python3.13 3.13.3-1ubuntu0.2 source package in Ubuntu
Changelog
python3.13 (3.13.3-1ubuntu0.2) plucky-security; urgency=medium
* SECURITY UPDATE: Arbitrary filesystem and metadata write through improper
tar filtering.
- debian/patches/CVE-202x-12718-4138-4x3x-4517-pre1.patch: Add additional
tests in ./Lib/test/test_ntpath.py and ./Lib/test/test_posixpath.py.
- debian/patches/CVE-202x-12718-4138-4x3x-4517.patch: Add ALLOW_MISSING in
./Lib/genericpath.py, ./Lib/ntpath.py, ./Lib/posixpath.py. Change filter
to handle errors in ./Lib/ntpath.py, ./Lib/posixpath.py. Add checks and
unfiltered to ./Lib/tarfile.py. Modify tests.
- CVE-2024-12718
- CVE-2025-4138
- CVE-2025-4330
- CVE-2025-4435
- CVE-2025-4517
-- Hlib Korzhynskyy <email address hidden> Mon, 16 Jun 2025 15:45:32 -0230
Upload details
- Uploaded by:
- Hlib Korzhynskyy
- Uploaded to:
- Plucky
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- python
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Plucky | updates | main | python | |
| Plucky | security | main | python |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| python3.13_3.13.3.orig.tar.xz | 21.6 MiB | 40f868bcbdeb8149a3149580bb9bfd407b3321cd48f0be631af955ac92c0e041 |
| python3.13_3.13.3.orig.tar.xz.asc | 963 bytes | 4195ada13466fdb4e3ca71747bf25817135ba3d94d0aa282f0b75fc6bcd49865 |
| python3.13_3.13.3-1ubuntu0.2.debian.tar.xz | 277.2 KiB | f0c09761365a8563eff267c9e6b1b3bc3c64e11e3ef8d99ea80cb1c7c6fc9187 |
| python3.13_3.13.3-1ubuntu0.2.dsc | 4.3 KiB | 06dcaf824865d096fbc79fef68e1d518f9819bb076c98173abd90827a90789cd |
Available diffs
Binary packages built by this source
- idle-python3.13: IDE for Python (v3.13) using Tkinter
IDLE is an Integrated Development Environment for Python (v3.13).
IDLE is written using Tkinter and therefore quite platform-independent.
- libpython3.13: Shared Python runtime library (version 3.13)
Python is a high-level, interactive, object-oriented language. Its 3.13 version
includes an extensive class library with lots of goodies for
network programming, system administration, sounds and graphics.
.
This package contains the shared runtime library, normally not needed
for programs using the statically linked interpreter.
- libpython3.13-dbg: Debug Build of the Python Interpreter (version 3.13)
The package holds two things:
.
- Extensions for a Python interpreter configured with --pydebug.
- Debug information for standard python extensions.
.
See the README.debug for more information.
- libpython3.13-dev: Header files and a static library for Python (v3.13)
Header files, a static library and development tools for building
Python (v3.13) modules, extending the Python interpreter or embedding
Python (v3.13) in applications.
.
Maintainers of Python packages should read README.maintainers.
.
This package contains development files. It is normally not
used on it's own, but as a dependency of python3.13-dev.
- libpython3.13-minimal: Minimal subset of the Python language (version 3.13)
This package contains some essential modules. It is normally not
used on it's own, but as a dependency of python3.13-minimal.
- libpython3.13-stdlib: Interactive high-level object-oriented language (standard library, version 3.13)
Python is a high-level, interactive, object-oriented language. Its 3.13 version
includes an extensive class library with lots of goodies for
network programming, system administration, sounds and graphics.
.
This package contains Python 3.13's standard library. It is normally not
used on its own, but as a dependency of python3.13.
- libpython3.13-testsuite: Testsuite for the Python standard library (v3.13)
The complete testsuite for the Python standard library. Note that
a subset is found in the libpython3.13-stdlib package, which should
be enough for other packages to use (please do not build-depend
on this package, but file a bug report to include additional
testsuite files in the libpython3.13-stdlib package).
- python3.13: Interactive high-level object-oriented language (version 3.13)
Python is a high-level, interactive, object-oriented language. Its 3.13 version
includes an extensive class library with lots of goodies for
network programming, system administration, sounds and graphics.
- python3.13-dbg: Debug Build of the Python Interpreter (version 3.13)
The package holds two things:
.
- A Python interpreter configured with --pydebug. Dynamically loaded modules
are searched as <foo>_d.so first. Third party extensions need a separate
build to be used by this interpreter.
- Debug information for standard python interpreter and extensions.
.
See the README.debug for more information.
- python3.13-dev: Header files and a static library for Python (v3.13)
Header files, a static library and development tools for building
Python (v3.13) modules, extending the Python interpreter or embedding
Python (v3.13) in applications.
.
Maintainers of Python packages should read README.maintainers.
- python3.13-doc: Documentation for the high-level object-oriented language Python (v3.13)
These is the official set of documentation for the interactive high-level
object-oriented language Python (v3.13). All documents are provided
in HTML format. The package consists of ten documents:
.
* What's New in Python3.13
* Tutorial
* Python Library Reference
* Macintosh Module Reference
* Python Language Reference
* Extending and Embedding Python
* Python/C API Reference
* Installing Python Modules
* Documenting Python
* Distributing Python Modules
- python3.13-examples: Examples for the Python language (v3.13)
Examples, Demos and Tools for Python (v3.13). These are files included in
the upstream Python distribution (v3.13).
- python3.13-full: Python Interpreter with complete class library (version 3.13)
Python, the high-level, interactive object oriented language,
includes an extensive class library with lots of goodies for
network programming, system administration, sounds and graphics.
.
This package is a dependency package, which depends on the full
standard library of Python for Python developers. Including modules
used only at build-time, such as venv, and modules with complex
dependencies, such as tk and IDLE. All batteries included.
.
According to the Debian Python policy, this package must not be used in
build dependencies, dependencies and recommendations.
- python3.13-gdbm: GNU dbm database support for Python (v3.13)
GNU dbm database module for Python. Install this if you want to
create or read GNU dbm database files with Python.
- python3.13-minimal: Minimal subset of the Python language (version 3.13)
This package contains the interpreter and some essential modules. It can
be used in the boot process for some basic tasks.
See /usr/share/doc/python3. 13-minimal/ README. Debian for a list of the modules
contained in this package.
- python3.13-nopie: Python interpreter linked without PIE (version 3.13)
This package contains the interpreter not built as position independent
executable. This interpreter is diverting the python3.13 executable, and making
the interpreter built with PIE available as python3.13-pie.
- python3.13-tk: Tkinter - Writing Tk applications with Python (v3.13)
A module for writing portable GUI applications with Python (v3.13) using Tk.
Also known as Tkinter.
- python3.13-venv: Interactive high-level object-oriented language (pyvenv binary, version 3.13)
Python is a high-level, interactive, object-oriented language. Its 3.13 version
includes an extensive class library with lots of goodies for
network programming, system administration, sounds and graphics.
.
This package contains the pyvenv-3.13 binary.
