CLSA-2026-1774261018 python3.9: Fix of 3 CVEs
CVE-2026-0865: Prevent HTTP header injection: validate and reject user- controlled header names and values containing newlines. - CVE-2025-15367: Reject control characters in POP3 commands - CVE-2026-1299: Reject incorrectly folded LiteralHeader values and quote newlines during BytesGenerator...