Skip to content
This repository was archived by the owner on Jan 7, 2026. It is now read-only.

Commit 547952d

Browse files
vivian-rookvivian-rook
authored
doc(python-3.1[0123]): Add pending-upstream-fix CVE-2025-12084 (#27792)
python-3.10 Upstream Fix PR: python/cpython#142213 python-3.11 Upstream Fix PR: python/cpython#142212 python-3.12 Upstream Fix PR: python/cpython#142211 python-3.13 Upstream Fix PR: python/cpython#142210 python-3.13 Local Fix PR: wolfi-dev/os#75288 python-3.14 Upstream Fix PR: python/cpython#142209 python-3.14 Local Fix PR: wolfi-dev/os#75289 Related issues: https://github.com/chainguard-dev/CVE-Dashboard/issues/50689 https://github.com/chainguard-dev/CVE-Dashboard/issues/51027 https://github.com/chainguard-dev/CVE-Dashboard/issues/50150 https://github.com/chainguard-dev/CVE-Dashboard/issues/51032 https://github.com/chainguard-dev/CVE-Dashboard/issues/50978 Signed-off-by: Vivian Rook <vivian.rook@chainguard.dev> Signed-off-by: Vivian Rook <91909295+vivian-rook@users.noreply.github.com>
1 parent fccae06 commit 547952d

3 files changed

Lines changed: 12 additions & 0 deletions

File tree

python-3.10.advisories.yaml

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -66,6 +66,10 @@ advisories:
6666
componentType: apk
6767
componentLocation: /.PKGINFO
6868
scanner: grype
69+
- timestamp: 2025-12-09T11:43:24Z
70+
type: pending-upstream-fix
71+
data:
72+
note: 'Upstream are actively working on, and have a PR open regarding this issue. Upstream maintainers will need to approve and merge the PR. Fix PR: https://github.com/python/cpython/pull/142213'
6973

7074
- id: CGA-5pmm-mmg3-pfp3
7175
aliases:

python-3.11.advisories.yaml

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -162,6 +162,10 @@ advisories:
162162
componentType: apk
163163
componentLocation: /.PKGINFO
164164
scanner: grype
165+
- timestamp: 2025-12-09T11:44:14Z
166+
type: pending-upstream-fix
167+
data:
168+
note: 'Upstream are actively working on, and have a PR open regarding this issue. Upstream maintainers will need to approve and merge the PR. Fix PR: https://github.com/python/cpython/pull/142212'
165169

166170
- id: CGA-crq7-9946-pwg9
167171
aliases:

python-3.12.advisories.yaml

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -318,6 +318,10 @@ advisories:
318318
componentType: apk
319319
componentLocation: /.PKGINFO
320320
scanner: grype
321+
- timestamp: 2025-12-09T11:45:07Z
322+
type: pending-upstream-fix
323+
data:
324+
note: 'Upstream are actively working on, and have a PR open regarding this issue. Upstream maintainers will need to approve and merge the PR. Fix PR: https://github.com/python/cpython/pull/142211'
321325

322326
- id: CGA-mfwm-8c36-vh8v
323327
aliases:

0 commit comments

Comments
 (0)