diff --git a/CVE-2025-6069-quad-complex-HTMLParser.patch b/CVE-2025-6069-quad-complex-HTMLParser.patch
deleted file mode 100644
index 70eb744..0000000
--- a/CVE-2025-6069-quad-complex-HTMLParser.patch
+++ /dev/null
@@ -1,237 +0,0 @@
-From 1d53c3e7343bddb064182e02c21b13be9b63390f Mon Sep 17 00:00:00 2001
-From: Serhiy Storchaka
-Date: Fri, 13 Jun 2025 19:57:48 +0300
-Subject: [PATCH] [3.12] gh-135462: Fix quadratic complexity in processing
- special input in HTMLParser (GH-135464)
-
-End-of-file errors are now handled according to the HTML5 specs --
-comments and declarations are automatically closed, tags are ignored.
-(cherry picked from commit 6eb6c5dbfb528bd07d77b60fd71fd05d81d45c41)
-
-Co-authored-by: Serhiy Storchaka
----
- Lib/html/parser.py | 41 +++-
- Lib/test/test_htmlparser.py | 94 ++++++++--
- Misc/NEWS.d/next/Security/2025-06-13-15-55-22.gh-issue-135462.KBeJpc.rst | 4
- 3 files changed, 116 insertions(+), 23 deletions(-)
- create mode 100644 Misc/NEWS.d/next/Security/2025-06-13-15-55-22.gh-issue-135462.KBeJpc.rst
-
-Index: Python-3.12.11/Lib/html/parser.py
-===================================================================
---- Python-3.12.11.orig/Lib/html/parser.py 2025-07-02 17:09:00.904899297 +0200
-+++ Python-3.12.11/Lib/html/parser.py 2025-07-02 17:09:12.496469955 +0200
-@@ -25,6 +25,7 @@
- charref = re.compile('&#(?:[0-9]+|[xX][0-9a-fA-F]+)[^0-9a-fA-F]')
-
- starttagopen = re.compile('<[a-zA-Z]')
-+endtagopen = re.compile('')
- commentclose = re.compile(r'--\s*>')
- # Note:
-@@ -177,7 +178,7 @@
- k = self.parse_pi(i)
- elif startswith("', i + 1)
-- if k < 0:
-- k = rawdata.find('<', i + 1)
-- if k < 0:
-- k = i + 1
-+ if starttagopen.match(rawdata, i): # < + letter
-+ pass
-+ elif startswith("'),
-- ('comment', '/img'),
-- ('endtag', 'html<')])
-+ ('data', '\n')])
-
- def test_starttag_junk_chars(self):
-+ self._run_check("<", [('data', '<')])
-+ self._run_check("<>", [('data', '<>')])
-+ self._run_check("< >", [('data', '< >')])
-+ self._run_check("< ", [('data', '< ')])
- self._run_check("", [])
-+ self._run_check("<$>", [('data', '<$>')])
- self._run_check("", [('comment', '$')])
- self._run_check("", [('endtag', 'a')])
-+ self._run_check("", [('starttag', 'a", [('endtag', 'a'", [('data', "'", [])
-+ self._run_check("", [('starttag', 'a$b', [])])
- self._run_check("", [('startendtag', 'a$b', [])])
- self._run_check("", [('starttag', 'a$b', [])])
- self._run_check("", [('startendtag', 'a$b', [])])
-+ self._run_check("", [('endtag', 'a$b')])
-
- def test_slashes_in_starttag(self):
- self._run_check('', [('startendtag', 'a', [('foo', 'var')])])
-@@ -539,13 +546,56 @@
- for html, expected in data:
- self._run_check(html, expected)
-
-- def test_broken_comments(self):
-- html = (''
-+ def test_eof_in_comments(self):
-+ data = [
-+ ('', [('comment', '-!>')]),
-+ (''
- ''
- ''
- '')
- expected = [
-+ ('comment', 'ELEMENT br EMPTY'),
- ('comment', ' not really a comment '),
- ('comment', ' not a comment either --'),
- ('comment', ' -- close enough --'),
-@@ -600,6 +650,26 @@
- ('endtag', 'a'), ('data', ' bar & baz')]
- )
-
-+ @support.requires_resource('cpu')
-+ def test_eof_no_quadratic_complexity(self):
-+ # Each of these examples used to take about an hour.
-+ # Now they take a fraction of a second.
-+ def check(source):
-+ parser = html.parser.HTMLParser()
-+ parser.feed(source)
-+ parser.close()
-+ n = 120_000
-+ check("
-Date: Mon, 28 Jul 2025 17:37:26 +0200
-Subject: [PATCH] gh-130577: tarfile now validates archives to ensure member
- offsets are non-negative (GH-137027) (cherry picked from commit
- 7040aa54f14676938970e10c5f74ea93cd56aa38)
-
-Co-authored-by: Alexander Urieles
-Co-authored-by: Gregory P. Smith
----
- Lib/tarfile.py | 3
- Lib/test/test_tarfile.py | 156 ++++++++++
- Misc/NEWS.d/next/Library/2025-07-23-00-35-29.gh-issue-130577.c7EITy.rst | 3
- 3 files changed, 162 insertions(+)
- create mode 100644 Misc/NEWS.d/next/Library/2025-07-23-00-35-29.gh-issue-130577.c7EITy.rst
-
-Index: Python-3.12.11/Lib/tarfile.py
-===================================================================
---- Python-3.12.11.orig/Lib/tarfile.py 2025-08-01 22:20:38.061933888 +0200
-+++ Python-3.12.11/Lib/tarfile.py 2025-08-01 22:20:42.185990406 +0200
-@@ -1614,6 +1614,9 @@
- """Round up a byte count by BLOCKSIZE and return it,
- e.g. _block(834) => 1024.
