package/python3: security bump version to 3.13.8

Release notes: https://www.python.org/downloads/release/python-3138/

Fixes the following security issues:

gh-139400: xml.parsers.expat: Make sure that parent Expat parsers are only
garbage-collected once they are no longer referenced by subparsers created
by ExternalEntityParserCreate().  Patch by Sebastian Pipping.

gh-139283: sqlite3: correctly handle maximum number of rows to fetch in
Cursor.fetchmany and reject negative values for Cursor.arraysize.  Patch by
Bénédikt Tran.

gh-135661: Fix CDATA section parsing in html.parser.HTMLParser according to
the HTML5 standard

https://docs.python.org/release/3.13.8/whatsnew/changelog.html#security

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
[Peter: Mark as security bump]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/python3/python3.hash

@@ -1,5 +1,5 @@
-# From https://www.python.org/downloads/release/python-3137/
-md5  256cdb3bbf45cdce7499e52ba6c36ea3  Python-3.13.7.tar.xz
+# From https://www.python.org/downloads/release/python-3138/
+md5  ba3da8187b03db6f42052f8707c22564  Python-3.13.8.tar.xz
 # Locally computed
-sha256  5462f9099dfd30e238def83c71d91897d8caa5ff6ebc7a50f14d4802cdaaa79a  Python-3.13.7.tar.xz
+sha256  b9910730526b298299b46b35595ced9055722df60c06ad6301f6a4e2c728a252  Python-3.13.8.tar.xz
 sha256  78b12c3a81360b357002334f0e70ea0e92eebf7a9b358805c03c48484945f3bb  LICENSE

package/python3/python3.mk

@@ -5,7 +5,7 @@
 ################################################################################
 
 PYTHON3_VERSION_MAJOR = 3.13
-PYTHON3_VERSION = $(PYTHON3_VERSION_MAJOR).7
+PYTHON3_VERSION = $(PYTHON3_VERSION_MAJOR).8
 PYTHON3_SOURCE = Python-$(PYTHON3_VERSION).tar.xz
 PYTHON3_SITE = https://python.org/ftp/python/$(PYTHON3_VERSION)
 PYTHON3_LICENSE = Python-2.0, others