[Bug 287009] lang/python3*: CVE-2025-4516 (use-after-free issue with unicode-escape decoder related to error= handling)

Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Sun, 01 Jun 2025 18:26:19 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=287009

--- Comment #13 from commit-hook@FreeBSD.org ---
A commit in branch 2025Q2 references this bug:

URL:
https://cgit.FreeBSD.org/ports/commit/?id=7a1a2f8f2e3d6a41ebd7120f14c31e6a2dfba809

commit 7a1a2f8f2e3d6a41ebd7120f14c31e6a2dfba809
Author:     Charlie Li <vishwin@FreeBSD.org>
AuthorDate: 2025-05-29 04:36:01 +0000
Commit:     Charlie Li <vishwin@FreeBSD.org>
CommitDate: 2025-06-01 18:24:17 +0000

    lang/python311: pull in upstream commit addressing CVE-2025-4516

    Reference: https://github.com/python/cpython/pull/134341

    PR: 287009
    (cherry picked from commit 5e57ff8453ec6c1172fc575274cb5c466dd0bd30)

 lang/python311/Makefile | 4 ++++
 lang/python311/distinfo | 4 +++-
 2 files changed, 7 insertions(+), 1 deletion(-)

-- 
You are receiving this mail because:
You are the assignee for the bug.