Date: Fri, 12 Dec 2025 13:38:57 +0000 From: Polarian <polarian@polarian.dev> To: freebsd-security@freebsd.org Subject: Re: lang/python311 vulnerable, or not Message-ID: <20251212133857.0ea26899@Hydrogen> In-Reply-To: <CAO82ECHCkRgPi2vpqz4B-%2B58JMMtLF1aHaKQZwDGqfPT7SZLJQ@mail.gmail.com>
index | next in thread | previous in thread | raw e-mail
Hey, > Does this means py311 will not be fixed? No, it will be fixed. Python is usually slow to be updated as new updates require rebuilding of all the python ports (iirc). You can see the update to 3.12 [1] which just highlights how annoying python is to port. On the bright side none of these security vulnerabilities are too bad, denial of service and inefficient algorithm. Obviously patching it is important, but the risk is much lower. If you want to see the kind of vulnerabilities you should be worried about, see [2]. RCEs, or CVEs which lead to RCEs are the scary ones :p Even more scary if they have been confirmed to be used in the wild, like [2]. Take care, -- Polarian Jabber/XMPP: polarian@icebound.dev [1] https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=285957 [2] https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=291575help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20251212133857.0ea26899>