- """
-+ # Only non-negative offsets are allowed
-+ if count < 0:
-+ raise InvalidHeaderError("invalid offset")
- blocks, remainder = divmod(count, BLOCKSIZE)
- if remainder:
- blocks += 1
-Index: Python-3.12.11/Lib/test/test_tarfile.py
-===================================================================
---- Python-3.12.11.orig/Lib/test/test_tarfile.py 2025-08-01 22:20:39.792514772 +0200
-+++ Python-3.12.11/Lib/test/test_tarfile.py 2025-08-01 22:20:42.187347433 +0200
-@@ -50,6 +50,7 @@
- xzname = os.path.join(TEMPDIR, "testtar.tar.xz")
- tmpname = os.path.join(TEMPDIR, "tmp.tar")
- dotlessname = os.path.join(TEMPDIR, "testtar")
-+SPACE = b" "
-
- sha256_regtype = (
- "e09e4bc8b3c9d9177e77256353b36c159f5f040531bbd4b024a8f9b9196c71ce"
-@@ -4488,6 +4489,161 @@
- ar.extractall(self.testdir, filter='fully_trusted')
-
-
-+class OffsetValidationTests(unittest.TestCase):
-+ tarname = tmpname
-+ invalid_posix_header = (
-+ # name: 100 bytes
-+ tarfile.NUL * tarfile.LENGTH_NAME
-+ # mode, space, null terminator: 8 bytes
-+ + b"000755" + SPACE + tarfile.NUL
-+ # uid, space, null terminator: 8 bytes
-+ + b"000001" + SPACE + tarfile.NUL
-+ # gid, space, null terminator: 8 bytes
-+ + b"000001" + SPACE + tarfile.NUL
-+ # size, space: 12 bytes
-+ + b"\xff" * 11 + SPACE
-+ # mtime, space: 12 bytes
-+ + tarfile.NUL * 11 + SPACE
-+ # chksum: 8 bytes
-+ + b"0011407" + tarfile.NUL
-+ # type: 1 byte
-+ + tarfile.REGTYPE
-+ # linkname: 100 bytes
-+ + tarfile.NUL * tarfile.LENGTH_LINK
-+ # magic: 6 bytes, version: 2 bytes
-+ + tarfile.POSIX_MAGIC
-+ # uname: 32 bytes
-+ + tarfile.NUL * 32
-+ # gname: 32 bytes
-+ + tarfile.NUL * 32
-+ # devmajor, space, null terminator: 8 bytes
-+ + tarfile.NUL * 6 + SPACE + tarfile.NUL
-+ # devminor, space, null terminator: 8 bytes
-+ + tarfile.NUL * 6 + SPACE + tarfile.NUL
-+ # prefix: 155 bytes
-+ + tarfile.NUL * tarfile.LENGTH_PREFIX
-+ # padding: 12 bytes
-+ + tarfile.NUL * 12
-+ )
-+ invalid_gnu_header = (
-+ # name: 100 bytes
-+ tarfile.NUL * tarfile.LENGTH_NAME
-+ # mode, null terminator: 8 bytes
-+ + b"0000755" + tarfile.NUL
-+ # uid, null terminator: 8 bytes
-+ + b"0000001" + tarfile.NUL
-+ # gid, space, null terminator: 8 bytes
-+ + b"0000001" + tarfile.NUL
-+ # size, space: 12 bytes
-+ + b"\xff" * 11 + SPACE
-+ # mtime, space: 12 bytes
-+ + tarfile.NUL * 11 + SPACE
-+ # chksum: 8 bytes
-+ + b"0011327" + tarfile.NUL
-+ # type: 1 byte
-+ + tarfile.REGTYPE
-+ # linkname: 100 bytes
-+ + tarfile.NUL * tarfile.LENGTH_LINK
-+ # magic: 8 bytes
-+ + tarfile.GNU_MAGIC
-+ # uname: 32 bytes
-+ + tarfile.NUL * 32
-+ # gname: 32 bytes
-+ + tarfile.NUL * 32
-+ # devmajor, null terminator: 8 bytes
-+ + tarfile.NUL * 8
-+ # devminor, null terminator: 8 bytes
-+ + tarfile.NUL * 8
-+ # padding: 167 bytes
-+ + tarfile.NUL * 167
-+ )
-+ invalid_v7_header = (
-+ # name: 100 bytes
-+ tarfile.NUL * tarfile.LENGTH_NAME
-+ # mode, space, null terminator: 8 bytes
-+ + b"000755" + SPACE + tarfile.NUL
-+ # uid, space, null terminator: 8 bytes
-+ + b"000001" + SPACE + tarfile.NUL
-+ # gid, space, null terminator: 8 bytes
-+ + b"000001" + SPACE + tarfile.NUL
-+ # size, space: 12 bytes
-+ + b"\xff" * 11 + SPACE
-+ # mtime, space: 12 bytes
