https://www.python.org/downloads/release/python-3107/
* gh-95778: Converting between int and str in bases other than 2 (binary), 4, 8 (octal), 16 (hexadecimal), or 32 such as base 10 (decimal) now raises a ValueError if the number of digits in string form is above a limit to avoid potential denial of service attacks due to the algorithmic complexity. This is a mitigation for CVE-2020-10735. This new limit can be configured or disabled by environment variable, command line flag, or sys APIs. See the integer string conversion length limitation documentation. The default limit is 4300 digits in string form. Patch by Gregory P. Smith [Google] and Christian Heimes [Red Hat] with feedback from Victor Stinner, Thomas Wouters, Steve Dower, Ned Deily, and Mark Dickinson. ok? (Probably also should be backports to 7.1) --Kurt Index: Makefile =================================================================== RCS file: /cvs/ports/lang/python/3.10/Makefile,v retrieving revision 1.20 diff -u -p -r1.20 Makefile --- Makefile 2 Sep 2022 16:53:49 -0000 1.20 +++ Makefile 7 Sep 2022 20:24:08 -0000 @@ -3,11 +3,9 @@ # requirement of the PSF license, if it constitutes a change to # Python itself. -FULL_VERSION = 3.10.6 +FULL_VERSION = 3.10.7 SHARED_LIBS = python3.10 0.0 VERSION_SPEC = >=3.10,<3.11 PORTROACH = limit:^3\.10 - -REVISION = 1 .include <bsd.port.mk> Index: distinfo =================================================================== RCS file: /cvs/ports/lang/python/3.10/distinfo,v retrieving revision 1.5 diff -u -p -r1.5 distinfo --- distinfo 11 Aug 2022 14:01:18 -0000 1.5 +++ distinfo 7 Sep 2022 20:24:08 -0000 @@ -1,2 +1,2 @@ -SHA256 (Python-3.10.6.tgz) = hIywalyqhdpcRb16kiG7gh4z/CvcugiMEnxY+tROY0M= -SIZE (Python-3.10.6.tgz) = 25986768 +SHA256 (Python-3.10.7.tgz) = Gy5OLfaXxS02cxZml55ki+7aWUHQ+VdAqvv0Fj5cwSY= +SIZE (Python-3.10.7.tgz) = 26006589 Index: pkg/PLIST-main =================================================================== RCS file: /cvs/ports/lang/python/3.10/pkg/PLIST-main,v retrieving revision 1.10 diff -u -p -r1.10 PLIST-main --- pkg/PLIST-main 11 Aug 2022 14:01:18 -0000 1.10 +++ pkg/PLIST-main 7 Sep 2022 20:24:10 -0000 @@ -1848,7 +1848,7 @@ lib/python3.10/ensurepip/_bundled/__pyca lib/python3.10/ensurepip/_bundled/__pycache__/__init__.cpython-310.opt-1.pyc lib/python3.10/ensurepip/_bundled/__pycache__/__init__.cpython-310.opt-2.pyc lib/python3.10/ensurepip/_bundled/__pycache__/__init__.cpython-310.pyc -lib/python3.10/ensurepip/_bundled/pip-22.2.1-py3-none-any.whl +lib/python3.10/ensurepip/_bundled/pip-22.2.2-py3-none-any.whl lib/python3.10/ensurepip/_bundled/setuptools-63.2.0-py3-none-any.whl lib/python3.10/ensurepip/_uninstall.py lib/python3.10/enum.py @@ -2562,15 +2562,15 @@ lib/python3.10/site-packages/_distutils_ lib/python3.10/site-packages/_distutils_hack/override.py lib/python3.10/site-packages/distutils-precedence.pth lib/python3.10/site-packages/pip/ -lib/python3.10/site-packages/pip-22.2.1.dist-info/ -lib/python3.10/site-packages/pip-22.2.1.dist-info/INSTALLER -lib/python3.10/site-packages/pip-22.2.1.dist-info/LICENSE.txt -lib/python3.10/site-packages/pip-22.2.1.dist-info/METADATA -lib/python3.10/site-packages/pip-22.2.1.dist-info/RECORD -lib/python3.10/site-packages/pip-22.2.1.dist-info/REQUESTED -lib/python3.10/site-packages/pip-22.2.1.dist-info/WHEEL -lib/python3.10/site-packages/pip-22.2.1.dist-info/entry_points.txt -lib/python3.10/site-packages/pip-22.2.1.dist-info/top_level.txt +lib/python3.10/site-packages/pip-22.2.2.dist-info/ +lib/python3.10/site-packages/pip-22.2.2.dist-info/INSTALLER +lib/python3.10/site-packages/pip-22.2.2.dist-info/LICENSE.txt +lib/python3.10/site-packages/pip-22.2.2.dist-info/METADATA +lib/python3.10/site-packages/pip-22.2.2.dist-info/RECORD +lib/python3.10/site-packages/pip-22.2.2.dist-info/REQUESTED +lib/python3.10/site-packages/pip-22.2.2.dist-info/WHEEL +lib/python3.10/site-packages/pip-22.2.2.dist-info/entry_points.txt +lib/python3.10/site-packages/pip-22.2.2.dist-info/top_level.txt lib/python3.10/site-packages/pip/__init__.py lib/python3.10/site-packages/pip/__main__.py lib/python3.10/site-packages/pip/__pip-runner__.py
