[Git][security-tracker-team/security-tracker][master] Update status for CVE-2025-8291/python

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Dec 6 20:00:55 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ea2615f4 by Salvatore Bonaccorso at 2025-12-06T21:00:30+01:00
Update status for CVE-2025-8291/python

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -17326,7 +17326,7 @@ CVE-2025-11340 (GitLab has remediated an issue in GitLab EE affecting all versio
 CVE-2025-8291 (The 'zipfile' module would not check the validity of the ZIP64 End of  ...)
 	{DLA-4354-1}
 	- python3.14 3.14.0-3
-	- python3.13 <unfixed>
+	- python3.13 3.13.11-1
 	[trixie] - python3.13 <no-dsa> (Minor issue)
 	- python3.11 <removed>
 	[bookworm] - python3.11 <no-dsa> (Minor issue)
@@ -17343,8 +17343,8 @@ CVE-2025-8291 (The 'zipfile' module would not check the validity of the ZIP64 En
 	NOTE: https://github.com/python/cpython/issues/139700
 	NOTE: https://github.com/python/cpython/pull/139702
 	NOTE: https://github.com/python/cpython/commit/162997bb70e067668c039700141770687bc8f267 (main)
-	NOTE: https://github.com/python/cpython/commit/d11e69d6203080e3ec450446bfed0516727b85c3 (3.14-branch)
-	NOTE: https://github.com/python/cpython/commit/333d4a6f4967d3ace91492a39ededbcf3faa76a6 (3.13-branch)
+	NOTE: https://github.com/python/cpython/commit/d11e69d6203080e3ec450446bfed0516727b85c3 (v3.14.1)
+	NOTE: https://github.com/python/cpython/commit/333d4a6f4967d3ace91492a39ededbcf3faa76a6 (v3.13.10)
 	NOTE: https://github.com/python/cpython/commit/8392b2f0d35678407d9ce7d95655a5b77de161b4 (v3.12.12)
 	NOTE: https://github.com/python/cpython/commit/1d29afb0d6218aa8fb5e1e4a6133a4778d89bb46 (v3.11.14)
 	NOTE: https://github.com/python/cpython/commit/bca11ae7d575d87ed93f5dd6a313be6246e3e388 (v3.10.19)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ea2615f46b5afab84221b12754418be0ebc36cb3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ea2615f46b5afab84221b12754418be0ebc36cb3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251206/a4e2fbb3/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list