CVSROOT: /cvs
Module name: ports
Changes by: [email protected] 2026/03/18 05:14:47
Modified files:
lang/python/3 : Makefile distinfo
lang/python/3/files: CHANGES.OpenBSD
lang/python/3/patches: patch-Modules_pyexpat_c
lang/python/3/pkg: PLIST-main PLIST-tests
Added files:
lang/python/3/patches: patch-Lib_http_cookies_py
patch-Lib_test_test_http_cookies_py
patch-Lib_test_test_pyexpat_py
Log message:
update to python-3.13.12 and patch for recent security fixes. ok tb@ kmos@
https://mail.python.org/archives/list/[email protected]/thread/H6CADMBCDRFGWCMOXWUIHFJNV43GABJ7/
Reject control characters in 'http.cookies.Morsel.update' (CVE-2026-3644)
https://mail.python.org/archives/list/[email protected]/thread/5M7CGUW3XBRY7II4DK43KF7NQQ3TPZ6R/
Fix C stack overflow (CVE-2026-4224) when an Expat parser with a registered
'ElementDeclHandler' parses inline DTD containing deeply nested content model.
