-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 08 Apr 2026 08:58:00 +0700
Source: python3.11
Binary: libpython3.11 libpython3.11-dbg libpython3.11-dev libpython3.11-minimal libpython3.11-stdlib python3.11 python3.11-dbg python3.11-dev python3.11-full python3.11-minimal python3.11-nopie python3.11-venv
Architecture: arm64
Version: 3.11.2-6+deb12u7
Distribution: bookworm
Urgency: medium
Maintainer: arm Build Daemon (arm-ubc-06) <buildd_arm64-arm-ubc-06@buildd.debian.org>
Changed-By: Arnaud Rebillout <arnaudr@debian.org>
Description:
 libpython3.11 - Shared Python runtime library (version 3.11)
 libpython3.11-dbg - Debug Build of the Python Interpreter (version 3.11)
 libpython3.11-dev - Header files and a static library for Python (v3.11)
 libpython3.11-minimal - Minimal subset of the Python language (version 3.11)
 libpython3.11-stdlib - Interactive high-level object-oriented language (standard library
 python3.11 - Interactive high-level object-oriented language (version 3.11)
 python3.11-dbg - Debug Build of the Python Interpreter (version 3.11)
 python3.11-dev - Header files and a static library for Python (v3.11)
 python3.11-full - Python Interpreter with complete class library (version 3.11)
 python3.11-minimal - Minimal subset of the Python language (version 3.11)
 python3.11-nopie - Python interpreter linked without PIE (version 3.11)
 python3.11-venv - Interactive high-level object-oriented language (pyvenv binary, v
Changes:
 python3.11 (3.11.2-6+deb12u7) bookworm; urgency=medium
 .
   * Non-maintainer upload.
   * Apply upstream patches for the following CVEs:
     - CVE-2025-4516: issue in bytes.decode("unicode_escape",
       error="ignore|replace")
     - CVE-2025-6069: quadratic complexity in html.parser.HTMLParser
     - CVE-2025-6075: performance degradation in os.path.expandvars()
     - CVE-2025-8194: infinite loop and deadlock in tarfile
     - CVE-2025-8291: incorrect ZIP64 End of Central Directory handling
     - CVE-2025-11468: Folding email comments of unfoldable characters
       didn't preserve parenthesis which could be abused.
     - CVE-2025-12084: quadratic complexity in xml.dom.minidom appendChild etc
     - CVE-2025-13836: OOM or other DoS due to incorrect Content-Length
       handling in http.client
     - CVE-2025-13837: OOM or other DoS due to incorrect data size handling
       in plistlib
     - CVE-2025-15282: User-controlled data URLs parsed by urllib allowed
       injecting headers through newlines in the data URL mediatype.
     - CVE-2026-0672: User-controlled cookie values and parameters could be
       used to inject HTTP headers into messages.
     - CVE-2026-0865: User-controlled header names and values containing
       newlines could be used to inject HTTP headers.
     - CVE-2026-1299: email module allowed header injection in the
       BytesGenerator class.
Checksums-Sha1:
 cb30479acb95a698c7b4ce5f96c603a73c0f5d30 16492000 libpython3.11-dbg_3.11.2-6+deb12u7_arm64.deb
 c2f440560d3b0f3d6612b8e4814397dc41c18865 4393564 libpython3.11-dev_3.11.2-6+deb12u7_arm64.deb
 6b023cb1587b7216e1781a298493d9a307c7a6ae 810516 libpython3.11-minimal_3.11.2-6+deb12u7_arm64.deb
 bbbdf74e9b773ea73ea80e8f4e9687bddeb09b0b 1747704 libpython3.11-stdlib_3.11.2-6+deb12u7_arm64.deb
 611b3e5513d87b6e626e10c666d8adc7f866a113 1839532 libpython3.11_3.11.2-6+deb12u7_arm64.deb
 8b7bb48f9472aa74a8389e989f2a0247a6d0d90c 35661852 python3.11-dbg_3.11.2-6+deb12u7_arm64.deb
 c82a4a82d203774f638d3975142862ed2071e7f9 617676 python3.11-dev_3.11.2-6+deb12u7_arm64.deb
 f1450a4421bac2336583313a2aae005b9c923229 1292 python3.11-full_3.11.2-6+deb12u7_arm64.deb
 baaddeb96e00a4d0f307a9b4e93481931194fd3c 1858944 python3.11-minimal_3.11.2-6+deb12u7_arm64.deb
 1f4fbbac3dac1a3faf788821c30fc99d7bd107a6 1848400 python3.11-nopie_3.11.2-6+deb12u7_arm64.deb
 26beacc2fed77f699328bb52a11a0bf1d5b372a5 5892 python3.11-venv_3.11.2-6+deb12u7_arm64.deb
