931b546ddb17cfbdb7bc52d44df470114f08b6
  • python3.11-idle-3.11.2-2.el9_2.2.tuxcare.els22.i686.rpm
    sha:5ff75856df1af1de5088c532dbe0fa17fcb27c7514baece770cee185b6554796
  • python3.11-idle-3.11.2-2.el9_2.2.tuxcare.els22.x86_64.rpm
    sha:b8b5da152d7663270aa77bcb542172a4397e50a51946a1a400c48c9c39a5c70f
  • python3.11-libs-3.11.2-2.el9_2.2.tuxcare.els22.i686.rpm
    sha:4ce9f3fbf952305e05d5679e6c528bfbc57ca7d13018183a8699a9cb8bb47014
  • python3.11-libs-3.11.2-2.el9_2.2.tuxcare.els22.x86_64.rpm
    sha:dff95189930409f06b2cd5ae0f613846c1b93cae786c6c0a5d62c9191d867fae
  • python3.11-test-3.11.2-2.el9_2.2.tuxcare.els22.i686.rpm
    sha:b6792676fbb6268b083d5059f84906b6f7cfd9da593588fc26260633a23f5bcc
  • python3.11-test-3.11.2-2.el9_2.2.tuxcare.els22.x86_64.rpm
    sha:27938ab81359a5f95b56245f0d04528ab3b2c222ef42335798b7d2972acf893c
  • python3.11-tkinter-3.11.2-2.el9_2.2.tuxcare.els22.i686.rpm
    sha:da348b68969a8f5494a0d262e9f2d02c9e936cce424923d0724a0757bc35057c
  • python3.11-tkinter-3.11.2-2.el9_2.2.tuxcare.els22.x86_64.rpm
    sha:b4899dc300579b5ae97137143c823e573c3066a24c4216e7ddcf3425cc68ffe6
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.