[Bug 294246] lang/python3: Missing security update

In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 294246] lang/python311: Missing security update"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Thu, 09 Apr 2026 19:12:51 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=294246

--- Comment #11 from Vladimir Boldin <vladimir.boldin@yandex.ru> ---
New update also vulenrable

python311-3.11.15_2 is vulnerable:

  Python -- poplib module, when passed a user-controlled command, can have
additional commands injected using newlines
  CVE: CVE-2025-15367
  WWW:
https://vuxml.FreeBSD.org/freebsd/6d3488ae-2e0f-11f1-88c7-00a098b42aeb.html

  Python -- imaplib module, when passed a user-controlled command, can have
additional commands injected using newlines
  CVE: CVE-2025-15366
  WWW:
https://vuxml.FreeBSD.org/freebsd/0be929a5-2e0f-11f1-88c7-00a098b42aeb.html

-- 
You are receiving this mail because:
You are the assignee for the bug.