 cc33407b78de34871a07d80ed46d1dc1c39e8641 13577 python3.11_3.11.2-6+deb12u7_arm64-buildd.buildinfo
 437a70a4abe301d95a419a32fef77fa9fa173525 573816 python3.11_3.11.2-6+deb12u7_arm64.deb
Checksums-Sha256:
 4679261b6b985c3a7e4cdc875834e93804dca95f2e6fc3a351b4cf03f1c073c7 16492000 libpython3.11-dbg_3.11.2-6+deb12u7_arm64.deb
 441c2d8ce2a9c627a2a112ef8b22f0418b2958860884a6be7b5cae4d72fcb4e7 4393564 libpython3.11-dev_3.11.2-6+deb12u7_arm64.deb
 837c4313ad191305ea4c749f5abda02c48a536823369d9c85521257c94a41063 810516 libpython3.11-minimal_3.11.2-6+deb12u7_arm64.deb
 41df7390adc877c8f00f9a587cb7d91b83e789c6aba9f44effe97e056f87603b 1747704 libpython3.11-stdlib_3.11.2-6+deb12u7_arm64.deb
 e482c3caf618ac738498b6d11871b392c99b57dd0e034e9fd92602288b72dff8 1839532 libpython3.11_3.11.2-6+deb12u7_arm64.deb
 3ad80f10b6beb4d8906d070617385fa6507b04e49b1f0d64da239cd4f869ebc3 35661852 python3.11-dbg_3.11.2-6+deb12u7_arm64.deb
 92053e30d040c7377b07bd293d11248939b71e873d89a492ff8b78153ef1ce42 617676 python3.11-dev_3.11.2-6+deb12u7_arm64.deb
 1083a517a3b17c261023cd840d25025a2b9ecb122e3b98424c9c4e91373e8808 1292 python3.11-full_3.11.2-6+deb12u7_arm64.deb
 d11426318850f39c5a6077fdbd4ff6d81bf77bc47cb46bae9db13c0b23c0c8ec 1858944 python3.11-minimal_3.11.2-6+deb12u7_arm64.deb
 6925b038abe504d96ad3d2503606f281fbc1742037a286ca7463e3a86fa3a4b5 1848400 python3.11-nopie_3.11.2-6+deb12u7_arm64.deb
 bb4c92532d2f1a59a5339a9136f6a216a109e31ea9d0fd930ad23eec7ea9ca73 5892 python3.11-venv_3.11.2-6+deb12u7_arm64.deb
 009d834c474da4222facd03603dd5eac78a869274e45f10e0e80dc791ff02eb6 13577 python3.11_3.11.2-6+deb12u7_arm64-buildd.buildinfo
 05552d0d6edeaf49235e598dc023fad3730effd7f1e28398379502bfdcbddcdf 573816 python3.11_3.11.2-6+deb12u7_arm64.deb
Files:
 a6c4882431fa84c61d565b8b5e3b3a4e 16492000 debug optional libpython3.11-dbg_3.11.2-6+deb12u7_arm64.deb
 366b06873d8c11cd7a1707291081ffd6 4393564 libdevel optional libpython3.11-dev_3.11.2-6+deb12u7_arm64.deb
 5bc68eef35d1f2a26b35cf6266c898d3 810516 python optional libpython3.11-minimal_3.11.2-6+deb12u7_arm64.deb
 07868a6460a955a585672f219cec852d 1747704 python optional libpython3.11-stdlib_3.11.2-6+deb12u7_arm64.deb
 f258c4b9a302421100a16a424f555cb0 1839532 libs optional libpython3.11_3.11.2-6+deb12u7_arm64.deb
 437bf47eb6a1ed873114d41f571972ec 35661852 debug optional python3.11-dbg_3.11.2-6+deb12u7_arm64.deb
 8057a6b687035a6b42015400a5a92aac 617676 python optional python3.11-dev_3.11.2-6+deb12u7_arm64.deb
 fc13cde2127b988272d92f7c13a84bea 1292 python optional python3.11-full_3.11.2-6+deb12u7_arm64.deb
 798d0c59adeecd3258f8f8dccba1764e 1858944 python optional python3.11-minimal_3.11.2-6+deb12u7_arm64.deb
 b7a089fe8b641e9279f31ad0c79075ad 1848400 python optional python3.11-nopie_3.11.2-6+deb12u7_arm64.deb
 43bd62c4082469a2b0be171c25b9e000 5892 python optional python3.11-venv_3.11.2-6+deb12u7_arm64.deb
 9faf9ba58f172b25e3aeaa3bfd1783ef 13577 python optional python3.11_3.11.2-6+deb12u7_arm64-buildd.buildinfo
 6e3fc4990a100a148e691a98f1fe338c 573816 python optional python3.11_3.11.2-6+deb12u7_arm64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEpxWVfktWxVoKRwGgJ7tNDw2WyRsFAmn2qg4ACgkQJ7tNDw2W
yRtXlg//VYofaRaNYHbIqiNEo0m8zciGOPwqjLj4f0Ep/WiB7qpGpWw1stbSxMMr
b6hhxzw38dXlla5e7E3TLlJ/+52vNnYV3fSIAZgv4BjbWxLbiC0JiKbTyzcMkS/5
r92bEYKfu7+CcKLE2LW1GQoVkHGtmpmt2K7KilxjPlWEcWy5MdTcjkHYyTl77v6m
BQZGAz6duaX1dDmIcnPmm0Ub+d6Lg2TQAmpSlkwjhL7tZbj9vutT+V9Zwtj1/4UA
PiRJOOdYtzgesTiGnm649YUgYpiTTYuExlToERxyAby8q5/RU1pmxPaQTDBlDX3z
QWRfDXuIJL6dkq+GiIyv9uc++9836axSYi99HcBkaKv3AT0jckCU7x9Voad8KPML
youCl1CjqWZNyv/goJCWfUSOz9KX6McmM6uYpR7yUjnyfosKlz6TF1ZDA+exLV9Q
s8RcNCKnaKYIOiL+RAN5rPej49TCRHP7PCcLX9meSol1ixzfvYC4iOgALrjPq9F2
0dI/JaBqkycnZhftNuZU07IZUCLYgxMjdSZQvtA8wHEP5buo+avrQTNqrRREN3Dc
P+w5oVzvFEsIo8AOOYWzk6NLTCwIViRQ0eg9NCafp4iTAEdAXkzPiKemW5LwBMqB
220Q5OLA2pz0EQxy4bDyE4jsXCEKpBf+BP9k0hEiuGliNVLLvac=
=PgeR
-----END PGP SIGNATURE-----