Re: CVS commit: pkgsrc/lang/python34

To: pkgsrc-changes%NetBSD.org@localhost
Subject: Re: CVS commit: pkgsrc/lang/python34
From: Leonardo Taccari <leot%NetBSD.org@localhost>
Date: Tue, 07 Aug 2018 11:00:33 +0200

Hello Adam,

Adam Ciarcinski writes:
> Module Name:  pkgsrc
> Committed By: adam
> Date:         Tue Aug  7 08:44:41 UTC 2018
>
> Modified Files:
>       pkgsrc/lang/python34: Makefile dist.mk distinfo
>
> Log Message:
> python34: updated to 3.4.9
>
> 3.4.9:
> Bug fix release for Python 3.4.
>
> [...]

Please provide the entire changelog, according upstream this fixes
at least two possible security issues:

 |  3.4.9
 |  -----
 |  Security
 | 
 |  - bpo-33001: Minimal fix to prevent buffer overrun in os.symlink on Windows
 |  - bpo-32981: Regexes in difflib and poplib were vulnerable to catastrophic
 |               backtracking. These regexes formed potential DOS vectors
 |               (REDOS). They have been refactored. This resolves
 |               CVE-2018-1060 and CVE-2018-1061. Patch by Jamie Davis.


Thank you!

References:
- CVS commit: pkgsrc/lang/python34
  - From: Adam Ciarcinski

Prev by Date: Re: CVS commit: pkgsrc/lang/python35
Next by Date: CVS commit: pkgsrc/devel
Previous by Thread: CVS commit: pkgsrc/lang/python34
Next by Thread: CVS commit: pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index