https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=295200
--- Comment #2 from [email protected] --- A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=ecdfdb02e3cdae8b5d61d074175ee0424f90bd85 commit ecdfdb02e3cdae8b5d61d074175ee0424f90bd85 Author: Matthias Andree <[email protected]> AuthorDate: 2026-05-11 16:00:29 +0000 Commit: Daniel Engberg <[email protected]> CommitDate: 2026-05-16 19:09:40 +0000 lang/python314: Update to 3.14.5 This release swaps out the incremental garbage collector for the generational one used in 3.13 due to reports of memory pressure. Backport the post-release upstream fix for: Heap Buffer Overflow in pyexpat Character Data Buffering #148441 which is believed to be only triggered in rare circumstances. Changelog: https://www.python.org/downloads/release/python-3145/ PR: 295200 MFH: 2026Q2 lang/python314/Makefile | 2 +- lang/python314/Makefile.version | 2 +- lang/python314/distinfo | 6 +- ...ect-CR_LF-in-HTTP-tunnel-request-headers (gone) | 108 --------------------- ...ratic-regex-backtracking-in-configparser (gone) | 83 ---------------- ...substitution-bypass-of-dash-prefix-check (gone) | 66 ------------- ...148395-fix-possible-uaf-in-decompressors (gone) | 65 ------------- ...r-overflow-in-Expats-CharacterDataHandler (new) | 70 +++++++++++++ lang/python314/pkg-plist | 7 +- 9 files changed, 77 insertions(+), 332 deletions(-) -- You are receiving this mail because: You are on the CC list for the bug.
