Date: Tue, 14 Sep 2021 03:31:21 -0400 From: LuMiWa via python <python@FreeBSD.org> To: Kubilay Kocak <koobs@FreeBSD.org> Cc: "python@FreeBSD.org" <python@FreeBSD.org>, Wen Heping <wen@FreeBSD.org> Subject: Re: python38-3.8.11 is vulnerable Message-ID: <20210914033121.6372e3a2@dismail.de> In-Reply-To: <97804325-5c6e-48a6-7e8d-82090734c359@FreeBSD.org> References: <20210912091711.6141a695@dismail.de> <97804325-5c6e-48a6-7e8d-82090734c359@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 14 Sep 2021 09:55:19 +1000 Kubilay Kocak <koobs@FreeBSD.org> wrote: > On 12/09/2021 11:17 pm, LuMiWa via python wrote: > > Hi! > >=20 > > I start using latest binary packages and my questuions if is better > > to use ports for some port in this case for Pythong because ports > > as I know I faster update for vulnerabilities. > >=20 > > pkg audit -F > > vulnxml file up-to-date > > python38-3.8.11 is vulnerable: > > Python -- multiple vulnerabilities > > WWW: > > https://vuxml.FreeBSD.org/freebsd/145ce848-1165-11ec-ac7e-0800278987= 5b.html > >=20 > > Thank you. > >=20 >=20 > All Python language ports (lang/python*) bugfix and security updates=20 > should be committed to head and then merged to quarterly as part of > the same task as a matter of course. >=20 > The python38 update is being tracked here: >=20 > https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D258195 >=20 > Once committed/merged, the availability of updates packages is=20 > contingent on the package building infrastructure, which can take up > to a few days to complete on average, if there are no other issues. >=20 > ./koobs Thank you very much...I am new in the binaries world :) "Those who can make you believe absurdities can make you commit atrocities.=E2=80=9D Voltaire
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20210914033121.6372e3a2>