-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 08 Apr 2026 08:58:00 +0700
Source: python3.11
Binary: libpython3.11 libpython3.11-dbg libpython3.11-dev libpython3.11-minimal libpython3.11-stdlib python3.11 python3.11-dbg python3.11-dev python3.11-full python3.11-minimal python3.11-nopie python3.11-venv
Architecture: armel
Version: 3.11.2-6+deb12u7
Distribution: bookworm
Urgency: medium
Maintainer: arm Build Daemon (arm-ubc-03) <buildd_arm64-arm-ubc-03@buildd.debian.org>
Changed-By: Arnaud Rebillout <arnaudr@debian.org>
Description:
 libpython3.11 - Shared Python runtime library (version 3.11)
 libpython3.11-dbg - Debug Build of the Python Interpreter (version 3.11)
 libpython3.11-dev - Header files and a static library for Python (v3.11)
 libpython3.11-minimal - Minimal subset of the Python language (version 3.11)
 libpython3.11-stdlib - Interactive high-level object-oriented language (standard library
 python3.11 - Interactive high-level object-oriented language (version 3.11)
 python3.11-dbg - Debug Build of the Python Interpreter (version 3.11)
 python3.11-dev - Header files and a static library for Python (v3.11)
 python3.11-full - Python Interpreter with complete class library (version 3.11)
 python3.11-minimal - Minimal subset of the Python language (version 3.11)
 python3.11-nopie - Python interpreter linked without PIE (version 3.11)
 python3.11-venv - Interactive high-level object-oriented language (pyvenv binary, v
Changes:
 python3.11 (3.11.2-6+deb12u7) bookworm; urgency=medium
 .
   * Non-maintainer upload.
   * Apply upstream patches for the following CVEs:
     - CVE-2025-4516: issue in bytes.decode("unicode_escape",
       error="ignore|replace")
     - CVE-2025-6069: quadratic complexity in html.parser.HTMLParser
     - CVE-2025-6075: performance degradation in os.path.expandvars()
     - CVE-2025-8194: infinite loop and deadlock in tarfile
     - CVE-2025-8291: incorrect ZIP64 End of Central Directory handling
     - CVE-2025-11468: Folding email comments of unfoldable characters
       didn't preserve parenthesis which could be abused.
     - CVE-2025-12084: quadratic complexity in xml.dom.minidom appendChild etc
     - CVE-2025-13836: OOM or other DoS due to incorrect Content-Length
       handling in http.client
     - CVE-2025-13837: OOM or other DoS due to incorrect data size handling
       in plistlib
     - CVE-2025-15282: User-controlled data URLs parsed by urllib allowed
       injecting headers through newlines in the data URL mediatype.
     - CVE-2026-0672: User-controlled cookie values and parameters could be
       used to inject HTTP headers into messages.
     - CVE-2026-0865: User-controlled header names and values containing
       newlines could be used to inject HTTP headers.
     - CVE-2026-1299: email module allowed header injection in the
       BytesGenerator class.
Checksums-Sha1:
 cbb4e7a8adec38befcb64fd1d2d46f3dfbbdd88a 15785280 libpython3.11-dbg_3.11.2-6+deb12u7_armel.deb
 498471654bfe203fd10f9c9cf57417957a83f243 3403176 libpython3.11-dev_3.11.2-6+deb12u7_armel.deb
 3753e34234339773ed75a54d8d507561d85cf3b2 802312 libpython3.11-minimal_3.11.2-6+deb12u7_armel.deb
 5feb3e026de6c85b7043e057a045959dda0e3efb 1673664 libpython3.11-stdlib_3.11.2-6+deb12u7_armel.deb
 aa61dd24ac06ed082f89eaf705e628bad0b689ff 1680136 libpython3.11_3.11.2-6+deb12u7_armel.deb
 6cc51a54c98cda2c09ecfa4845505125ee2b914f 35187460 python3.11-dbg_3.11.2-6+deb12u7_armel.deb
 eeabf9b9d9f3c8095c56b1c7021c95fb2e9f9d7d 500644 python3.11-dev_3.11.2-6+deb12u7_armel.deb
 b9d9db880c1d821c23f3876ce01032cf03821800 1292 python3.11-full_3.11.2-6+deb12u7_armel.deb
 688774b372f99513999cf8cc2c71b60fa4406cbb 1696812 python3.11-minimal_3.11.2-6+deb12u7_armel.deb
 93404ef516ee0a9366c7530f732ffeb93206b6ae 1686000 python3.11-nopie_3.11.2-6+deb12u7_armel.deb
 a7c8df0ea91aeb39cbce9cb34e2498d08aedf8f4 5892 python3.11-venv_3.11.2-6+deb12u7_armel.deb
