1.. date: 2025-06-02-11-32-23 2.. gh-issue: 135034 3.. nonce: RLGjbp 4.. release date: 2025-06-03 5.. section: Security 6 7Fixes multiple issues that allowed ``tarfile`` extraction filters 8(``filter="data"`` and ``filter="tar"``) to be bypassed using crafted 9symlinks and hard links. 10 11Addresses CVE 2024-12718, CVE 2025-4138, CVE 2025-4330, and CVE 2025-4517. 12 13.. 14 15.. date: 2025-05-09-20-22-54 16.. gh-issue: 133767 17.. nonce: kN2i3Q 18.. section: Security 19 20Fix use-after-free in the "unicode-escape" decoder with a non-"strict" error 21handler. 22 23.. 24 25.. date: 2025-01-14-11-19-07 26.. gh-issue: 128840 27.. nonce: M1doZW 28.. section: Security 29 30Short-circuit the processing of long IPv6 addresses early in 31:mod:`ipaddress` to prevent excessive memory consumption and a minor 32denial-of-service. 33 34.. 35 36.. date: 2025-05-28-15-53-27 37.. gh-issue: 128840 38.. nonce: Nur2pB 39.. section: Library 40 41Fix parsing long IPv6 addresses with embedded IPv4 address. 42 43.. 44 45.. date: 2025-05-15-14-27-01 46.. gh-issue: 134062 47.. nonce: fRbJet 48.. section: Library 49 50:mod:`ipaddress`: fix collisions in :meth:`~object.__hash__` for 51:class:`~ipaddress.IPv4Network` and :class:`~ipaddress.IPv6Network` objects. 52 53.. 54 55.. date: 2024-08-28-13-03-36 56.. gh-issue: 123409 57.. nonce: lW0YF- 58.. section: Library 59 60Fix :attr:`ipaddress.IPv6Address.reverse_pointer` output according to 61:rfc:`RFC 3596, §2.5 <3596#section-2.5>`. Patch by Bénédikt Tran. 62 63.. 64 65.. bpo: 43633 66.. date: 2021-10-31-16-06-28 67.. nonce: vflwXv 68.. section: Library 69 70Improve the textual representation of IPv4-mapped IPv6 addresses 71(:rfc:`4291` Sections 2.2, 2.5.5.2) in :mod:`ipaddress`. Patch by Oleksandr 72Pavliuk. 73