Python upgrade to address vulnerability?

Ruslan Mahmatkhanov cvs-src at yandex.ru
Wed Feb 15 10:34:45 UTC 2012


wen heping wrote on 15.02.2012 14:16:
> 2012/2/15 Ruslan Mahmatkhanov<cvs-src at yandex.ru>
>
>> Doug Barton wrote on 15.02.2012 02:20:
>>
>>> So apparently we have a python vulnerability according to
>>> http://portaudit.FreeBSD.org/**b4f8be9e-56b2-11e1-9fb7-**
>>> 003067b2972c.html<http://portaudit.FreeBSD.org/b4f8be9e-56b2-11e1-9fb7-003067b2972c.html>
>>> ,
>>> but I'm not seeing an upgrade to address it yet. Any idea when that will
>>> happen?
>>>
>>>
>>> Thanks,
>>>
>>> Doug
>>>
>>>
>> Patch is there:
>> http://people.freebsd.org/~rm/**python-CVE-2012-0845.diff.txt<http://people.freebsd.org/~rm/python-CVE-2012-0845.diff.txt>
>
>
> Had this patch been committed into upstream? When I found it , it was in
> review state.
>
> And CVE-2012-0845 too.
>
> wen

Yes, it is not yet committed, but comments looks promisingly :). And i 
can't reproduce this bug after patching, using procedure described in 
bug report.

-- 
Regards,
Ruslan

Tinderboxing kills... the drives.


More information about the freebsd-ports mailing list