Re: CVS commit: pkgsrc/lang/python35

To: pkgsrc-changes%NetBSD.org@localhost
Subject: Re: CVS commit: pkgsrc/lang/python35
From: Leonardo Taccari <leot%NetBSD.org@localhost>
Date: Tue, 07 Aug 2018 10:56:46 +0200

Hello Adam,

Adam Ciarcinski writes:
> Module Name:  pkgsrc
> Committed By: adam
> Date:         Tue Aug  7 08:44:02 UTC 2018
>
> Modified Files:
>       pkgsrc/lang/python35: Makefile dist.mk distinfo
>
> Log Message:
> python35: updated to 3.5.6
>
> 3.5.6:
> Bug fix release for Python 3.5.

Please provide the entire changelog, according upstream this at least
fixes two possible security issues:

 | 3.5.6
 | -----
 | Security
 | 
 |  - bpo-33001: Minimal fix to prevent buffer overrun in os.symlink on Windows
 |  - bpo-32981: Regexes in difflib and poplib were vulnerable to catastrophic
 |               backtracking. These regexes formed potential DOS vectors
 |               (REDOS). They have been refactored. This resolves
 |               CVE-2018-1060 and CVE-2018-1061. Patch by Jamie Davis.
 | 
 | Documentation
 | 
 |  - bpo-33216: Clarify the documentation for CALL_FUNCTION_VAR,
 |               CALL_FUNCTION_KW, and CALL_FUNCTION_VAR_KW.


Thank you!

References:
- CVS commit: pkgsrc/lang/python35
  - From: Adam Ciarcinski

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: Re: CVS commit: pkgsrc/lang/python34
Previous by Thread: CVS commit: pkgsrc/lang/python35
Next by Thread: CVS commit: pkgsrc/lang/python34
Indexes:

Home | Main Index | Thread Index | Old Index