This update for python313 fixes the following issues:
- Update to v3.13.13
- CVE-2025-13462: incorrect parsing of TarInfo header when GNU long name and type AREGTYPE are combined (bsc#1259611).
- CVE-2026-2297: cpython: incorrectly handled hook in FileLoader can lead to validation bypass (bsc#1259240).
- CVE-2026-3479: python: improper resource argument validation can allow path traversal (bsc#1259989).
- CVE-2026-3644: incomplete control character validation in http.cookies (bsc#1259734).
- CVE-2026-4224: C stack overflow when parsing XML with deeply nested DTD content models (bsc#1259735).
- CVE-2026-4519: leading dashes in URLs are accepted by the
webbrowser.open() API and allow for web browser command line option injection (bsc#1260026).