-+ + tarfile.NUL * 11 + SPACE
-+ # chksum: 8 bytes
-+ + b"0010070" + tarfile.NUL
-+ # type: 1 byte
-+ + tarfile.REGTYPE
-+ # linkname: 100 bytes
-+ + tarfile.NUL * tarfile.LENGTH_LINK
-+ # padding: 255 bytes
-+ + tarfile.NUL * 255
-+ )
-+ valid_gnu_header = tarfile.TarInfo("filename").tobuf(tarfile.GNU_FORMAT)
-+ data_block = b"\xff" * tarfile.BLOCKSIZE
-+
-+ def _write_buffer(self, buffer):
-+ with open(self.tarname, "wb") as f:
-+ f.write(buffer)
-+
-+ def _get_members(self, ignore_zeros=None):
-+ with open(self.tarname, "rb") as f:
-+ with tarfile.open(
-+ mode="r", fileobj=f, ignore_zeros=ignore_zeros
-+ ) as tar:
-+ return tar.getmembers()
-+
-+ def _assert_raises_read_error_exception(self):
-+ with self.assertRaisesRegex(
-+ tarfile.ReadError, "file could not be opened successfully"
-+ ):
-+ self._get_members()
-+
-+ def test_invalid_offset_header_validations(self):
-+ for tar_format, invalid_header in (
-+ ("posix", self.invalid_posix_header),
-+ ("gnu", self.invalid_gnu_header),
-+ ("v7", self.invalid_v7_header),
-+ ):
-+ with self.subTest(format=tar_format):
-+ self._write_buffer(invalid_header)
-+ self._assert_raises_read_error_exception()
-+
-+ def test_early_stop_at_invalid_offset_header(self):
-+ buffer = self.valid_gnu_header + self.invalid_gnu_header + self.valid_gnu_header
-+ self._write_buffer(buffer)
-+ members = self._get_members()
-+ self.assertEqual(len(members), 1)
-+ self.assertEqual(members[0].name, "filename")
-+ self.assertEqual(members[0].offset, 0)
-+
-+ def test_ignore_invalid_archive(self):
-+ # 3 invalid headers with their respective data
-+ buffer = (self.invalid_gnu_header + self.data_block) * 3
-+ self._write_buffer(buffer)
-+ members = self._get_members(ignore_zeros=True)
-+ self.assertEqual(len(members), 0)
-+
-+ def test_ignore_invalid_offset_headers(self):
-+ for first_block, second_block, expected_offset in (
-+ (
-+ (self.valid_gnu_header),
-+ (self.invalid_gnu_header + self.data_block),
-+ 0,
-+ ),
-+ (
-+ (self.invalid_gnu_header + self.data_block),
-+ (self.valid_gnu_header),
-+ 1024,
-+ ),
-+ ):
-+ self._write_buffer(first_block + second_block)
-+ members = self._get_members(ignore_zeros=True)
-+ self.assertEqual(len(members), 1)
-+ self.assertEqual(members[0].name, "filename")
-+ self.assertEqual(members[0].offset, expected_offset)
-+
-+
- def setUpModule():
- os_helper.unlink(TEMPDIR)
- os.makedirs(TEMPDIR)
-Index: Python-3.12.11/Misc/NEWS.d/next/Library/2025-07-23-00-35-29.gh-issue-130577.c7EITy.rst
-===================================================================
---- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ Python-3.12.11/Misc/NEWS.d/next/Library/2025-07-23-00-35-29.gh-issue-130577.c7EITy.rst 2025-08-01 22:20:42.187819145 +0200
-@@ -0,0 +1,3 @@
-+:mod:`tarfile` now validates archives to ensure member offsets are
-+non-negative. (Contributed by Alexander Enrique Urieles Nieto in
-+:gh:`130577`.)
diff --git a/Python-3.12.11.tar.xz b/Python-3.12.11.tar.xz
deleted file mode 100644
index 64fb9b5..0000000
--- a/Python-3.12.11.tar.xz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:c30bb24b7f1e9a19b11b55a546434f74e739bb4c271a3e3a80ff4380d49f7adb
-size 20525812
