-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 12 May 2026 12:17:27 +0700
Source: python3.11
Binary: libpython3.11 libpython3.11-dbg libpython3.11-dev libpython3.11-minimal libpython3.11-stdlib python3.11 python3.11-dbg python3.11-dev python3.11-full python3.11-minimal python3.11-nopie python3.11-venv
Architecture: arm64
Version: 3.11.2-6+deb12u8
Distribution: bookworm
Urgency: medium
Maintainer: arm64 Build Daemon (arm-ubc-01) <buildd_arm64-arm-ubc-01@buildd.debian.org>
Changed-By: Arnaud Rebillout <arnaudr@debian.org>
Description:
 libpython3.11 - Shared Python runtime library (version 3.11)
 libpython3.11-dbg - Debug Build of the Python Interpreter (version 3.11)
 libpython3.11-dev - Header files and a static library for Python (v3.11)
 libpython3.11-minimal - Minimal subset of the Python language (version 3.11)
 libpython3.11-stdlib - Interactive high-level object-oriented language (standard library
 python3.11 - Interactive high-level object-oriented language (version 3.11)
 python3.11-dbg - Debug Build of the Python Interpreter (version 3.11)
 python3.11-dev - Header files and a static library for Python (v3.11)
 python3.11-full - Python Interpreter with complete class library (version 3.11)
 python3.11-minimal - Minimal subset of the Python language (version 3.11)
 python3.11-nopie - Python interpreter linked without PIE (version 3.11)
 python3.11-venv - Interactive high-level object-oriented language (pyvenv binary, v
Changes:
 python3.11 (3.11.2-6+deb12u8) bookworm; urgency=medium
 .
   * Non-maintainer upload.
   * Apply upstream patches for the following CVEs:
     - CVE-2025-13462: Incorrect parsing of TarInfo header when GNU long name
       and type AREGTYPE are combined
     - CVE-2026-2297: SourcelessFileLoader does not use io.open_code()
     - CVE-2026-3644: Reject control characters in more places in
       http.cookies.Morsel (follow-up of patch for CVE-2026-0672)
     - CVE-2026-4224: pyexpat.c: Unbounded C recursion in conv_content_model
       causes crash
     - CVE-2026-4519: Reject leading dashes in webbrowser.open()
     - CVE-2026-6100: Possible UAF in {LZMA,BZ2}Decompressor
   * Add patch to skip some failing XML tests. Failure is due to the fact that
     we build / tests against expat/2.5.0-1+deb12u2, which was patched for
     CVE-2023-52425, and that broke some tests. See the patch itself for more
     details.
Checksums-Sha1:
 c23784374aeda1ffd26e345665aacb749af1c00f 16517512 libpython3.11-dbg_3.11.2-6+deb12u8_arm64.deb
 b3c471deb037b44d9cd0afc97f235df8a3caf666 4394264 libpython3.11-dev_3.11.2-6+deb12u8_arm64.deb
 45987328b888dfc46f6e2a35642a81a6c337f8b4 810796 libpython3.11-minimal_3.11.2-6+deb12u8_arm64.deb
 1594e058d3c0d6894e476941840e075800ef3b7d 1749796 libpython3.11-stdlib_3.11.2-6+deb12u8_arm64.deb
 7ad3d550404407c30468c2f4af163d11f70b849a 1841072 libpython3.11_3.11.2-6+deb12u8_arm64.deb
 f5c9fb112c5236c15a2361f9d28537994751685d 35735216 python3.11-dbg_3.11.2-6+deb12u8_arm64.deb
 021bd6f6ef9384fe7e3a139233e7326d8e3cc4f5 620560 python3.11-dev_3.11.2-6+deb12u8_arm64.deb
 081b07da2bef25d7d851a759903e9e19da544838 1288 python3.11-full_3.11.2-6+deb12u8_arm64.deb
 fbe92bbb5531ea70acddb6f210b0dcb100373e17 1861304 python3.11-minimal_3.11.2-6+deb12u8_arm64.deb
 9a702d8d4f9315328b5bef7d47b883e43baf8d63 1848512 python3.11-nopie_3.11.2-6+deb12u8_arm64.deb
 ffd9f6afac50038e6ad8a9e255725c00f3711d05 5888 python3.11-venv_3.11.2-6+deb12u8_arm64.deb
 c32915b7e0c354c089c1f81cfea27003524a7326 13601 python3.11_3.11.2-6+deb12u8_arm64-buildd.buildinfo
 43dd453dd8d19e2685b10bf6031b9c28501324c9 574236 python3.11_3.11.2-6+deb12u8_arm64.deb
Checksums-Sha256:
