notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)
non port: lang/python33/files/patch-CVE-2014-1912
SVNWeb

Number of commits found: 2

Tue, 4 Mar 2014
[ 12:38 koobs ] Original commit   Revision:347015
347015 Mk/bsd.python.mk
347015 lang/python-doc-html/distinfo
347015 lang/python33/Makefile
347015 lang/python33/distinfo
347015 lang/python33/files/patch-CVE-2014-1912
347015 lang/python33/files/patch-Modules-fcntlmodule.c
347015 lang/python33/files/patch-Modules__fcntlmodule.c
347015 lang/python33/files/patch-issue-20695-Lib__test__test_urllibnet.py
347015 lang/python33/files/patch-issue20374
347015 lang/python33/pkg-plist
lang/python33: Update to 3.3.4

- Update to 3.3.4
- Update pkg-plist
- Remove patch-CVE-2014-1912 (upstream)
- Remove patch-issue20374 (upstream)
- Repatch and rename patch-Modules__fcntlmodule.c
- Add patch-issue-20695-Lib__test__test_urllibnet.py (tests) [1]
- Add regression-test target for QA

Changes: 3.3.4 - 09/02/2014

    http://docs.python.org/3.3/whatsnew/changelog.html#python-3-3-4

Extra:

- Update python-doc-html distinfo for Python 3.3 docs
- Update bsd.python.mk to support the new version

[1] http://bugs.python.org/issue20695
Sat, 1 Mar 2014
[ 10:52 koobs ] Original commit   Revision:346614
346614 lang/python27/Makefile
346614 lang/python27/files/patch-CVE-2014-1912
346614 lang/python31/Makefile
346614 lang/python31/files/patch-CVE-2014-1912
346614 lang/python32/Makefile
346614 lang/python32/files/patch-CVE-2014-1912
346614 lang/python33/Makefile
346614 lang/python33/files/patch-CVE-2014-1912
lang/python*: Backport security fix for CVE-2014-1912

A vulnerability was reported [1] in Python's socket module, due to a
boundary error within the sock_recvfrom_into() function, which could be
exploited to cause a buffer overflow.

This could be used to crash a Python application that uses the
socket.recvfrom_info() function or, possibly, execute arbitrary code
with the permissions of the user running vulnerable Python code.

This vulnerable function, socket.recvfrom_into(), was introduced in
Python 2.5. Earlier versions are not affected by this flaw.  This is
fixed in upstream branches for version 2.7, 3.1, 3.2 and 3.3.

[1] http://bugs.python.org/issue20246

MFH:		2014Q1
Security:	8e5e6d42-a0fa-11e3-b09a-080027f2d077

Number of commits found: 2

Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, iXsystems, and RootBSD

This site
What is FreshPorts?
About the authors
Issues
FAQ
How big is it?
The latest upgrade!
Privacy
Forums
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
drm-current-kmod*Dec 04
drm-devel-kmod*Dec 04
drm-fbsd11.2-kmod*Dec 04
drm-fbsd12.0-kmod*Dec 04
py-django21Dec 03
py-django22Dec 03
gitlab-ceNov 28
py-matrix-synapseNov 28
gitlab-ceNov 27
webkit2-gtk3Nov 27
py-urllib3Nov 26
clamavNov 25
unboundNov 23
asterisk13Nov 22
asterisk13Nov 22

13 vulnerabilities affecting 78 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities

Last updated:
2019-12-06 20:23:44


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds

Statistics
Graphs
NEW Graphs (Javascript)
Traffic

Calculated hourly:
Port count 38196
Broken 743
Deprecated 106
Ignore 1012
Forbidden 3
Restricted 155
No CDROM 72
Vulnerable 26
Expired 6
Set to expire 75
Interactive 0
new 24 hours 6
new 48 hours10
new 7 days29
new fortnight59
new month133

Servers and bandwidth provided by
New York Internet, iXsystems, and RootBSD
Valid HTML, CSS, and RSS.
Copyright © 2000-2019 Dan Langille. All rights reserved.