 f8eeb9bd81ea61e953bf181cf848389d51597a06 13361 python3.11_3.11.2-6+deb12u7_armel-buildd.buildinfo
 5444207b853c42db7407dc11c49fbadc9799d5b1 573816 python3.11_3.11.2-6+deb12u7_armel.deb
Checksums-Sha256:
 6ed44183a59c31c629da807e4d5cb3fd0551054fe9a17b479c7fd0cb5d8ab338 15785280 libpython3.11-dbg_3.11.2-6+deb12u7_armel.deb
 75f1ddfd9a0b855462c47430d4620dd2c52bd0712bb3e8d9b5087c7a2ca73e00 3403176 libpython3.11-dev_3.11.2-6+deb12u7_armel.deb
 03514f818b7e20e2c544d5c7c2b53967d57426bb86ff3592f9a66faf0ac7f715 802312 libpython3.11-minimal_3.11.2-6+deb12u7_armel.deb
 ccf7446867b7b238668041f8fb4862708ecca09c41e9451fad195a8987649dc5 1673664 libpython3.11-stdlib_3.11.2-6+deb12u7_armel.deb
 36e721cf81a160a11936fdf79ee19517f7ad61717b626cb24db8685546b5d43a 1680136 libpython3.11_3.11.2-6+deb12u7_armel.deb
 d71aff5aeb68f2d8473b500507e7a29048cc0a861c61c3ef1a89fa3185c0e3f4 35187460 python3.11-dbg_3.11.2-6+deb12u7_armel.deb
 d851b1305ca59301cd15a9b0e0ef28ad2e484dbe2c8c4f946d9b1489442b768e 500644 python3.11-dev_3.11.2-6+deb12u7_armel.deb
 c32e2b8e042f3f5aab7db7898207c4f0f5a83ecac348807416394cfbaf3cd0ea 1292 python3.11-full_3.11.2-6+deb12u7_armel.deb
 ac6a0e17aa9ed8dcbb7b9ee1db9a72a39403f57fce615398bf5319a4794f2285 1696812 python3.11-minimal_3.11.2-6+deb12u7_armel.deb
 3897e7f14f27858636adfcc1fde42dd907786c9ceeebeb358a032bc0cc3a43b2 1686000 python3.11-nopie_3.11.2-6+deb12u7_armel.deb
 3cc960642bb0153b97a3c88809682880509325e25607481fee2681428d13793a 5892 python3.11-venv_3.11.2-6+deb12u7_armel.deb
 415fd37fc69a63e704070a1b5c5d50e4891ae351a90bce469db44bf8a2bcc4e4 13361 python3.11_3.11.2-6+deb12u7_armel-buildd.buildinfo
 2e7c7c06fd990b963f2195ec916c409f37daf15e85e3330c23088ec7671a1f84 573816 python3.11_3.11.2-6+deb12u7_armel.deb
Files:
 28283b4cd93489dfb542b257040b3bb5 15785280 debug optional libpython3.11-dbg_3.11.2-6+deb12u7_armel.deb
 b7044159e3d793ca4337bd2a659c6f75 3403176 libdevel optional libpython3.11-dev_3.11.2-6+deb12u7_armel.deb
 727c754d9f67f38fca69c82d2e231b96 802312 python optional libpython3.11-minimal_3.11.2-6+deb12u7_armel.deb
 b896f1a540e8b1fa1951b67a7d5a38fb 1673664 python optional libpython3.11-stdlib_3.11.2-6+deb12u7_armel.deb
 9d8b1b78669ad90d333f176f2bb701e0 1680136 libs optional libpython3.11_3.11.2-6+deb12u7_armel.deb
 5a8d49da76c49384abd55fe9fb0849b5 35187460 debug optional python3.11-dbg_3.11.2-6+deb12u7_armel.deb
 96b7e3a462157829422ae117d23c3ef4 500644 python optional python3.11-dev_3.11.2-6+deb12u7_armel.deb
 cd5c89af06b67b175b376d622137ce94 1292 python optional python3.11-full_3.11.2-6+deb12u7_armel.deb
 e173a183e42af35bd2559839d99c1f94 1696812 python optional python3.11-minimal_3.11.2-6+deb12u7_armel.deb
 33a4bf32f13083e82b4254c2c30885c4 1686000 python optional python3.11-nopie_3.11.2-6+deb12u7_armel.deb
 6fc1e61910904e2678df5f4c3268a0cc 5892 python optional python3.11-venv_3.11.2-6+deb12u7_armel.deb
 f0d5a91a5fddf57ed86009834f838cb1 13361 python optional python3.11_3.11.2-6+deb12u7_armel-buildd.buildinfo
 d2eeae9cb6bc8977eb0f2136db3f9b59 573816 python optional python3.11_3.11.2-6+deb12u7_armel.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE2kd8oHy+LXk/nybqvzDqKQSGl8UFAmn2lScACgkQvzDqKQSG
l8Ve/A/9GKPZsVnE3zGXyNsQ7WsmsPhNkGgpOXbcFUJby/h1PCa1jq7SM8pjnBbL
V06W3sMINBcpQrBoe7TI42e8vsX63/IhfQs0U1eqIYEpchbiVuS/g3d8H4rdSOkK
DOKmGvOiq/qWJDREZasANneOrtA1ylPj3kYycNqUeA40d0JfLT0+VbEBe5ipMfXP
vUglh9nCzsQdUBSCGdTd6kf+6f4dHpZYAVTLBkkMalgjysAURmP1Mu1vSflJZ20Y
pqAo/neJ7q/udJQSesHvzqWfu2fgtxpTkjOwbwtPyMuynCA7vTYmfz9fspJ0t83A
hDACFFdyrhIyzndQ8EqGNtFuxSgzNg9xdmbfrdv2QY1uqDpTZptKbJKx+76NNde8
3KbK/PnODnbzqaaa3Ib06LGF16nE3Ljo5mXveRVUWMQnj0FFjneaIubOLZIl/fOi
xz47jkNZHynBkim/QLY4d8vvmoIgSx2bSf4vpKR6JKon+anwe8r1o+VMscnIC/7n
Kekox0TyconJmedTdM0HfDkWXMg0tE6MKgR9XQvvcfNF+5yg5KUkWH6lF/Fdyxtc
9uYK+PdScGaQ3oT+kQDhdZXiuxjxN2Odu5uuF0LEeSKaM7tnDVt89djT6tYixLeB
2A94T+TyAmRZ/BJhlc+SQoKDjsdGKGdx3oxrkD7IggBCKzIz2Cw=
=xWYH
-----END PGP SIGNATURE-----