Debian 11 Bullseye DLA-3948-1 Critical: pypy3 Permissions Issue

CVE-2023-6597

An issue was found in the CPython `tempfile.TemporaryDirectory` class
affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and
prior. The tempfile.TemporaryDirectory class would dereference
symlinks during cleanup of permissions-related errors. This means
users which can run privileged programs are potentially able to modify
permissions of files referenced by symlinks in some circumstances.

CVE-2023-24329

An issue in the urllib.parse component of Python before 3.11.4 allows
attackers to bypass blocklisting methods by supplying a URL that starts
with blank characters.

CVE-2023-40217

An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18,
3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects
servers (such as HTTP servers) that use TLS client authentication. If
a TLS server-side socket is created, receives data into the socket
buffer, and then is closed quickly, there is a brief window where