-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 12 May 2026 12:17:27 +0700
Source: python3.11
Binary: libpython3.11 libpython3.11-dbg libpython3.11-dev libpython3.11-minimal libpython3.11-stdlib python3.11 python3.11-dbg python3.11-dev python3.11-full python3.11-minimal python3.11-nopie python3.11-venv
Architecture: armhf
Version: 3.11.2-6+deb12u8
Distribution: bookworm
Urgency: medium
Maintainer: armhf Build Daemon (arm-conova-02) <buildd_arm64-arm-conova-02@buildd.debian.org>
Changed-By: Arnaud Rebillout <arnaudr@debian.org>
Description:
 libpython3.11 - Shared Python runtime library (version 3.11)
 libpython3.11-dbg - Debug Build of the Python Interpreter (version 3.11)
 libpython3.11-dev - Header files and a static library for Python (v3.11)
 libpython3.11-minimal - Minimal subset of the Python language (version 3.11)
 libpython3.11-stdlib - Interactive high-level object-oriented language (standard library
 python3.11 - Interactive high-level object-oriented language (version 3.11)
 python3.11-dbg - Debug Build of the Python Interpreter (version 3.11)
 python3.11-dev - Header files and a static library for Python (v3.11)
 python3.11-full - Python Interpreter with complete class library (version 3.11)
 python3.11-minimal - Minimal subset of the Python language (version 3.11)
 python3.11-nopie - Python interpreter linked without PIE (version 3.11)
 python3.11-venv - Interactive high-level object-oriented language (pyvenv binary, v
Changes:
 python3.11 (3.11.2-6+deb12u8) bookworm; urgency=medium
 .
   * Non-maintainer upload.
   * Apply upstream patches for the following CVEs:
     - CVE-2025-13462: Incorrect parsing of TarInfo header when GNU long name
       and type AREGTYPE are combined
     - CVE-2026-2297: SourcelessFileLoader does not use io.open_code()
     - CVE-2026-3644: Reject control characters in more places in
       http.cookies.Morsel (follow-up of patch for CVE-2026-0672)
     - CVE-2026-4224: pyexpat.c: Unbounded C recursion in conv_content_model
       causes crash
     - CVE-2026-4519: Reject leading dashes in webbrowser.open()
     - CVE-2026-6100: Possible UAF in {LZMA,BZ2}Decompressor
   * Add patch to skip some failing XML tests. Failure is due to the fact that
     we build / tests against expat/2.5.0-1+deb12u2, which was patched for
     CVE-2023-52425, and that broke some tests. See the patch itself for more
     details.
Checksums-Sha1:
 e12162b23a5acfb267e2f1da4223a8b528157c1a 16075792 libpython3.11-dbg_3.11.2-6+deb12u8_armhf.deb
 24d89bcf1137ec752f5caa223ffa79f79d27e40b 3529428 libpython3.11-dev_3.11.2-6+deb12u8_armhf.deb
 f7098ccfafd6681f27421d3ed3d88a5e7974e297 802900 libpython3.11-minimal_3.11.2-6+deb12u8_armhf.deb
 0b8f6367ef284886506adf768f3818c41b891591 1680148 libpython3.11-stdlib_3.11.2-6+deb12u8_armhf.deb
 d994219552c4b2398e7150978f21a87ed7489da3 1708828 libpython3.11_3.11.2-6+deb12u8_armhf.deb
 e17446a9ab2bb61d36ea6dfa3a895cf86ba3df49 35543488 python3.11-dbg_3.11.2-6+deb12u8_armhf.deb
 1b44c4b4397293206d683c48ab86f0e944696c64 620412 python3.11-dev_3.11.2-6+deb12u8_armhf.deb
 fff4f105a198ef444501d302da7de738dd17692a 1288 python3.11-full_3.11.2-6+deb12u8_armhf.deb
 9e5c5ce91c3180fe2ea9ba4214bc859a592eaa38 1716208 python3.11-minimal_3.11.2-6+deb12u8_armhf.deb
 318bd986481b3318e541f041615f30523e91ed3c 1706372 python3.11-nopie_3.11.2-6+deb12u8_armhf.deb
 de1d0a4cb6ac530ebbd7ae2240b4d8ca98e97685 5888 python3.11-venv_3.11.2-6+deb12u8_armhf.deb
 0f242a569a35861eb330a8426dade418c20dd921 13445 python3.11_3.11.2-6+deb12u8_armhf-buildd.buildinfo
 6895abf5bc0db83f63448f2f516886cd3e75ccfd 574236 python3.11_3.11.2-6+deb12u8_armhf.deb
Checksums-Sha256:
