Bugzilla Automation <[email protected]> has asked freebsd-python (Nobody) <[email protected]> for maintainer-feedback: Bug 294246: lang/python311: Missing security update https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=294246
--- Description --- python311-3.11.15 is vulnerable: Python -- poplib module, when passed a user-controlled command, can have additional commands injected using newlines CVE: CVE-2025-15367 WWW: https://vuxml.FreeBSD.org/freebsd/6d3488ae-2e0f-11f1-88c7-00a098b42aeb.html Python -- imaplib module, when passed a user-controlled command, can have additional commands injected using newlines CVE: CVE-2025-15366 WWW: https://vuxml.FreeBSD.org/freebsd/0be929a5-2e0f-11f1-88c7-00a098b42aeb.html Python -- The webbrowser.open() API allows leading dashes CVE: CVE-2026-4519 WWW: https://vuxml.FreeBSD.org/freebsd/9fdad262-2e0f-11f1-88c7-00a098b42aeb.html
