FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Python -- multiple vulnerabilities

Affected packages
python37 < 3.7.15
python38 < 3.8.15
python39 < 3.9.15
python310 < 3.10.8

Details

VuXML ID d6d088c9-5064-11ed-bade-080027881239
Discovery 2022-09-29
Entry 2022-10-20

Python reports:

gh-97616: Fix multiplying a list by an integer (list *= int): detect the integer overflow when the new allocated length is close to the maximum size. Issue reported by Jordan Limor. Patch by Victor Stinner.

gh-97612: Fix a shell code injection vulnerability in the get-remote-certificate.py example script. The script no longer uses a shell to run openssl commands. Issue reported and initial fix by Caleb Shortt. Patch by Victor Stinner.

[source]

References

URL https://docs.python.org/release/3.9.15/whatsnew/changelog.html

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.