Date: Sat, 16 May 2026 19:14:27 +0000 From: bugzilla-noreply@freebsd.org To: python@FreeBSD.org Subject: [Bug 295200] lang/python314: Update to 3.14.5 Message-ID: <bug-295200-21822-CMqeRNrbcE@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-295200-21822@https.bugs.freebsd.org/bugzilla/>
index | next in thread | previous in thread | raw e-mail
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=295200 --- Comment #2 from commit-hook@FreeBSD.org --- A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=ecdfdb02e3cdae8b5d61d074175ee0424f90bd85 commit ecdfdb02e3cdae8b5d61d074175ee0424f90bd85 Author: Matthias Andree <mandree@FreeBSD.org> AuthorDate: 2026-05-11 16:00:29 +0000 Commit: Daniel Engberg <diizzy@FreeBSD.org> CommitDate: 2026-05-16 19:09:40 +0000 lang/python314: Update to 3.14.5 This release swaps out the incremental garbage collector for the generational one used in 3.13 due to reports of memory pressure. Backport the post-release upstream fix for: Heap Buffer Overflow in pyexpat Character Data Buffering #148441 which is believed to be only triggered in rare circumstances. Changelog: https://www.python.org/downloads/release/python-3145/ PR: 295200 MFH: 2026Q2 lang/python314/Makefile | 2 +- lang/python314/Makefile.version | 2 +- lang/python314/distinfo | 6 +- ...ect-CR_LF-in-HTTP-tunnel-request-headers (gone) | 108 --------------------- ...ratic-regex-backtracking-in-configparser (gone) | 83 ---------------- ...substitution-bypass-of-dash-prefix-check (gone) | 66 ------------- ...148395-fix-possible-uaf-in-decompressors (gone) | 65 ------------- ...r-overflow-in-Expats-CharacterDataHandler (new) | 70 +++++++++++++ lang/python314/pkg-plist | 7 +- 9 files changed, 77 insertions(+), 332 deletions(-) -- You are receiving this mail because: You are on the CC list for the bug.home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-295200-21822-CMqeRNrbcE>