[Bug 295200] lang/python314: Update to 3.14.5
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sat, 16 May 2026 19:14:27 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=295200
--- Comment #2 from commit-hook@FreeBSD.org ---
A commit in branch main references this bug:
URL:
https://cgit.FreeBSD.org/ports/commit/?id=ecdfdb02e3cdae8b5d61d074175ee0424f90bd85
commit ecdfdb02e3cdae8b5d61d074175ee0424f90bd85
Author: Matthias Andree <mandree@FreeBSD.org>
AuthorDate: 2026-05-11 16:00:29 +0000
Commit: Daniel Engberg <diizzy@FreeBSD.org>
CommitDate: 2026-05-16 19:09:40 +0000
lang/python314: Update to 3.14.5
This release swaps out the incremental garbage collector for the
generational one used in 3.13 due to reports of memory pressure.
Backport the post-release upstream fix for:
Heap Buffer Overflow in pyexpat Character Data Buffering #148441
which is believed to be only triggered in rare circumstances.
Changelog: https://www.python.org/downloads/release/python-3145/
PR: 295200
MFH: 2026Q2
lang/python314/Makefile | 2 +-
lang/python314/Makefile.version | 2 +-
lang/python314/distinfo | 6 +-
...ect-CR_LF-in-HTTP-tunnel-request-headers (gone) | 108 ---------------------
...ratic-regex-backtracking-in-configparser (gone) | 83 ----------------
...substitution-bypass-of-dash-prefix-check (gone) | 66 -------------
...148395-fix-possible-uaf-in-decompressors (gone) | 65 -------------
...r-overflow-in-Expats-CharacterDataHandler (new) | 70 +++++++++++++
lang/python314/pkg-plist | 7 +-
9 files changed, 77 insertions(+), 332 deletions(-)
--
You are receiving this mail because:
You are on the CC list for the bug.