From df341df0b4f2db088c3b73626a82d5e3ba80e9d8 Mon Sep 17 00:00:00 2001
From: Vishal Choudhary <vishal.choudhary@chainguard.dev>
Date: Fri, 29 Aug 2025 11:10:52 +0530
Subject: [PATCH] fix(python-3.11): remediate CVE-2025-8194

Signed-off-by: Vishal Choudhary <vishal.choudhary@chainguard.dev>
---
 python-3.11.yaml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/python-3.11.yaml b/python-3.11.yaml
index e9ba27df64cf..d344447c3402 100644
--- a/python-3.11.yaml
+++ b/python-3.11.yaml
@@ -1,7 +1,7 @@
 package:
   name: python-3.11
   version: "3.11.13"
-  epoch: 3
+  epoch: 4
   description: "the Python programming language"
   copyright:
     - license: PSF-2.0
@@ -48,6 +48,8 @@ pipeline:
       expected-commit: 498b971ea3673012a1d4b21860b229d55fc6e575
       repository: https://github.com/python/cpython.git
       tag: v${{package.version}}
+      cherry-picks: |
+        3.11/b4ec17488eedec36d3c05fec127df71c0071f6cb: Remediate CVE-2025-8194
 
   - name: Force use of system libraries
     runs: |