The “ipaddress” module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as “globally reachable” or “private”. This affected the is_private and is_global properties of the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address, and ipaddress.IPv6Network classes, where values wouldn’t be returned in accordance with the latest information from the IANA Special-Purpose Address Registries. CPython 3.12.4 and 3.13.0a6 contain updated information from these registries and thus have the intended behavior.

ELSA-2024-4779: python3 security update (LOW)

ELSA-2024-4766: python3 security update (LOW)

Уязвимость классов ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address и ipaddress.IPv6Network модуля ipaddress интерпретатора языка программирования Python (CPython), позволяющая нарушителю получить несанкционированный доступ к защищаемой информации

Security update for python36

Security update for python36

Moderate: python3.11 security update

Moderate: python3.12 security update

Moderate: python3.12 security update

Moderate: python3.9 security update

Moderate: python3.11 security update

There is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed excessive backtracking during tarfile.TarFile header parsing are vulnerable to ReDoS via specifically-crafted tar archives.

ELSA-2025-1750: python3 security update (MODERATE)

ELSA-2024-9468: python3.9 security update (MODERATE)

ELSA-2024-9451: python3.12 security update (MODERATE)

ELSA-2024-9450: python3.11 security update (MODERATE)

ELSA-2024-8838: python3.11 security update (MODERATE)

ELSA-2024-8836: python3.12 security update (MODERATE)

ELSA-2024-8447: python3.12 security update (MODERATE)

ELSA-2024-8446: python3.9 security update (MODERATE)