Re: CVE-2025-4517 Python 3.10

To: "Putz, Benedikt" <Benedikt.Putz@vector.com>
Cc: "debian-security-tracker@lists.debian.org" <debian-security-tracker@lists.debian.org>
Subject: Re: CVE-2025-4517 Python 3.10
From: Moritz Mühlenhoff <jmm@inutil.org>
Date: Mon, 16 Jun 2025 15:07:21 +0000
Message-id: <[🔎] aFAzKR_GnLfLNya8@inutil.org>
In-reply-to: <[🔎] AS8PR01MB88096BE5D165ED9CEAFBE3759770A@AS8PR01MB8809.eurprd01.prod.exchangelabs.com>
References: <[🔎] AS8PR01MB88096BE5D165ED9CEAFBE3759770A@AS8PR01MB8809.eurprd01.prod.exchangelabs.com>

On Mon, Jun 16, 2025 at 09:01:43AM +0000, Putz, Benedikt wrote:
> Hi,
> 
> It seems Python 3.10 is not listed on the Bugtracker page for this CVE:
> 
> https://security-tracker.debian.org/tracker/CVE-2025-4517
> 
> Was this an oversight or is there a specific reason for it? Seems unexpected given that all other versions 3.9 through 3.13 are listed (and the affected feature was also backported to 3.10).

It's not an oversight, we only track the packages which are in testing, unstable
and released, supported versions. And Python 3.10 was never part of any Debian
stable release.

Cheers,
        Moritz

Reply to:

References:
- CVE-2025-4517 Python 3.10
  - From: "Putz, Benedikt" <Benedikt.Putz@vector.com>

Prev by Date: CVE-2025-4517 Python 3.10
Next by Date: External check
Previous by thread: CVE-2025-4517 Python 3.10
Index(es):
- Date
- Thread