Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 26 Jan 2026 04:53:02 +0000
From:      Charlie Li <vishwin@FreeBSD.org>
To:        ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org
Subject:   git: cfbc3c7b9000 - main - security/vuxml: update/simplify Python vulnerability version ranges
Message-ID:  <6976f32e.385a2.571d8d6d@gitrepo.freebsd.org>
index | next in thread | raw e-mail 

The branch main has been updated by vishwin:

URL: https://cgit.FreeBSD.org/ports/commit/?id=cfbc3c7b9000a58bf0dd99b109b2e638b8a9add5

commit cfbc3c7b9000a58bf0dd99b109b2e638b8a9add5
Author:     Charlie Li <vishwin@FreeBSD.org>
AuthorDate: 2026-01-26 04:50:28 +0000
Commit:     Charlie Li <vishwin@FreeBSD.org>
CommitDate: 2026-01-26 04:52:35 +0000

    security/vuxml: update/simplify Python vulnerability version ranges
    
    Event: Winter Field Day 2026
    PR: 291609
---
 security/vuxml/vuln/2025.xml | 13 ++++++-------
 1 file changed, 6 insertions(+), 7 deletions(-)

diff --git a/security/vuxml/vuln/2025.xml b/security/vuxml/vuln/2025.xml
index c0f2604268bf..a6743661c5e4 100644
--- a/security/vuxml/vuln/2025.xml
+++ b/security/vuxml/vuln/2025.xml
@@ -1090,30 +1090,29 @@
   <vuln vid="613d0f9e-d477-11f0-9e85-03ddfea11990">
     <topic>python -- several vulnerabilities</topic>
     <affects>
-      <!-- someone please research the 3.10/3.11/3.12 vulnerable/fixed ranges and update this entry -->
       <package>
 	<name>python39</name>
 	<range><ge>0</ge></range>
       </package>
       <package>
 	<name>python310</name>
-	<range><ge>0</ge></range>
+	<range><lt>3.10.19_1</lt></range>
       </package>
       <package>
 	<name>python311</name>
-	<range><ge>0</ge></range>
+	<range><lt>3.11.14_1</lt></range>
       </package>
       <package>
 	<name>python312</name>
-	<range><ge>3.12.0</ge><lt>3.12.12_3</lt></range>
+	<range><lt>3.12.12_3</lt></range>
       </package>
       <package>
 	<name>python313</name>
-	<range><ge>3.13.0</ge><lt>3.13.11</lt></range>
+	<range><lt>3.13.11</lt></range>
       </package>
       <package>
 	<name>python314</name>
-	<range><ge>3.14.0</ge><lt>3.14.2</lt></range>
+	<range><lt>3.14.2</lt></range>
       </package>
     </affects>
     <description>
@@ -1141,7 +1140,7 @@
     <dates>
       <discovery>2024-05-23</discovery>
       <entry>2025-12-08</entry>
-      <modified>2026-01-03</modified>
+      <modified>2026-01-25</modified>
     </dates>
   </vuln>
home | help

Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6976f32e.385a2.571d8d6d>