FreshPorts - VuXML
This page displays vulnerability information about FreeBSD Ports.
The last vuln.xml file processed by FreshPorts is:
nothing found there
List all Vulnerabilities, by package
List all Vulnerabilities, by date
These are the vulnerabilities relating to the commit you have selected:
|145ce848-1165-11ec-ac7e-08002789875b||Python -- multiple vulnerabilities|
bpo-42278: Replaced usage of tempfile.mktemp() with TemporaryDirectory to avoid
a potential race condition.
bpo-44394: Update the vendored copy of libexpat to 2.4.1 (from 2.2.8) to get the
fix for the CVE-2013-0340 "Billion Laughs" vulnerability. This copy is most used
on Windows and macOS.
bpo-43124: Made the internal putcmd function in smtplib sanitize input for
presence of \r and \n characters to avoid (unlikely) command injection.
bpo-36384: ipaddress module no longer accepts any leading zeros in IPv4 address
strings. Leading zeros are ambiguous and interpreted as octal notation by some
libraries. For example the legacy function socket.inet_aton() treats leading
zeros as octal notation. glibc implementation of modern inet_pton() does not
accept any leading zeros. For a while the ipaddress module used to accept ambiguous