diff --git a/Python-3.12.11.tar.xz.asc b/Python-3.12.11.tar.xz.asc
deleted file mode 100644
index 0c071fe..0000000
--- a/Python-3.12.11.tar.xz.asc
+++ /dev/null
@@ -1,18 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQKTBAABCgB9FiEEcWlgX2LHUTVtBUomqCHmgOX6YwUFAmg/MbpfFIAAAAAALgAo
-aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDcx
-Njk2MDVGNjJDNzUxMzU2RDA1NEEyNkE4MjFFNjgwRTVGQTYzMDUACgkQqCHmgOX6
-YwXySQ/7Ba9qlnTLmxqTCO8C7Gf545WNMBL2Ep6JZPgjOcgNk9e1QdAnNV5OOtGm
-gW5nNPSTNNcIcPn058GuI24D4RpTQCJfMbMLsfYgvio0E7ij1gC19PsJHb6ejtCS
-H2kK237Y1kuqRUdbTZssFDoAR4R9+UCaDuo4XdW+UKQk2GgdNQDMWLKmWF/Xk6Ob
-/LihMXj27mDU9nXVdWR55sJzTFzfGB015vmORvcpuctkf1lZ4AfVFMgGw1CgjRjF
-kjrOkrDErjDUQ8BIhMh90deiTpigfg7cg1HBDI6GRzklFg6cMfIdfvmfM0MfamX3
-Tow08TGBzmYXWgrqjYXW6JknKhBGOrjXMB7/yNDk9bJVLcOJaLbOmbcG0WRQF/Py
-DMOCvr09l0yt5KFYpdKrDvyCuKYfpX33B4C60kU9JzmfXGyQ6LDTPXapZooJ+8Fg
-GRTUsc0YWXoaDVCcxMIdiG+jEMQkjWVwW7E/nC/d7WT5L9KPoYFA1sZ834kKq3jr
-NmZynbBnKH7m7L+u6HP6B+pa84FKEME69osAXZk0HJOIHB+SOX3E6BXRo6IV8Q/K
-J6f5Ja26gJ7KXcUxTgkTkYh7tz0bhb+WeL3j6N/BC0eK7ZVsKRZ/3WnntGsG5B2m
-FjVOYKolfkF4tf63SjdFuudgaKGCaDK1PvfwIr7k0oozxrB2ZEA=
-=SYH/
------END PGP SIGNATURE-----
diff --git a/Python-3.12.11.tar.xz.sigstore b/Python-3.12.11.tar.xz.sigstore
deleted file mode 100644
index 793b770..0000000
--- a/Python-3.12.11.tar.xz.sigstore
+++ /dev/null
@@ -1 +0,0 @@
-{"mediaType": "application/vnd.dev.sigstore.bundle.v0.3+json", "verificationMaterial": {"certificate": {"rawBytes": "MIICyzCCAlGgAwIBAgIUYnM19yJLe8BOsB5QSK0ApWs7UFYwCgYIKoZIzj0EAwMwNzEVMBMGA1UEChMMc2lnc3RvcmUuZGV2MR4wHAYDVQQDExVzaWdzdG9yZS1pbnRlcm1lZGlhdGUwHhcNMjUwNjAzMTczMzU5WhcNMjUwNjAzMTc0MzU5WjAAMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEorc8E1btqvKxfzhMFNReGMAAH20rdFPI7kk7GPHd6PdKM7voZXQ95LgSzo2plgysqaIgn3em1cFPQ4JDfZj8FqOCAXAwggFsMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDAzAdBgNVHQ4EFgQUVdDqigJFvvkJ9bwHazqUCUbFWHwwHwYDVR0jBBgwFoAU39Ppz1YkEZb5qNjpKFWixi4YZD8wHwYDVR0RAQH/BBUwE4ERdGhvbWFzQHB5dGhvbi5vcmcwKQYKKwYBBAGDvzABAQQbaHR0cHM6Ly9hY2NvdW50cy5nb29nbGUuY29tMCsGCisGAQQBg78wAQgEHQwbaHR0cHM6Ly9hY2NvdW50cy5nb29nbGUuY29tMIGLBgorBgEEAdZ5AgQCBH0EewB5AHcA3T0wasbHETJjGR4cmWc3AqJKXrjePK3/h4pygC8p7o4AAAGXNttt1QAABAMASDBGAiEAqqQMp3XA3a5TFLhTtiligp2CQqGlqGE/KfJbdVIQnjUCIQDVOfo4//KX7sZMwYpkhdj7xr/H60oTncyTAQjov+3OTTAKBggqhkjOPQQDAwNoADBlAjEA7RpgIF7whv9DvpnOVavPj4kQxM+gIbCvib3ue2STONKO+JnllxtScT+CypbscLT4AjBQFn7rmkKLgY/lT8YTDf9DqvopFJHXCdlbitQ1imoqOhZqJMEI17CMKMdBcc+BmnU="}, "tlogEntries": [{"logIndex": "228874048", "logId": {"keyId": "wNI9atQGlz+VWfO6LRygH4QUfY/8W4RFwiT5i5WRgB0="}, "kindVersion": {"kind": "hashedrekord", "version": "0.0.1"}, "integratedTime": "1748972040", "inclusionPromise": {"signedEntryTimestamp": "MEUCIQDC8I5uDgetSuD63qAPtlnnW58xKiSIGEX9AOJ5AnzNEgIgGfb+03Lf8DsOb1NkU5UNmPUeURv4bkQTgiZjtSfGJX0="}, "inclusionProof": {"logIndex": "106969786", "rootHash": "i3vbVg/L11/yzRE1My+dx8hKb/mLlOrFShOkXpDwz/o=", "treeSize": "106969787", "hashes": ["1fUlZVjuybf+gadL7+hmmzV88MK0fLFhuT2TIf4ruWE=", "h2PCG2d55a7VHzNH7amIjA/LgNJZQAVba+vKss3pYCc=", "fx5Vsw4rXULuFJQV5sKe1/WI5XEQGzkWHHyU/B1zfYw=", "iqK8b0KpsJULg7aqHgSStaU4dNbgrth5QDarXmEl3To=", "5S2DqBJZbuLio6e9iBmJWALzYi0hcpXFV3Z8ydE2lrA=", "n5MzQvR+waONXmENXriYi92eiz9pa5whuAyHmzyZa9Q=", "S+DrHAWb67kO9sHsAjIJ89A0RLlbeXy6mUvzoKO3dMI=", "JQ9xTJKo/o9IWVV8l4RTm06tpXUcGCeAh8ciAprOIoE=", "pqCD1LoiP58WZ9AfwL1uMRLqmiQQKDHHSdnl+4lB+/0=", "uEJFtwcGQJMd9kjQhkXb7gl2WD3WMElCc15uDFvFGxs=", "VdOKzpQhJlpXgijzXANf/hNlje1G/N1kUuVnKNskkso=", "mta5fH/gFwxJ/0fT8yGpn3sFCY0G1RY555Iflm0LInM=", "7v8qPHNDLerpduaMx06eb/MwgoQwczTn/cYGKX/9wZ4="], "checkpoint": {"envelope": "rekor.sigstore.dev - 1193050959916656506\n106969787\ni3vbVg/L11/yzRE1My+dx8hKb/mLlOrFShOkXpDwz/o=\n\n\u2014 rekor.sigstore.dev wNI9ajBFAiBibpE+dFaiZHUWTGPDNXeNfevho16eXV6wm1qMxN/m3wIhAN3M8Rs699nSFmZYP9sEHy6sNglaGwzKb+Nv8tJU7G7B\n"}}, "canonicalizedBody": "eyJhcGlWZXJzaW9uIjoiMC4wLjEiLCJraW5kIjoiaGFzaGVkcmVrb3JkIiwic3BlYyI6eyJkYXRhIjp7Imhhc2giOnsiYWxnb3JpdGhtIjoic2hhMjU2IiwidmFsdWUiOiJjMzBiYjI0YjdmMWU5YTE5YjExYjU1YTU0NjQzNGY3NGU3MzliYjRjMjcxYTNlM2E4MGZmNDM4MGQ0OWY3YWRiIn19LCJzaWduYXR1cmUiOnsiY29udGVudCI6Ik1FUUNJQ2piY2JONkNNK1FNbFE4dG1MdkhHbXFuakNrMm9tMmp0WlBsaUdJUWJieUFpQi9wNjAxVTN6RUcxSjFVTk1GWHlCekNhcVhVemhnRTVzVXUwUGFhT2IyelE9PSIsInB1YmxpY0tleSI6eyJjb250ZW50IjoiTFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVTjVla05EUVd4SFowRjNTVUpCWjBsVldXNU5NVGw1U2t4bE9FSlBjMEkxVVZOTE1FRndWM00zVlVaWmQwTm5XVWxMYjFwSmVtb3dSVUYzVFhjS1RucEZWazFDVFVkQk1WVkZRMmhOVFdNeWJHNWpNMUoyWTIxVmRWcEhWakpOVWpSM1NFRlpSRlpSVVVSRmVGWjZZVmRrZW1SSE9YbGFVekZ3WW01U2JBcGpiVEZzV2tkc2FHUkhWWGRJYUdOT1RXcFZkMDVxUVhwTlZHTjZUWHBWTlZkb1kwNU5hbFYzVG1wQmVrMVVZekJOZWxVMVYycEJRVTFHYTNkRmQxbElDa3R2V2tsNmFqQkRRVkZaU1V0dldrbDZhakJFUVZGalJGRm5RVVZ2Y21NNFJURmlkSEYyUzNobWVtaE5SazVTWlVkTlFVRklNakJ5WkVaUVNUZHJhemNLUjFCSVpEWlFaRXROTjNadldsaFJPVFZNWjFONmJ6SndiR2Q1YzNGaFNXZHVNMlZ0TVdOR1VGRTBTa1JtV21vNFJuRlBRMEZZUVhkblowWnpUVUUwUndwQk1WVmtSSGRGUWk5M1VVVkJkMGxJWjBSQlZFSm5UbFpJVTFWRlJFUkJTMEpuWjNKQ1owVkdRbEZqUkVGNlFXUkNaMDVXU0ZFMFJVWm5VVlZXWkVSeENtbG5Ta1oyZG10S09XSjNTR0Y2Y1ZWRFZXSkdWMGgzZDBoM1dVUldVakJxUWtKbmQwWnZRVlV6T1ZCd2VqRlphMFZhWWpWeFRtcHdTMFpYYVhocE5Ga0tXa1E0ZDBoM1dVUldVakJTUVZGSUwwSkNWWGRGTkVWU1pFZG9kbUpYUm5wUlNFSTFaRWRvZG1KcE5YWmpiV04zUzFGWlMwdDNXVUpDUVVkRWRucEJRZ3BCVVZGaVlVaFNNR05JVFRaTWVUbG9XVEpPZG1SWE5UQmplVFZ1WWpJNWJtSkhWWFZaTWpsMFRVTnpSME5wYzBkQlVWRkNaemM0ZDBGUlowVklVWGRpQ21GSVVqQmpTRTAyVEhrNWFGa3lUblprVnpVd1kzazFibUl5T1c1aVIxVjFXVEk1ZEUxSlIweENaMjl5UW1kRlJVRmtXalZCWjFGRFFrZ3dSV1YzUWpVS1FVaGpRVE5VTUhkaGMySklSVlJLYWtkU05HTnRWMk16UVhGS1MxaHlhbVZRU3pNdmFEUndlV2RET0hBM2J6UkJRVUZIV0U1MGRIUXhVVUZCUWtGTlFRcFRSRUpIUVdsRlFYRnhVVTF3TTFoQk0yRTFWRVpNYUZSMGFXeHBaM0F5UTFGeFIyeHhSMFV2UzJaS1ltUldTVkZ1YWxWRFNWRkVWazltYnpRdkwwdFlDamR6V2sxM1dYQnJhR1JxTjNoeUwwZzJNRzlVYm1ONVZFRlJhbTkyS3pOUFZGUkJTMEpuWjNGb2EycFBVRkZSUkVGM1RtOUJSRUpzUVdwRlFUZFNjR2NLU1VZM2QyaDJPVVIyY0c1UFZtRjJVR28wYTFGNFRTdG5TV0pEZG1saU0zVmxNbE5VVDA1TFR5dEtibXhzZUhSVFkxUXJRM2x3WW5OalRGUTBRV3BDVVFwR2JqZHliV3RMVEdkWkwyeFVPRmxVUkdZNVJIRjJiM0JHU2toWVEyUnNZbWwwVVRGcGJXOXhUMmhhY1VwTlJVa3hOME5OUzAxa1FtTmpLMEp0YmxVOUNpMHRMUzB0UlU1RUlFTkZVbFJKUmtsRFFWUkZMUzB0TFMwSyJ9fX19"}], "timestampVerificationData": {}}, "messageSignature": {"messageDigest": {"algorithm": "SHA2_256", "digest": "wwuyS38emhmxG1WlRkNPdOc5u0wnGj46gP9DgNSfets="}, "signature": "MEQCICjbcbN6CM+QMlQ8tmLvHGmqnjCk2om2jtZPliGIQbbyAiB/p601U3zEG1J1UNMFXyBzCaqXUzhgE5sUu0PaaOb2zQ=="}}
