Python 3.12.11
Release date: June 3, 2025
Security content in this release
- gh-135034: [CVE 2024-12718] [CVE 2025-4138] [CVE 2025-4330] [CVE 2025-4435] [CVE 2025-4517] Fixes multiple issues that allowed tarfile extraction filters (filter=”data” and filter=”tar”) to be bypassed using crafted symlinks and hard links.
- gh-133767: Fix use-after-free in the “unicode-escape” decoder with a non-“strict” error handler.
- gh-128840: Short-circuit the processing of long IPv6 addresses early in ipaddress to prevent excessive memory consumption and a minor denial-of-service.
Files
| Version | Description | File Size |
|---|---|---|
| Windows installer (64-bit) | Recommended | 25.4 MB |
| Windows installer (32-bit) | 24.1 MB | |
| Windows installer (ARM64) | Experimental | 24.6 MB |