Python 3.14.2 and 3.13.11: Quick-Fix Releases Address Regressions and Security Gaps

The Python team has rolled out two expedited releases—Python 3.14.2 and 3.13.11—just three days after their predecessors. These quick-turnaround versions focus on fixing critical regressions and patching security vulnerabilities that emerged in the previous updates. Below, we answer common questions about what’s new, what’s fixed, and how these releases affect your Python environment.

Why were Python 3.14.2 and 3.13.11 released so soon after the previous versions?

The Python release team identified several regressions in the most recent maintenance releases (3.14.1 and 3.13.10) that could disrupt developers and production systems. For example, exceptions in the multiprocessing module could appear when upgrading Python on a running system, and certain dataclasses without an __init__ method would break. Additionally, re.Scanner crashes and insertdict segmentation faults made immediate fixes necessary. To address these issues quickly, the team expedited the releases, bundling them with crucial security patches. This proactive approach ensures that users can continue working without waiting for the normal release cycle.

What regressions are fixed in Python 3.14.2?

Python 3.14.2, the second maintenance release of the 3.14 series, resolves four regressions:

• gh-142206: Exceptions in multiprocessing when upgrading Python while programs are running.
• gh-142214: Exceptions in dataclasses that lack an __init__ method.
• gh-142218: Segmentation faults and assertion failures in the insertdict operation.
• gh-140797: Crashes when using multiple capturing groups in re.Scanner.

These fixes restore stability in concurrent programming, class definition, dictionary insertion, and regular expression scanning.

What security fixes are included in both Python 3.14.2 and 3.13.11?

Both releases share CVE-2025-12084, which removes quadratic behavior in node ID cache clearing—a vulnerability that could lead to denial-of-service attacks. Additionally, they fix a potential virtual memory allocation denial of service in http.server (CVE-2025-12085 in 3.14.2, tracked as gh-119452). Python 3.13.11 includes an extra security patch: a denial-of-service fix in http.client (gh-119451). These patches close gaps that attackers could exploit to consume excessive system resources.

What is the purpose of maintenance releases like 3.14.2 and 3.13.11?

Maintenance releases, such as these, are designed to improve the stability and security of Python without adding new features. They focus on bugfixes, build improvements, and documentation changes. For example, Python 3.14.2 contains 18 such improvements since 3.14.1. These releases ensure that users on a specific Python version can benefit from the latest fixes without upgrading to a major new release, which might introduce breaking changes.

How many bugfixes are in Python 3.14.2 compared to 3.14.1?

Python 3.14.2 includes 18 bugfixes, build improvements, and documentation changes beyond what 3.14.1 offered. That’s a significant number for a minor patch release, reflecting the urgency behind the regressions and security issues. Users who skipped 3.14.1 should note that 3.14.2 includes all fixes from 3.14.1 plus these additional corrections.

Are there specific fixes for the re.Scanner module?

Yes. Both Python 3.14.2 and 3.13.11 address a crash that occurred when using multiple capturing groups in re.Scanner (issue gh-140797). Previously, certain complex patterns could cause the scanner to fail unexpectedly. This fix ensures that developers can safely use advanced regular expression features without worrying about segmentation faults or hangs.

Where can I download these releases and find the full changelogs?

You can download Python 3.14.2 from the official release page and Python 3.13.11 from its release page. For a complete list of changes, refer to the full changelogs linked on those pages. The Python Software Foundation encourages users to upgrade as soon as possible, especially because these releases address both stability regressions and security vulnerabilities.