diff --git a/Python-3.12.12.tar.xz b/Python-3.12.12.tar.xz
new file mode 100644
index 0000000..a5676e8
--- /dev/null
+++ b/Python-3.12.12.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:fb85a13414b028c49ba18bbd523c2d055a30b56b18b92ce454ea2c51edc656c4
+size 20798712
diff --git a/Python-3.12.12.tar.xz.asc b/Python-3.12.12.tar.xz.asc
new file mode 100644
index 0000000..9e6c514
--- /dev/null
+++ b/Python-3.12.12.tar.xz.asc
@@ -0,0 +1,18 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQKTBAABCgB9FiEEcWlgX2LHUTVtBUomqCHmgOX6YwUFAmjnnr1fFIAAAAAALgAo
+aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDcx
+Njk2MDVGNjJDNzUxMzU2RDA1NEEyNkE4MjFFNjgwRTVGQTYzMDUACgkQqCHmgOX6
+YwXF3Q//VrreGa+P8lvp9UMjoj/YquKPwLqjzzAWf5vzHipkebdiESsB1HfGu04k
+Jw+ctTnXHf/12u0W7ijv+56JtcJFqEzh8yGokWqOzc99rpCeCY9qtuwaVYtZrTNx
+wepRaDAHdhP4Z2kLPDiE6pCXu2NIR5wHqHjQ8JGmprhASc07uxEhNN/gucVR2Sbr
+cCfC9rHfHkdhoPpZRRbcraAaxPGL3VyBXf7HuYbHhf4GuF9EVDlFg5I0BzHCKJDd
+ebPXYHvsoDgrMMqPXiX/YkGNByf3Ze6KZTNSGICy8SDzIzZgpmtOe5rzvlOXJBZZ
+SVfX8SqP4Ufml+MfJrGEx30S9reYYvnyTSmttpbDznonROKPEZOuDt08+CG3yR+T
+o5RdIneWmGXRf1mBrFKH9Br5tfOd+YeldfxdoQgla2fFHFVRnab1lsZFOC/HZ5z2
+Q3rPfVMDYKO8yoIKqv0BUzlkn9wYphCWoPHq0Y+SGjcP+Zh5qRTMqZYIaGekhWmx
+86egHHVqedMI0Q9hvgIEirupVJ1q34FZn2+3sEka9hdOie9aNHXWTmgWCGDm46qj
+qC9tT/jkMzWIY2Y4RdVDMdSCb7HkBEl1eAANq511gJ+eSWAXbP1sVrQoiAQY+EkC
+Yu2ceZYsl9i6zm7i/QaU/mOGB7xMZhMQLZBnZTHSzAZo/pBN7y8=
+=RuLK
+-----END PGP SIGNATURE-----
diff --git a/Python-3.12.12.tar.xz.sigstore b/Python-3.12.12.tar.xz.sigstore
new file mode 100644
index 0000000..bcab32a
--- /dev/null
+++ b/Python-3.12.12.tar.xz.sigstore
@@ -0,0 +1 @@
+{"mediaType": "application/vnd.dev.sigstore.bundle.v0.3+json", "verificationMaterial": {"certificate": {"rawBytes": "MIICyjCCAlCgAwIBAgIUa7XmzWlmoxbdaf7Bd0cb7k2SJX0wCgYIKoZIzj0EAwMwNzEVMBMGA1UEChMMc2lnc3RvcmUuZGV2MR4wHAYDVQQDExVzaWdzdG9yZS1pbnRlcm1lZGlhdGUwHhcNMjUxMDA5MTEzOTEwWhcNMjUxMDA5MTE0OTEwWjAAMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEnnBupfHW0kIyKIch4g4bg/VMzmQSN3W+fDXSBXPHKVV01duW4mnJBNAx8dOjaDQJbbGLCL3nHReR6AHY5EzzWKOCAW8wggFrMA4GA1UdDwEB/wQEAwIHgDATBgNVHSUEDDAKBggrBgEFBQcDAzAdBgNVHQ4EFgQUxS1GFV6/403CJB2LIriD0Yxys+kwHwYDVR0jBBgwFoAU39Ppz1YkEZb5qNjpKFWixi4YZD8wHwYDVR0RAQH/BBUwE4ERdGhvbWFzQHB5dGhvbi5vcmcwKQYKKwYBBAGDvzABAQQbaHR0cHM6Ly9hY2NvdW50cy5nb29nbGUuY29tMCsGCisGAQQBg78wAQgEHQwbaHR0cHM6Ly9hY2NvdW50cy5nb29nbGUuY29tMIGKBgorBgEEAdZ5AgQCBHwEegB4AHYA3T0wasbHETJjGR4cmWc3AqJKXrjePK3/h4pygC8p7o4AAAGZyMSWqQAABAMARzBFAiEAgP3Zja0sZ42WlEujGWIbBp+3AemF4BPwFlVMLG/criwCIDSK9BOHosQgvpZnN+hpQrqZdHZ7j1QXaxWfcERObDGrMAoGCCqGSM49BAMDA2gAMGUCMC/Fx5Bbae7C7w5CjzPgAIRB8sAV5THF7EynHjFxBqjwYhiMblyn5lzwpTsSpcGyiQIxAMtPBAMZXbJeY8LL/rTmrqaS+gvUCFZe430pf/7njbi+vMTsnX6lbyDW6+MBPf2w0Q=="}, "tlogEntries": [{"logIndex": "597445409", "logId": {"keyId": "wNI9atQGlz+VWfO6LRygH4QUfY/8W4RFwiT5i5WRgB0="}, "kindVersion": {"kind": "hashedrekord", "version": "0.0.1"}, "integratedTime": "1760009951", "inclusionPromise": {"signedEntryTimestamp": "MEQCICmAn/SSLFYafnAtkPRYmvBAv34ZqQsxnCKxA6lvOwtIAiADgWJmj7xnSimwJjyYMND/62BSa6VAn+yiurqa+3sFbg=="}, "inclusionProof": {"logIndex": "475541147", "rootHash": "NtKq0OO26YDo37dp00CxEkih9ardFvhT06bm+f1SQDE=", "treeSize