[ubuntu/questing-security] python3.13 3.13.7-1ubuntu0.4 (Accepted)

[Vyom Yadav]

python3.13 (3.13.7-1ubuntu0.4) questing-security; urgency=medium

  * SECURITY REGRESSION: Revert patch for CVE-2025-15366
    - debian/patches/CVE-2025-15366.patch: Reverted. Patch breaks RFC
      9051 IMAP conformance and introduces behavior regressions avoided
      by upstream.
    - CVE-2025-15366
  * SECURITY REGRESSION: Revert patch for CVE-2025-15367
    - debian/patches/CVE-2025-15367.patch: Reverted to prevent behavior
      regressions, aligning with upstream backporting decisions.
    - CVE-2025-15367
  * SECURITY REGRESSION: Allow HTAB in wsgiref header values
    - debian/patches/CVE-2026-0865-2.patch: Permit HTAB in header values
      (excluding names) in Lib/wsgiref/headers.py, add test coverage.
    - CVE-2026-0865

Date: 2026-03-05 15:55:18.735930+00:00
Changed-By: Vyom Yadav <vyom.yadav at canonical.com>
https://launchpad.net/ubuntu/+source/python3.13/3.13.7-1ubuntu0.4
-------------- next part --------------
Sorry, changesfile not available.