From 4b71483e35fa1b396e988e00e3668a8d9fae8ebf Mon Sep 17 00:00:00 2001
From: Dan Ryan <daniel.ryan@chainguard.dev>
Date: Mon, 3 Feb 2025 14:36:53 -0500
Subject: [PATCH] add CVE-2025-0938 fix

https://mail.python.org/archives/list/security-announce@python.org/thread/K4EUG6EKV6JYFIC24BASYOZS4M5XOQIB/
python/cpython#129526

Signed-off-by: Dan Ryan <daniel.ryan@chainguard.dev>
---
 python-3.12.yaml | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/python-3.12.yaml b/python-3.12.yaml
index ee7afd76277..3e5f3783dca 100644
--- a/python-3.12.yaml
+++ b/python-3.12.yaml
@@ -1,7 +1,7 @@
 package:
   name: python-3.12
   version: 3.12.8
-  epoch: 2
+  epoch: 3
   description: "the Python programming language"
   copyright:
     - license: PSF-2.0
@@ -55,7 +55,8 @@ pipeline:
       repository: https://github.com/python/cpython.git
       tag: v${{package.version}}
       cherry-picks: |
-        3.12/9aa0deb2eef2655a1029ba228527b152353135b5: CVE-2024-12254 fix
+        3.12/9aa0deb2eef2655a1029ba228527b152353135b5: CVE-2024-12254
+        3.12/a7084f6075c9595ba60119ce8c62f1496f50c568: CVE-2025-0938
 
   - name: Force use of system libraries
     runs: |