": "475541154", "hashes": ["NslcefFuKuND6JRNbUSPjLrHeL0W18bCD4VhxfCcQKk=", "A0S2uABqcbgE1HPfloLBAk0TlXFJVl7yLEBondSsQ0c=", "6sWxX6Qc03LZeNbyN5W9cj7IZtqLYjkxFKvRS3ynzso=", "sdBvJFo0UwZVcXbz5NwqW/k4wRKwjiBjYIlN9G6hzXc=", "HSc04gOheRI34V7k9W+RDSDZFEf2I9JjEEOdGOMAUCA=", "C0KrXbTnn0FjHCn6Pk8TOEPndNLUliSsS1kLpaoeFho=", "/lb6eJIa9/379KwZZThJl+TJzpB0p9sLsW59J4AkleA=", "60XcwfvS6KRVEutb85dCHmflKO/pCJu3wP/wi71Hjjw=", "T5+n1/blJViw8vobIXjJuar7GB5qkWPWxuPI4TLuIus=", "N/HdEEbPrOhis60vsOpblzzFJ5Gn0VF1X5o/a5zj5ho=", "5iV4XGoB9mnKM5YryHN+GB7tIaTkjbMhbGbF01zhzKU=", "qXhJobQjWl6SO/pue3trUW2uL4jXx24Ip7lpd4hc5bU=", "56ObhlROm9L8Q4JyN+mxEQ5pZD5QdobB1xZFIeL0lVg=", "EGaD/cNavzxGYLx1Gl0uNNWBZvyXlSHSdlIeH7m+63A=", "2Wv4GiithwNukRKV06clevnQQYCzXmSS/+/OJtXgsXQ=", "1mfy94KpcItqshH9+gwqV6jccupcaMpVsF28New8zDY=", "vS7O4ozHIQZJWBiov+mkpI27GE8zAmVCEkRcP3NDyNE="], "checkpoint": {"envelope": "rekor.sigstore.dev - 1193050959916656506\n475541154\nNtKq0OO26YDo37dp00CxEkih9ardFvhT06bm+f1SQDE=\n\n\u2014 rekor.sigstore.dev wNI9ajBFAiBAXkd6xMHjC/fa3mQGVYRGINSGMy5E39T2cwLfMJUCdAIhAJ8pLs5eiFWKL+RH/M/yyicyskpEIjumbkignFyjP+fn\n"}}, "canonicalizedBody": "eyJhcGlWZXJzaW9uIjoiMC4wLjEiLCJraW5kIjoiaGFzaGVkcmVrb3JkIiwic3BlYyI6eyJkYXRhIjp7Imhhc2giOnsiYWxnb3JpdGhtIjoic2hhMjU2IiwidmFsdWUiOiJmYjg1YTEzNDE0YjAyOGM0OWJhMThiYmQ1MjNjMmQwNTVhMzBiNTZiMThiOTJjZTQ1NGVhMmM1MWVkYzY1NmM0In19LCJzaWduYXR1cmUiOnsiY29udGVudCI6Ik1FVUNJUUNzSysxcVRmNGZHd2I1eTBuaHpiQXdKa1hucGUydDYzZU96a3VrQ2Q5bFNRSWdDTzNRb3huTFc2b0FyMk0yMFMvL3k4aURVS0VHZTNwaXBMd0MvK3ptTG5BPSIsInB1YmxpY0tleSI6eyJjb250ZW50IjoiTFMwdExTMUNSVWRKVGlCRFJWSlVTVVpKUTBGVVJTMHRMUzB0Q2sxSlNVTjVha05EUVd4RFowRjNTVUpCWjBsVllUZFliWHBYYkcxdmVHSmtZV1kzUW1Rd1kySTNhekpUU2xnd2QwTm5XVWxMYjFwSmVtb3dSVUYzVFhjS1RucEZWazFDVFVkQk1WVkZRMmhOVFdNeWJHNWpNMUoyWTIxVmRWcEhWakpOVWpSM1NFRlpSRlpSVVVSRmVGWjZZVmRrZW1SSE9YbGFVekZ3WW01U2JBcGpiVEZzV2tkc2FHUkhWWGRJYUdOT1RXcFZlRTFFUVRWTlZFVjZUMVJGZDFkb1kwNU5hbFY0VFVSQk5VMVVSVEJQVkVWM1YycEJRVTFHYTNkRmQxbElDa3R2V2tsNmFqQkRRVkZaU1V0dldrbDZhakJFUVZGalJGRm5RVVZ1YmtKMWNHWklWekJyU1hsTFNXTm9OR2MwWW1jdlZrMTZiVkZUVGpOWEsyWkVXRk1LUWxoUVNFdFdWakF4WkhWWE5HMXVTa0pPUVhnNFpFOXFZVVJSU21KaVIweERURE51U0ZKbFVqWkJTRmsxUlhwNlYwdFBRMEZYT0hkblowWnlUVUUwUndwQk1WVmtSSGRGUWk5M1VVVkJkMGxJWjBSQlZFSm5UbFpJVTFWRlJFUkJTMEpuWjNKQ1owVkdRbEZqUkVGNlFXUkNaMDVXU0ZFMFJVWm5VVlY0VXpGSENrWldOaTgwTURORFNrSXlURWx5YVVRd1dYaDVjeXRyZDBoM1dVUldVakJxUWtKbmQwWnZRVlV6T1ZCd2VqRlphMFZhWWpWeFRtcHdTMFpYYVhocE5Ga0tXa1E0ZDBoM1dVUldVakJTUVZGSUwwSkNWWGRGTkVWU1pFZG9kbUpYUm5wUlNFSTFaRWRvZG1KcE5YWmpiV04zUzFGWlMwdDNXVUpDUVVkRWRucEJRZ3BCVVZGaVlVaFNNR05JVFRaTWVUbG9XVEpPZG1SWE5UQmplVFZ1WWpJNWJtSkhWWFZaTWpsMFRVTnpSME5wYzBkQlVWRkNaemM0ZDBGUlowVklVWGRpQ21GSVVqQmpTRTAyVEhrNWFGa3lUblprVnpVd1kzazFibUl5T1c1aVIxVjFXVEk1ZEUxSlIwdENaMjl5UW1kRlJVRmtXalZCWjFGRFFraDNSV1ZuUWpRS1FVaFpRVE5VTUhkaGMySklSVlJLYWtkU05HTnRWMk16UVhGS1MxaHlhbVZRU3pNdmFEUndlV2RET0hBM2J6UkJRVUZIV25sTlUxZHhVVUZCUWtGTlFRcFNla0pHUVdsRlFXZFFNMXBxWVRCeldqUXlWMnhGZFdwSFYwbGlRbkFyTTBGbGJVWTBRbEIzUm14V1RVeEhMMk55YVhkRFNVUlRTemxDVDBodmMxRm5Dblp3V201T0syaHdVWEp4V21SSVdqZHFNVkZZWVhoWFptTkZVazlpUkVkeVRVRnZSME5EY1VkVFRUUTVRa0ZOUkVFeVowRk5SMVZEVFVNdlJuZzFRbUlLWVdVM1F6ZDNOVU5xZWxCblFVbFNRamh6UVZZMVZFaEdOMFY1YmtocVJuaENjV3AzV1docFRXSnNlVzQxYkhwM2NGUnpVM0JqUjNscFVVbDRRVTEwVUFwQ1FVMWFXR0pLWlZrNFRFd3ZjbFJ0Y25GaFV5dG5kbFZEUmxwbE5ETXdjR1l2TjI1cVlta3JkazFVYzI1WU5teGllVVJYTml0TlFsQm1NbmN3VVQwOUNpMHRMUzB0UlU1RUlFTkZVbFJKUmtsRFFWUkZMUzB0TFMwSyJ9fX19"}], "timestampVerificationData": {}}, "messageSignature": {"messageDigest": {"algorithm": "SHA2_256", "digest": "+4WhNBSwKMSboYu9UjwtBVowtWsYuSzkVOosUe3GVsQ="}, "signature": "MEUCIQCsK+1qTf4fGwb5y0nhzbAwJkXnpe2t63eOzkukCd9lSQIgCO3QoxnLW6oAr2M20S//y8iDUKEGe3pipLwC/+zmLnA="}}