 ff4229f79a768bb135ccabdc16f7b26489de6507a27f44324964708aa6ad0fca 16075792 libpython3.11-dbg_3.11.2-6+deb12u8_armhf.deb
 02d6b74085dd3dc65cfcc211e72b612f9dddb96bbce6da06d45ad757cf7f3707 3529428 libpython3.11-dev_3.11.2-6+deb12u8_armhf.deb
 a8984ddc0c2a29feedb34861ed9e839a05e02543b71965e6d09c1bdefa5b5e6d 802900 libpython3.11-minimal_3.11.2-6+deb12u8_armhf.deb
 75cb85717ba70b0c239394120413abe4e43e75694fbbfc45412f5b6d2e44e584 1680148 libpython3.11-stdlib_3.11.2-6+deb12u8_armhf.deb
 13b6c7f39ebed9330fdb66763198bc642a98d19205cfd5edecc8372116cc35b9 1708828 libpython3.11_3.11.2-6+deb12u8_armhf.deb
 2653c04aabc4c1a8e3382189aee9f72feafdd7f6a093df64b0cd653aa04cf734 35543488 python3.11-dbg_3.11.2-6+deb12u8_armhf.deb
 6d10797af70f07122ef093694373db1415a8243c1b61f61677ab429ee7fc0ef4 620412 python3.11-dev_3.11.2-6+deb12u8_armhf.deb
 bfc211b2a96f1c62668998066b47504915dff8065f32ee49e044162e65422197 1288 python3.11-full_3.11.2-6+deb12u8_armhf.deb
 3464ec52751fa9c9bd09e66452b27150ea78f4373533b5490a529b3f5c6cdab1 1716208 python3.11-minimal_3.11.2-6+deb12u8_armhf.deb
 ee203c3c975c33bc09887cd5cc3f18500c99c336c062abacc0e68bb69f71f761 1706372 python3.11-nopie_3.11.2-6+deb12u8_armhf.deb
 1195a5eb45b9fa30abd4af15164e0a32836517534c55afee5d3abefb4f4156c8 5888 python3.11-venv_3.11.2-6+deb12u8_armhf.deb
 bf4410afa26e06c27d1390d49331f56ff113ad78da7c9ab6ad91f15a68cc51de 13445 python3.11_3.11.2-6+deb12u8_armhf-buildd.buildinfo
 4bc6fee5d83552c6eba8d8e4f3ac761dda8794aa602ab456d8036da8c0734b42 574236 python3.11_3.11.2-6+deb12u8_armhf.deb
Files:
 19dbe4407e850afd4abb57c8b197437d 16075792 debug optional libpython3.11-dbg_3.11.2-6+deb12u8_armhf.deb
 0d6aae14305f62b17050e54045d695be 3529428 libdevel optional libpython3.11-dev_3.11.2-6+deb12u8_armhf.deb
 6b262943d74ba3e34098e280f22a18db 802900 python optional libpython3.11-minimal_3.11.2-6+deb12u8_armhf.deb
 7c37a538d6bfbf1b964f2a95d92a45b5 1680148 python optional libpython3.11-stdlib_3.11.2-6+deb12u8_armhf.deb
 37a7dddc2f605f04c28ff1a8222c0436 1708828 libs optional libpython3.11_3.11.2-6+deb12u8_armhf.deb
 f9b6028c04beacf7028df3a6a9f73b74 35543488 debug optional python3.11-dbg_3.11.2-6+deb12u8_armhf.deb
 3a7d578138c866baeffced7ebadd0c3f 620412 python optional python3.11-dev_3.11.2-6+deb12u8_armhf.deb
 004cff753a96a8c91114891374ad72a5 1288 python optional python3.11-full_3.11.2-6+deb12u8_armhf.deb
 2619b8f0303745449ff89ee4b901a4f4 1716208 python optional python3.11-minimal_3.11.2-6+deb12u8_armhf.deb
 ea38ab6f2ffee685a5fd80da2834d8a6 1706372 python optional python3.11-nopie_3.11.2-6+deb12u8_armhf.deb
 c58872042ed3c123275cd220cd3f153a 5888 python optional python3.11-venv_3.11.2-6+deb12u8_armhf.deb
 995c991226d54eaf518e15956829fc3c 13445 python optional python3.11_3.11.2-6+deb12u8_armhf-buildd.buildinfo
 c6bb86e0b221720a62f069d1625b1fea 574236 python optional python3.11_3.11.2-6+deb12u8_armhf.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEWHj9K9pO9l4btbD1OQKMdMnEH5MFAmoTWM4ACgkQOQKMdMnE
H5PcKQ/8CC5IdnD9TI56Ij2RzsBCd+2SEu7+kWkHvhORNpaKErVB/EeTpZ0nNY6y
NXuHWg5FF30xSVUFpcBF23LN8Wihe7Ww6SmcRewYENhd/5RbbXXSJy2E1LarcOjx
FqQtcy6hqRwjCutPAN1nqQHlgu6Zh7aGTsML4fbjucboBFsnkWqLxWRcaHqThclo
MrX2qm83yw+D7lULoQjCdT+dorgJeq4TFYpnfNpOWpuAHhIf6sLmJJBMwmL6oeUg
AKDHiY5+CEHf/pb73p1mpSt3A2QnEwysihsiWM/l6JKkJP91lH5CnIQWLBV+hVb4
m5Lw7eJF3TwKyINS1ud+UbbK6dyFV84o/4/TIw2MtyL1SEoUvHt1OXipC4PvO3+F
B0yHpSDUGu1yiVDmjr/EFyqrCwa0Z0k1/UD3flFVfjZpxeGK+0OGlkXK0vwuKovu
2evmoZMpMiZBw008SnjNST57KEQYDcN4NgUuiSJn2DThi4NDwFIZ+vK8KrXXAJKA
qgYN1DAL/Ww9fWs8jT+K7XpGDPSoSWJLeUNta0ROD4Z4D3T9tG7y01TCaqto8+eM
trHTBf3YzpzgKFJBxF7MoHgCkEVz5awDu5iZEGJJKjoUuRHJ1vVd0PWhqYKcdYWl
0lefsheWNCJcZmNZdmS//CBdc9lRsUl7umDWO4Q7LkNqPloRm/g=
=oHSG
-----END PGP SIGNATURE-----