git.ipfire.org Git - thirdparty/openembedded/openembedded-core-contrib.git/commit

author	Peter Marko <peter.marko@siemens.com>
	Tue, 30 Dec 2025 15:34:36 +0000 (16:34 +0100)
committer	Richard Purdie <richard.purdie@linuxfoundation.org>
	Thu, 8 Jan 2026 11:21:21 +0000 (11:21 +0000)
commit	aa7576e06ae3d706694ace680cc99e082b6249e5
tree	fc1a944efddd962253fd1b9db2f0143601d67045	tree
parent	08e93850d541b6ca624c98f4ccdf392cf22a3527	commit \| diff

python3: upgrade 3.13.9 -> 3.13.11

Handles CVE-2025-6075 (in 3.13.10) and CVE-2025-12084 (in 3.13.11).

Release information:
* https://www.python.org/downloads/release/python-31310/
* Python 3.13.10 is the tenth maintenance release of 3.13, containing
  around 300 bugfixes, build improvements and documentation changes
  since 3.13.9.

* https://www.python.org/downloads/release/python-31311/
* Python 3.13.11 is the eleventh maintenance release of 3.13. This is
   an expedited release to fix the following regressions:
  * gh-142206: Exceptions in multiprocessing in running programs while
    upgrading Python.
  * gh-142218: Segmentation faults and assertion failures in
    insertdict.
  * gh-140797: Crash when using multiple capturing groups in re.Scanner
* And these security fixes:
  * gh-142145: Remove quadratic behavior in node ID cache clearing
    (CVE-2025-12084)
  * gh-119451: Fix a potential denial of service in http.client
  * gh-119452: Fix a potential virtual memory allocation denial of
    service in http.server

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>