https://github.com/python/cpython/commit/d424d8847ac8f16d4ca70d63a723875315edb057 commit: d424d8847ac8f16d4ca70d63a723875315edb057 branch: 3.13 author: Miss Islington (bot) <[email protected]> committer: hugovk <[email protected]> date: 2026-04-29T14:53:55Z summary:
[3.13] gh-149148: Upgrade bundled pip to 26.1 (GH-149150) (#149155) Co-authored-by: Victor Stinner <[email protected]> Co-authored-by: Hugo van Kemenade <[email protected]> files: A Lib/ensurepip/_bundled/pip-26.1-py3-none-any.whl A Misc/NEWS.d/next/Library/2026-04-29-14-33-42.gh-issue-149148.EaiYvk.rst D Lib/ensurepip/_bundled/pip-26.0.1-py3-none-any.whl M Lib/ensurepip/__init__.py diff --git a/Lib/ensurepip/__init__.py b/Lib/ensurepip/__init__.py index 9f4e64bc78bdf9..65179721478992 100644 --- a/Lib/ensurepip/__init__.py +++ b/Lib/ensurepip/__init__.py @@ -10,7 +10,7 @@ __all__ = ["version", "bootstrap"] -_PIP_VERSION = "26.0.1" +_PIP_VERSION = "26.1" # Directory of system wheel packages. Some Linux distribution packaging # policies recommend against bundling dependencies. For example, Fedora diff --git a/Lib/ensurepip/_bundled/pip-26.0.1-py3-none-any.whl b/Lib/ensurepip/_bundled/pip-26.1-py3-none-any.whl similarity index 73% rename from Lib/ensurepip/_bundled/pip-26.0.1-py3-none-any.whl rename to Lib/ensurepip/_bundled/pip-26.1-py3-none-any.whl index 580d09a920422f..b51afa14f7c0ad 100644 Binary files a/Lib/ensurepip/_bundled/pip-26.0.1-py3-none-any.whl and b/Lib/ensurepip/_bundled/pip-26.1-py3-none-any.whl differ diff --git a/Misc/NEWS.d/next/Library/2026-04-29-14-33-42.gh-issue-149148.EaiYvk.rst b/Misc/NEWS.d/next/Library/2026-04-29-14-33-42.gh-issue-149148.EaiYvk.rst new file mode 100644 index 00000000000000..06186773474fb9 --- /dev/null +++ b/Misc/NEWS.d/next/Library/2026-04-29-14-33-42.gh-issue-149148.EaiYvk.rst @@ -0,0 +1,2 @@ +:mod:`ensurepip`: Upgrade bundled pip to 26.1. This version fixes +the :cve:`2026-3219` vulnerability. Patch by Victor Stinner. _______________________________________________ Python-checkins mailing list -- [email protected] To unsubscribe send an email to [email protected] https://mail.python.org/mailman3//lists/python-checkins.python.org Member address: [email protected]
