-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 08 Apr 2026 08:58:00 +0700
Source: python3.11
Binary: libpython3.11 libpython3.11-dbg libpython3.11-dev libpython3.11-minimal libpython3.11-stdlib python3.11 python3.11-dbg python3.11-dev python3.11-full python3.11-minimal python3.11-nopie python3.11-venv
Architecture: armhf
Version: 3.11.2-6+deb12u7
Distribution: bookworm
Urgency: medium
Maintainer: armhf Build Daemon (arm-conova-01) <buildd_arm64-arm-conova-01@buildd.debian.org>
Changed-By: Arnaud Rebillout <arnaudr@debian.org>
Description:
 libpython3.11 - Shared Python runtime library (version 3.11)
 libpython3.11-dbg - Debug Build of the Python Interpreter (version 3.11)
 libpython3.11-dev - Header files and a static library for Python (v3.11)
 libpython3.11-minimal - Minimal subset of the Python language (version 3.11)
 libpython3.11-stdlib - Interactive high-level object-oriented language (standard library
 python3.11 - Interactive high-level object-oriented language (version 3.11)
 python3.11-dbg - Debug Build of the Python Interpreter (version 3.11)
 python3.11-dev - Header files and a static library for Python (v3.11)
 python3.11-full - Python Interpreter with complete class library (version 3.11)
 python3.11-minimal - Minimal subset of the Python language (version 3.11)
 python3.11-nopie - Python interpreter linked without PIE (version 3.11)
 python3.11-venv - Interactive high-level object-oriented language (pyvenv binary, v
Changes:
 python3.11 (3.11.2-6+deb12u7) bookworm; urgency=medium
 .
   * Non-maintainer upload.
   * Apply upstream patches for the following CVEs:
     - CVE-2025-4516: issue in bytes.decode("unicode_escape",
       error="ignore|replace")
     - CVE-2025-6069: quadratic complexity in html.parser.HTMLParser
     - CVE-2025-6075: performance degradation in os.path.expandvars()
     - CVE-2025-8194: infinite loop and deadlock in tarfile
     - CVE-2025-8291: incorrect ZIP64 End of Central Directory handling
     - CVE-2025-11468: Folding email comments of unfoldable characters
       didn't preserve parenthesis which could be abused.
     - CVE-2025-12084: quadratic complexity in xml.dom.minidom appendChild etc
     - CVE-2025-13836: OOM or other DoS due to incorrect Content-Length
       handling in http.client
     - CVE-2025-13837: OOM or other DoS due to incorrect data size handling
       in plistlib
     - CVE-2025-15282: User-controlled data URLs parsed by urllib allowed
       injecting headers through newlines in the data URL mediatype.
     - CVE-2026-0672: User-controlled cookie values and parameters could be
       used to inject HTTP headers into messages.
     - CVE-2026-0865: User-controlled header names and values containing
       newlines could be used to inject HTTP headers.
     - CVE-2026-1299: email module allowed header injection in the
       BytesGenerator class.
Checksums-Sha1:
 5e73fda4bbe0c445f83ce25e2d7364d7dc78cd0e 16056284 libpython3.11-dbg_3.11.2-6+deb12u7_armhf.deb
 9ae58d1f59954416fb44fd014352ccbc4f3c5cb9 3527464 libpython3.11-dev_3.11.2-6+deb12u7_armhf.deb
 e592f1474b09464d967b662046785f93b4e0d25c 802504 libpython3.11-minimal_3.11.2-6+deb12u7_armhf.deb
 caffc996bd111a90e1866632d0ba98bc0ae55b5b 1680460 libpython3.11-stdlib_3.11.2-6+deb12u7_armhf.deb
 85aaffc4d470def3254a60e67437115542af5af4 1708784 libpython3.11_3.11.2-6+deb12u7_armhf.deb
 3e4f74cb716fb67a2aa79a997f181386f4bb0686 35486132 python3.11-dbg_3.11.2-6+deb12u7_armhf.deb
 0620b391fb74fcac64a2b03f7a8d6847e894fb88 617440 python3.11-dev_3.11.2-6+deb12u7_armhf.deb
 2e04bf998ff3b95a54496f83c8845b8f9ba344e4 1292 python3.11-full_3.11.2-6+deb12u7_armhf.deb
 45c1d7047a91e898c85c14b1f9967228311b5f0b 1716856 python3.11-minimal_3.11.2-6+deb12u7_armhf.deb
 4bce57f96395e5d945f11ecb3f6786425632cfe2 1705304 python3.11-nopie_3.11.2-6+deb12u7_armhf.deb
 51de9250300616b98c92a871601be0367eff1237 5892 python3.11-venv_3.11.2-6+deb12u7_armhf.deb
