Public bug reported: python3.12 3.12.3-1ubuntu0.11 patches CVE-2025-15366, CVE-2025-15367, CVE-2026-0865.
CVE-2025-15366, CVE-2025-15367 haven't been backported by upstream as they may introduce behavior regressions and the imaplib patch also breaks the conformance with the RFC. CVE-2026-0865 is missing a patch for allowing tab characters: https://github.com/python/cpython/pull/145140 ** Affects: python3.12 (Ubuntu) Importance: Undecided Assignee: Vyom Yadav (vyomydv) Status: Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2143706 Title: python3 regression CVE-2025-15366, CVE-2025-15367, CVE-2026-0865 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/python3.12/+bug/2143706/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
