CVSROOT: /cvs
Module name: ports
Changes by: [email protected] 2022/09/08 13:35:46
Modified files:
lang/python/3.9: Makefile distinfo
lang/python/3.9/pkg: PLIST-main
Log message:
https://www.python.org/downloads/release/python-3914/
* CVE-2020-10735: converting between int and str in bases other than
2 (binary), 4, 8 (octal), 16 (hexadecimal), or 32 such as base 10
(decimal) now raises a ValueError if the number of digits in string form
is above a limit to avoid potential denial of service attacks due to the
algorithmic complexity.
* gh-87389: http.server: Fix an open redirection vulnerability in the
HTTP server when an URI path starts with //.
* gh-93065: Fix contextvars HAMT implementation to handle iteration over
deep trees to avoid a potential crash of the interpreter.
* gh-90355: Fix ensurepip environment isolation for the subprocess
running pip.
ok sthen
