mirror of
https://git.FreeBSD.org/ports.git
synced 2024-12-23 04:23:08 +00:00
- Document python37 multiple vulnerabilities.
This commit is contained in:
parent
706b7aece6
commit
db1dd6d8da
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=514783
@ -58,6 +58,41 @@ Notes:
|
||||
* Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
|
||||
-->
|
||||
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
|
||||
<vuln vid="9b7491fb-f253-11e9-a50c-000c29c4dc65">
|
||||
<topic>python 3.7 -- multiple vulnerabilities</topic>
|
||||
<affects>
|
||||
<package>
|
||||
<name>python37</name>
|
||||
<range><lt>3.7.5</lt></range>
|
||||
</package>
|
||||
</affects>
|
||||
<description>
|
||||
<body xmlns="http://www.w3.org/1999/xhtml">
|
||||
<p>Python changelog:</p>
|
||||
<blockquote cite="https://docs.python.org/3.7/whatsnew/changelog.html#python-3-7-5-final">
|
||||
<p>bpo-38243: Escape the server title of xmlrpc.server.DocXMLRPCServer when rendering
|
||||
the document page as HTML.</p>
|
||||
<p>bpo-38174: Update vendorized expat library version to 2.2.8, which resolves
|
||||
CVE-2019-15903.</p>
|
||||
<p>bpo-37764: Fixes email._header_value_parser.get_unstructured going into an infinite
|
||||
loop for a specific case in which the email header does not have trailing whitespace,
|
||||
and the case in which it contains an invalid encoded word.</p>
|
||||
<p>bpo-37461: Fix an infinite loop when parsing specially crafted email headers.</p>
|
||||
<p>bpo-34155: Fix parsing of invalid email addresses with more than one @
|
||||
(e.g. a@b@c.com.) to not return the part before 2nd @ as valid email address.</p>
|
||||
</blockquote>
|
||||
</body>
|
||||
</description>
|
||||
<references>
|
||||
<url>https://docs.python.org/3.7/whatsnew/changelog.html#python-3-7-5-final</url>
|
||||
<cvename>CVE-2019-15903</cvename>
|
||||
</references>
|
||||
<dates>
|
||||
<discovery>2019-09-14</discovery>
|
||||
<entry>2019-10-19</entry>
|
||||
</dates>
|
||||
</vuln>
|
||||
|
||||
<vuln vid="998ca824-ef55-11e9-b81f-3085a9a95629">
|
||||
<topic>Pillow -- Allocation of resources without limits or throttling</topic>
|
||||
<affects>
|
||||
|
Loading…
Reference in New Issue
Block a user