Date: Sat, 04 Apr 2026 14:09:44 +0000 From: bugzilla-noreply@freebsd.org To: python@FreeBSD.org Subject: [Bug 294246] lang/python311: Missing security update Message-ID: <bug-294246-21822@https.bugs.freebsd.org/bugzilla/>
index | next in thread | raw e-mail
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=294246 Bug ID: 294246 Summary: lang/python311: Missing security update Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: Individual Port(s) Assignee: python@FreeBSD.org Reporter: vladimir.boldin@yandex.ru Flags: maintainer-feedback?(python@FreeBSD.org) Assignee: python@FreeBSD.org python311-3.11.15 is vulnerable: Python -- poplib module, when passed a user-controlled command, can have additional commands injected using newlines CVE: CVE-2025-15367 WWW: https://vuxml.FreeBSD.org/freebsd/6d3488ae-2e0f-11f1-88c7-00a098b42aeb.html Python -- imaplib module, when passed a user-controlled command, can have additional commands injected using newlines CVE: CVE-2025-15366 WWW: https://vuxml.FreeBSD.org/freebsd/0be929a5-2e0f-11f1-88c7-00a098b42aeb.html Python -- The webbrowser.open() API allows leading dashes CVE: CVE-2026-4519 WWW: https://vuxml.FreeBSD.org/freebsd/9fdad262-2e0f-11f1-88c7-00a098b42aeb.html -- You are receiving this mail because: You are the assignee for the bug.home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-294246-21822>