https://www.python.org/downloads/release/python-3914/
* CVE-2020-10735: converting between int and str in bases other than 2 (binary), 4, 8 (octal), 16 (hexadecimal), or 32 such as base 10 (decimal) now raises a ValueError if the number of digits in string form is above a limit to avoid potential denial of service attacks due to the algorithmic complexity. * gh-87389: http.server: Fix an open redirection vulnerability in the HTTP server when an URI path starts with //. * gh-93065: Fix contextvars HAMT implementation to handle iteration over deep trees to avoid a potential crash of the interpreter. * gh-90355: Fix ensurepip environment isolation for the subprocess running pip. ok? (Should probably backport to 7.1 also...) --Kurt Index: Makefile =================================================================== RCS file: /cvs/ports/lang/python/3.9/Makefile,v retrieving revision 1.30 diff -u -p -r1.30 Makefile --- Makefile 29 Aug 2022 12:23:42 -0000 1.30 +++ Makefile 7 Sep 2022 19:46:00 -0000 @@ -3,12 +3,10 @@ # requirement of the PSF license, if it constitutes a change to # Python itself. -FULL_VERSION = 3.9.13 +FULL_VERSION = 3.9.14 SHARED_LIBS = python3.9 0.0 VERSION_SPEC = >=3.9,<3.10 PORTROACH = limit:^3\.9 - -REVISION = 3 # This is the MODPY_DEFAULT_VERSION_3 version of Python: # - override "@comment" setting so that bin/python3 etc are installed Index: distinfo =================================================================== RCS file: /cvs/ports/lang/python/3.9/distinfo,v retrieving revision 1.10 diff -u -p -r1.10 distinfo --- distinfo 26 May 2022 16:28:19 -0000 1.10 +++ distinfo 7 Sep 2022 19:46:00 -0000 @@ -1,2 +1,2 @@ -SHA256 (Python-3.9.13.tgz) = gpsNJgcqRGiaawgQ9bSjkz7ioLikv8mdfFiT/9T5fEQ= -SIZE (Python-3.9.13.tgz) = 26355887 +SHA256 (Python-3.9.14.tgz) = kgGDbiwWNhsrdAhoBQI5NzfUTyJzM/4uVynH1fYEFnU= +SIZE (Python-3.9.14.tgz) = 26365055 Index: pkg/PLIST-main =================================================================== RCS file: /cvs/ports/lang/python/3.9/pkg/PLIST-main,v retrieving revision 1.19 diff -u -p -r1.19 PLIST-main --- pkg/PLIST-main 11 Aug 2022 02:15:02 -0000 1.19 +++ pkg/PLIST-main 7 Sep 2022 19:46:01 -0000 @@ -101,6 +101,7 @@ include/python3.9/internal/pycore_hashta include/python3.9/internal/pycore_import.h include/python3.9/internal/pycore_initconfig.h include/python3.9/internal/pycore_interp.h +include/python3.9/internal/pycore_long.h include/python3.9/internal/pycore_object.h include/python3.9/internal/pycore_pathconfig.h include/python3.9/internal/pycore_pyerrors.h
