[Bug 294246] lang/python311: Missing security update

bugzilla-noreply Sat, 04 Apr 2026 07:54:27 -0700

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=294246


            Bug ID: 294246
           Summary: lang/python311: Missing security update
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: Individual Port(s)
          Assignee: [email protected]
          Reporter: [email protected]
             Flags: maintainer-feedback?([email protected])
          Assignee: [email protected]

python311-3.11.15 is vulnerable:
  Python -- poplib module, when passed a user-controlled command, can have
additional commands injected using newlines
  CVE: CVE-2025-15367
  WWW:
https://vuxml.FreeBSD.org/freebsd/6d3488ae-2e0f-11f1-88c7-00a098b42aeb.html

  Python -- imaplib module, when passed a user-controlled command, can have
additional commands injected using newlines
  CVE: CVE-2025-15366
  WWW:
https://vuxml.FreeBSD.org/freebsd/0be929a5-2e0f-11f1-88c7-00a098b42aeb.html

  Python -- The webbrowser.open() API allows leading dashes
  CVE: CVE-2026-4519
  WWW:
https://vuxml.FreeBSD.org/freebsd/9fdad262-2e0f-11f1-88c7-00a098b42aeb.html

-- 
You are receiving this mail because:
You are the assignee for the bug.

[Bug 294246] lang/python311: Missing security update

Reply via email to