Re: python38-3.8.11 is vulnerable

From: LuMiWa via python <python_at_FreeBSD.org>
Date: Tue, 14 Sep 2021 03:31:21 -0400
On Tue, 14 Sep 2021 09:55:19 +1000
Kubilay Kocak <koobs_at_FreeBSD.org> wrote:

> On 12/09/2021 11:17 pm, LuMiWa via python wrote:
> > Hi!
> > 
> > I start using latest binary packages and my questuions if is better
> > to use ports for some port in this case for Pythong because ports
> > as I know I faster update for vulnerabilities.
> > 
> >   pkg audit -F
> > vulnxml file up-to-date
> > python38-3.8.11 is vulnerable:
> >    Python -- multiple vulnerabilities
> >    WWW:
> >    https://vuxml.FreeBSD.org/freebsd/145ce848-1165-11ec-ac7e-08002789875b.html
> > 
> > Thank you.
> > 
> 
> All Python language ports (lang/python*) bugfix and security updates 
> should be committed to head and then merged to quarterly as part of
> the same task as a matter of course.
> 
> The python38 update is being tracked here:
> 
>    https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=258195
> 
> Once committed/merged, the availability of updates packages is 
> contingent on the package building infrastructure, which can take up
> to a few days to complete on average, if there are no other issues.
> 
> ./koobs

Thank you very much...I am new in the binaries world :)

"Those who can make you believe absurdities can make you commit
atrocities.”

Voltaire
Received on Tue Sep 14 2021 - 07:31:21 UTC

Original text of this message