 8a6e50dd8db4e401967ec97d84ac5d9864f90b36bf20faeb1b7d14f51dae614f 16517512 libpython3.11-dbg_3.11.2-6+deb12u8_arm64.deb
 454a191a37dd86674c309691904be69d499f060e643c1f8efc8b82078967cd48 4394264 libpython3.11-dev_3.11.2-6+deb12u8_arm64.deb
 c48bac178c0fc43a2bf8ace784c762b5ee83e2b981894a991dc3ccfd3ec7cd4b 810796 libpython3.11-minimal_3.11.2-6+deb12u8_arm64.deb
 e79876de55c6c2dca10d044b2fa69ccd863950ea01714220c1982d16008105f9 1749796 libpython3.11-stdlib_3.11.2-6+deb12u8_arm64.deb
 124978ff6bdfb972b5ab4eb44899fde190d3e651fdf941d141fd1b5a68bedc80 1841072 libpython3.11_3.11.2-6+deb12u8_arm64.deb
 03c8f6c9525eb02ad29ce3e62ca77e2ff31746ede6ba2bb61f7dda483fd43720 35735216 python3.11-dbg_3.11.2-6+deb12u8_arm64.deb
 006f95316a7d3cf60d66700c86962668938d774f16e19838d09421bc89891417 620560 python3.11-dev_3.11.2-6+deb12u8_arm64.deb
 84f7a415c6bc609afb9b0f3c6c00493bca9a898b6f4a8e6a7994be147c90d43f 1288 python3.11-full_3.11.2-6+deb12u8_arm64.deb
 6a07dd571f1a15af2f855d64571766fe44b73a57cc3b5ca79502bc89156a5e12 1861304 python3.11-minimal_3.11.2-6+deb12u8_arm64.deb
 315713c3edd2439c462251be1ea78305a1228c1a389cf88eb795b5064db86e29 1848512 python3.11-nopie_3.11.2-6+deb12u8_arm64.deb
 afd3964d369a12c365ed52b7da4b5d7ea3c4ddc1302f98ac4756224d396e7cbd 5888 python3.11-venv_3.11.2-6+deb12u8_arm64.deb
 fcd17f1ab6a45c990475728ebc1d49a8b568a64cec7806603912dc7e0f4b5582 13601 python3.11_3.11.2-6+deb12u8_arm64-buildd.buildinfo
 76b445c9428db92fb8f17a322a99e3e54b3f8d0eeac76d80d5d6fff95f5dd526 574236 python3.11_3.11.2-6+deb12u8_arm64.deb
Files:
 35221c75cc9e5421b702da5ccd4ce689 16517512 debug optional libpython3.11-dbg_3.11.2-6+deb12u8_arm64.deb
 3ecaef92bfb5df826e92d4f1f44b80cc 4394264 libdevel optional libpython3.11-dev_3.11.2-6+deb12u8_arm64.deb
 f73b0eccc8ab31978b28d4e143191148 810796 python optional libpython3.11-minimal_3.11.2-6+deb12u8_arm64.deb
 35edfcf30e405c2676705fdb6208fab7 1749796 python optional libpython3.11-stdlib_3.11.2-6+deb12u8_arm64.deb
 31bea2c6153147555784533af80c0d8e 1841072 libs optional libpython3.11_3.11.2-6+deb12u8_arm64.deb
 01f6a78dca4ec1247e55b2553529d515 35735216 debug optional python3.11-dbg_3.11.2-6+deb12u8_arm64.deb
 76c51257a84c323aa4cd0f97092c8c96 620560 python optional python3.11-dev_3.11.2-6+deb12u8_arm64.deb
 fde4410269fff2d9d5b32e0c6d84dc44 1288 python optional python3.11-full_3.11.2-6+deb12u8_arm64.deb
 cccd906f73bff2e940e6a3cb139fd803 1861304 python optional python3.11-minimal_3.11.2-6+deb12u8_arm64.deb
 f2c9ea1c46a59f090eb403c07fbe36aa 1848512 python optional python3.11-nopie_3.11.2-6+deb12u8_arm64.deb
 d6f897a2ac4170f306c71ebc4b61692e 5888 python optional python3.11-venv_3.11.2-6+deb12u8_arm64.deb
 7ba314766ba3d05577b2609a9486c0c4 13601 python optional python3.11_3.11.2-6+deb12u8_arm64-buildd.buildinfo
 4ba8362bd85a212898062cc58c594066 574236 python optional python3.11_3.11.2-6+deb12u8_arm64.deb

-----BEGIN PGP SIGNATURE-----

iQIyBAEBCgAdFiEE0Ha//LlsGOpbQ/H4xqCFmsOWgoYFAmoTVvEACgkQxqCFmsOW
gobSCg/4rejLnIjLyYRTE4TKhp5BmoLvMpqS03pAln90ko09oKkeT3I09kGpeSWD
UuDdICjnXa1b0TwPfEjy+WVPodRXaEJE03esYaOO4l2oUsgKMQeYyLolCNraeqAk
Yt0/+RrZjwl2yJBZS/mG/4V3+aIIVHxKhDE8Z4wppZWyhREpRzGuI1T9j8OCydEL
geF1uD0fp9cRe/B1A1S9ng3Ha7bjThrp9gDJwJVsz6Nb2vb5i5VCDnmZOvU0DdNz
Gfvu3NzuTxBkPzZTISwQIHtF+T2HdH4IM8Eh8O5gYNcQa+km/bbeQfBogdhYJJe9
4WmrREKKuIu2s5fvyjviGcfyMHa44YViq6c/dqQfbmItchXL0SIGBuXi4uQ1tydd
Laz/z7z15Eeie5G2Qxzm1MIwDBmwzM57avh3Ko/4TrYW46oW3AnuvqYaXzVLTCEh
jMoLz7ds3PVGB5NhGHrW3tU3nBY+i4S0Vu+vPjTTmnrI1sJZAyqawyWN3Ian9Agg
CaQxv2TCRVTRpnKeMV/PChvLJSZ6SJi3pz7WGWI86DVu0kLj6o7w07kYY5RVUCf6
+fnaITbPUpDlESr1ay/6Xz0k7b7enprhHO8zhkGaHbzuJadhbGwHGB4mEJZ4UDiY
FPsPrTE1P1UDJqPQ36TFR3vtLzzvS74FUYz4MQlZnlJWOPW4rQ==
=4MxQ
-----END PGP SIGNATURE-----