FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-25 11:22:49 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
032643d7-0ba7-11ec-a689-080027e50e6d	Python -- multiple vulnerabilities Python reports: bpo-42278: Replaced usage of tempfile.mktemp() with TemporaryDirectory to avoid a potential race condition. bpo-41180: Add auditing events to the marshal module, and stop raising code.__init__ events for every unmarshalled code object. Directly instantiated code objects will continue to raise an event, and audit event handlers should inspect or collect the raw marshal data. This reduces a significant performance overhead when loading from .pyc files. bpo-44394: Update the vendored copy of libexpat to 2.4.1 (from 2.2.8) to get the fix for the CVE-2013-0340 "Billion Laughs" vulnerability. This copy is most used on Windows and macOS. bpo-43124: Made the internal putcmd function in smtplib sanitize input for presence of \r and \n characters to avoid (unlikely) command injection. Discovery 2021-08-30 Entry 2021-09-02 python39 < 3.9.7 https://docs.python.org/release/3.9.7/whatsnew/changelog.html

VuXML ID

Description

032643d7-0ba7-11ec-a689-080027e50e6d

Python -- multiple vulnerabilities

Python reports:

bpo-42278: Replaced usage of tempfile.mktemp() with TemporaryDirectory to avoid a potential race condition.

bpo-41180: Add auditing events to the marshal module, and stop raising code.__init__ events for every unmarshalled code object. Directly instantiated code objects will continue to raise an event, and audit event handlers should inspect or collect the raw marshal data. This reduces a significant performance overhead when loading from .pyc files.

bpo-44394: Update the vendored copy of libexpat to 2.4.1 (from 2.2.8) to get the fix for the CVE-2013-0340 "Billion Laughs" vulnerability. This copy is most used on Windows and macOS.

bpo-43124: Made the internal putcmd function in smtplib sanitize input for presence of \r and \n characters to avoid (unlikely) command injection.

Discovery 2021-08-30
Entry 2021-09-02
python39

< 3.9.7

https://docs.python.org/release/3.9.7/whatsnew/changelog.html