 3deae9f57eb2f7fdc12ec6afc7b11e8af2c501c1 13437 python3.11_3.11.2-6+deb12u7_armhf-buildd.buildinfo
 26b8193992c80914ae3580e5e640691b94b06231 573816 python3.11_3.11.2-6+deb12u7_armhf.deb
Checksums-Sha256:
 c90f666c3bac9262ac2c173d2127b773d05c526b3b8eebea2cf38f9f54d3b136 16056284 libpython3.11-dbg_3.11.2-6+deb12u7_armhf.deb
 79c6bee5892741ed171b84486b6cfe806f2bd86c1c82294b14f00a57c24e3d90 3527464 libpython3.11-dev_3.11.2-6+deb12u7_armhf.deb
 d502b1879cea2907a06e47a8f74ae4015b66a95891cf6051dea481068b9d6ec6 802504 libpython3.11-minimal_3.11.2-6+deb12u7_armhf.deb
 55e47ff513894c8c562b41a306f32efcf2b989bbccf57a8be5d4d66b1fa6af2d 1680460 libpython3.11-stdlib_3.11.2-6+deb12u7_armhf.deb
 23210339105422b23a9da9914e874b7b45ff26af0e11a265eda4e7fc20980951 1708784 libpython3.11_3.11.2-6+deb12u7_armhf.deb
 137531c3a4c771688929b0edb86b2a54be50041ad4cec6a1b44449fdcdee7f9d 35486132 python3.11-dbg_3.11.2-6+deb12u7_armhf.deb
 b770e859e15b8e468f069657c596d935607dcd4a16fa244d9b4e1815a2c25a4b 617440 python3.11-dev_3.11.2-6+deb12u7_armhf.deb
 2688c3efc8ffea1f1fd5d58739f530f81d88eb680c41b3af6ad2caec5fa79799 1292 python3.11-full_3.11.2-6+deb12u7_armhf.deb
 0d4c25372bf1a39ac1c525ea2be54878ab38bd21578bd13206ba0e6f808f58b0 1716856 python3.11-minimal_3.11.2-6+deb12u7_armhf.deb
 28fd205f9f04cadd7909d0e2fbee6d8b7f2e524eaafce9e0a08a968d3b01d72a 1705304 python3.11-nopie_3.11.2-6+deb12u7_armhf.deb
 e19d22f40f18f64dd3868a4ce6cfcd0458c8228b8f44ab31b14c6ec511b47ec5 5892 python3.11-venv_3.11.2-6+deb12u7_armhf.deb
 e1134c5188d571b94ad768870f9c99d7657b75496cf1bc9133f985370a86735d 13437 python3.11_3.11.2-6+deb12u7_armhf-buildd.buildinfo
 0f529c42c5315a5ee6c464e372c173383ca09c8f6736bb8b318b58e358038a33 573816 python3.11_3.11.2-6+deb12u7_armhf.deb
Files:
 24124257a276af6b88975162a3af255c 16056284 debug optional libpython3.11-dbg_3.11.2-6+deb12u7_armhf.deb
 0d638d21a0a470ee3f1cd390083658da 3527464 libdevel optional libpython3.11-dev_3.11.2-6+deb12u7_armhf.deb
 03ddfa7107bee1cabe9cfb82bf7b9f02 802504 python optional libpython3.11-minimal_3.11.2-6+deb12u7_armhf.deb
 ee22415ff4d386812eb110ed3af63494 1680460 python optional libpython3.11-stdlib_3.11.2-6+deb12u7_armhf.deb
 87a57270d38a62caf211adf7c850c863 1708784 libs optional libpython3.11_3.11.2-6+deb12u7_armhf.deb
 5d13e9e42306a654d6014537873a29d8 35486132 debug optional python3.11-dbg_3.11.2-6+deb12u7_armhf.deb
 1a7b74f1b06be0fb66d56dd9ce00885d 617440 python optional python3.11-dev_3.11.2-6+deb12u7_armhf.deb
 9ec6701e70f1aa404987741846ee6331 1292 python optional python3.11-full_3.11.2-6+deb12u7_armhf.deb
 579fcc3b08af2ea59b0ac23c9583207d 1716856 python optional python3.11-minimal_3.11.2-6+deb12u7_armhf.deb
 ad87c889786b4f843d96c48049c50371 1705304 python optional python3.11-nopie_3.11.2-6+deb12u7_armhf.deb
 6fcd00d8eb5df3f57fd2211971abf475 5892 python optional python3.11-venv_3.11.2-6+deb12u7_armhf.deb
 1a630fa1807dddcb5f543e50974f24e1 13437 python optional python3.11_3.11.2-6+deb12u7_armhf-buildd.buildinfo
 0d9bd7a2da34e5b1683671faee372414 573816 python optional python3.11_3.11.2-6+deb12u7_armhf.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEO4qAQUSIo2p/kVRf8U6eOZMpj68FAmn2qoQACgkQ8U6eOZMp
j6/6ABAArvJIpYTY13JcVjmIgZ17w2vj00QYHB/M8BjTG8hpRFRlikPz1eqE/eJx
Ld89Ssj0zXI1xh8d6Uu5+4ZSagM9rr7jHiV74CjFbdCj5FAmbV2qzJ6GfHHiAxm5
IY1imw9cuhJt/LkmsOkgjVPH2h6WWEgjlf+k9cke0Gpu/1KgZzqCUEd+BgpTFuMQ
CZGv9jzFTqP9qGo9nVhqakVLImWY9lpsRmmpbWhX6HU35HxvosAaHO7wITOVhNAX
0twNXtPG1iJGAqlUp5TRPSBIckW0PsuPCl9gzggIPKdZQFZ4wMY/o+wuMU4w4Kmm
u/B2xWQ1lCr7RGyOFGtOT4McGuetrsBxydVJ5DGeCWRIms9vzTzlY0yVAtCQSVQp
qqqnN3PZHvQlVKjn7y6F6mkyy09aJPdBvyQdKaRVgb9sijEw2tYkLubsnnHKpeKO
FmBPH0HeQGBGnzD00F7o3ouW1dcfEfSRl7lQdvOn8Ln0vo/ROqzSZl+uJ8vkhqoW
OzRC1x+pGCScp392Hu9V8R2qSt1GyVBq580laE+WhdlWgxIvZ9wkZrVuT63EbT06
GuZzkNzfkMro35qW96ZnbNc//16+kiaPy5x4F8Cz40pPZs6L4LyQOzyKQsbaRnMP
+Qkjp+D5Ji5AhmhdpL2LHI5bj9qX2udld8ev5IwVKpu6SB3o3r4=
=h3BM
-----END PGP SIGNATURE-----