From nobody Wed Dec 17 19:52:41 2025
X-Original-To: python@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4dWkwy48fkz6LJ4Q;
	Wed, 17 Dec 2025 19:52:50 +0000 (UTC)
	(envelope-from tz@FreeBSD.org)
Received: from mail.xn--zhlsdorff-q9a.eu (mail.xn--zhlsdorff-q9a.eu [142.132.193.151])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mx1.freebsd.org (Postfix) with ESMTPS id 4dWkwx6Npfz4FHL;
	Wed, 17 Dec 2025 19:52:49 +0000 (UTC)
	(envelope-from tz@FreeBSD.org)
Authentication-Results: mx1.freebsd.org;
	dkim=none;
	dmarc=fail reason="No valid SPF, No valid DKIM" header.from=freebsd.org (policy=none);
	spf=softfail (mx1.freebsd.org: 142.132.193.151 is neither permitted nor denied by domain of tz@FreeBSD.org) smtp.mailfrom=tz@FreeBSD.org
Received: from [192.168.0.3] (ipservice-092-208-187-093.092.208.pools.vodafone-ip.de [92.208.187.93])
	(using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
	 key-exchange x25519 server-signature ECDSA (prime256v1) server-digest SHA256)
	(No client certificate requested)
	(Authenticated sender: freebsd@toco-domains.de)
	by mail.xn--zhlsdorff-q9a.eu (Postfix) with ESMTPSA id AADFE17ACF8;
	Wed, 17 Dec 2025 19:52:41 +0000 (UTC)
Message-ID: <8ad10df2-8c75-4b44-832e-edd25f957015@FreeBSD.org>
Date: Wed, 17 Dec 2025 20:52:41 +0100
List-Id: FreeBSD-specific Python issues <freebsd-python.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-python
List-Help: <mailto:python+help@freebsd.org>
List-Post: <mailto:python@freebsd.org>
List-Subscribe: <mailto:python+subscribe@freebsd.org>
List-Unsubscribe: <mailto:python+unsubscribe@freebsd.org>
X-BeenThere: freebsd-python@freebsd.org
Sender: owner-freebsd-python@FreeBSD.org
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Content-Language: en-US
To: python@FreeBSD.org
From: Torsten Zuehlsdorff <tz@FreeBSD.org>
Subject: [ports-sec] Merging Python Update into 2025Q4?
Cc: FreeBSD Ports secteam <ports-secteam@freebsd.org>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Spam-Score: -0.10
X-Rspamd-Action: no action
X-Spam-Status: No, score=-0.10
X-Rspamd-Server: mail.xn--zhlsdorff-q9a.eu
X-Rspamd-Pre-Result: action=no action;
	module=multimap;
	Matched map: WHITELIST_SENDER_DOMAIN
X-Spamd-Bar: -
X-Spamd-Result: default: False [-1.99 / 15.00];
	SUBJECT_ENDS_QUESTION(1.00)[];
	NEURAL_HAM_LONG(-1.00)[-1.000];
	NEURAL_HAM_MEDIUM(-1.00)[-1.000];
	NEURAL_HAM_SHORT(-0.99)[-0.994];
	DMARC_POLICY_SOFTFAIL(0.10)[freebsd.org : No valid SPF, No valid DKIM,none];
	MIME_GOOD(-0.10)[text/plain];
	RCVD_VIA_SMTP_AUTH(0.00)[];
	ARC_NA(0.00)[];
	MIME_TRACE(0.00)[0:+];
	FREEFALL_USER(0.00)[tz];
	TO_DN_SOME(0.00)[];
	RCPT_COUNT_TWO(0.00)[2];
	R_DKIM_NA(0.00)[];
	RCVD_COUNT_ONE(0.00)[1];
	FROM_EQ_ENVFROM(0.00)[];
	FROM_HAS_DN(0.00)[];
	MID_RHS_MATCH_FROM(0.00)[];
	R_SPF_SOFTFAIL(0.00)[~all:c];
	MLMMJ_DEST(0.00)[ports-secteam@freebsd.org,python@FreeBSD.org];
	TO_MATCH_ENVRCPT_ALL(0.00)[];
	RCVD_TLS_ALL(0.00)[]
X-Rspamd-Queue-Id: 4dWkwx6Npfz4FHL

Aloha Python-Team,

i just noticed in my monitoring, that pkg audit complains about a 
security issue with Python 3.11.13.

Version 3.11.14 is already in main, but not merged in quarterly yet.

Is there any objection to merge it so we can roll out the fixed version?

[I did not check the other Python Versions]

Best,
Torsten