diff --git a/python312.changes b/python312.changes
index 557ab2d..0db2121 100644
--- a/python312.changes
+++ b/python312.changes
@@ -1,3 +1,70 @@
+-------------------------------------------------------------------
+Wed Oct 15 09:10:21 UTC 2025 - Daniel Garcia
+
+- Update to 3.12.12:
+ - Tools/Demos
+ - gh-139330: SBOM generation tool didn’t cross-check the version
+ and checksum values against the Modules/expat/refresh.sh script,
+ leading to the values becoming out-of-date during routine
+ updates.
+ - Security
+ - gh-139700: Check consistency of the zip64 end of central
+ directory record. Support records with “zip64 extensible data”
+ if there are no bytes prepended to the ZIP file.
+ - gh-139400: xml.parsers.expat: Make sure that parent Expat
+ parsers are only garbage-collected once they are no longer
+ referenced by subparsers created by
+ ExternalEntityParserCreate(). Patch by Sebastian Pipping.
+ - gh-135661: Fix parsing start and end tags in
+ html.parser.HTMLParser according to the HTML5 standard.
+ * Whitespaces no longer accepted between does not end the script section.
+ * Vertical tabulation (\v) and non-ASCII whitespaces no longer
+ recognized as whitespaces. The only whitespaces are \t\n\r\f
+ and space.
+ * Null character (U+0000) no longer ends the tag name.
+ * Attributes and slashes after the tag name in end tags are now
+ ignored, instead of terminating after the first > in quoted
+ attribute value. E.g. .
+ * Multiple slashes and whitespaces between the last attribute
+ and closing > are now ignored in both start and end tags. E.g.
+ .
+ * Multiple = between attribute name and value are no longer
+ collapsed. E.g. produces attribute “foo” with
+ value “=bar”.
+ - gh-135661: Fix CDATA section parsing in html.parser.HTMLParser
+ according to the HTML5 standard: ] ]> and ]] > no longer end the
+ CDATA section. Add private method _set_support_cdata() which can
+ be used to specify how to parse <[CDATA[ — as a CDATA section in
+ foreign content (SVG or MathML) or as a bogus comment in the
+ HTML namespace.
+ - gh-102555: Fix comment parsing in html.parser.HTMLParser
+ according to the HTML5 standard. --!> now ends the comment. -- >
+ no longer ends the comment. Support abnormally ended empty
+ comments <--> and <--->.
+ - gh-135462: Fix quadratic complexity in processing specially
+ crafted input in html.parser.HTMLParser. End-of-file errors are
+ now handled according to the HTML5 specs – comments and
+ declarations are automatically closed, tags are ignored.
+ - gh-118350: Fix support of escapable raw text mode (elements
+ “textarea” and “title”) in html.parser.HTMLParser.
+ - gh-86155: html.parser.HTMLParser.close() no longer loses data
+ when the