https://www.python.org/downloads/release/python-3914/

* CVE-2020-10735: converting between int and str in bases other than
2 (binary), 4, 8 (octal), 16 (hexadecimal), or 32 such as base 10
(decimal) now raises a ValueError if the number of digits in string form
is above a limit to avoid potential denial of service attacks due to the
algorithmic complexity.

* gh-87389: http.server: Fix an open redirection vulnerability in the
HTTP server when an URI path starts with //.

* gh-93065: Fix contextvars HAMT implementation to handle iteration over
deep trees to avoid a potential crash of the interpreter.

* gh-90355: Fix ensurepip environment isolation for the subprocess
running pip.

ok?

(Should probably backport to 7.1 also...)

--Kurt

Index: Makefile
===================================================================
RCS file: /cvs/ports/lang/python/3.9/Makefile,v
retrieving revision 1.30
diff -u -p -r1.30 Makefile
--- Makefile    29 Aug 2022 12:23:42 -0000      1.30
+++ Makefile    7 Sep 2022 19:46:00 -0000
@@ -3,12 +3,10 @@
 # requirement of the PSF license, if it constitutes a change to
 # Python itself.
 
-FULL_VERSION =         3.9.13
+FULL_VERSION =         3.9.14
 SHARED_LIBS =          python3.9 0.0
 VERSION_SPEC =         >=3.9,<3.10
 PORTROACH =            limit:^3\.9
-
-REVISION =             3
 
 # This is the MODPY_DEFAULT_VERSION_3 version of Python:
 # - override "@comment" setting so that bin/python3 etc are installed
Index: distinfo
===================================================================
RCS file: /cvs/ports/lang/python/3.9/distinfo,v
retrieving revision 1.10
diff -u -p -r1.10 distinfo
--- distinfo    26 May 2022 16:28:19 -0000      1.10
+++ distinfo    7 Sep 2022 19:46:00 -0000
@@ -1,2 +1,2 @@
-SHA256 (Python-3.9.13.tgz) = gpsNJgcqRGiaawgQ9bSjkz7ioLikv8mdfFiT/9T5fEQ=
-SIZE (Python-3.9.13.tgz) = 26355887
+SHA256 (Python-3.9.14.tgz) = kgGDbiwWNhsrdAhoBQI5NzfUTyJzM/4uVynH1fYEFnU=
+SIZE (Python-3.9.14.tgz) = 26365055
Index: pkg/PLIST-main
===================================================================
RCS file: /cvs/ports/lang/python/3.9/pkg/PLIST-main,v
retrieving revision 1.19
diff -u -p -r1.19 PLIST-main
--- pkg/PLIST-main      11 Aug 2022 02:15:02 -0000      1.19
+++ pkg/PLIST-main      7 Sep 2022 19:46:01 -0000
@@ -101,6 +101,7 @@ include/python3.9/internal/pycore_hashta
 include/python3.9/internal/pycore_import.h
 include/python3.9/internal/pycore_initconfig.h
 include/python3.9/internal/pycore_interp.h
+include/python3.9/internal/pycore_long.h
 include/python3.9/internal/pycore_object.h
 include/python3.9/internal/pycore_pathconfig.h
 include/python3.9/internal/pycore_pyerrors.h

Reply via email to