https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=295200
--- Comment #7 from [email protected] --- A commit in branch 2026Q2 references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=7bec71c4243bdec53bb63a38d561ad41b89e09de commit 7bec71c4243bdec53bb63a38d561ad41b89e09de Author: Matthias Andree <[email protected]> AuthorDate: 2026-05-11 16:00:29 +0000 Commit: Charlie Li <[email protected]> CommitDate: 2026-06-12 05:53:18 +0000 lang/python314: Update to 3.14.5 This release swaps out the incremental garbage collector for the generational one used in 3.13 due to reports of memory pressure. Backport the post-release upstream fix for: Heap Buffer Overflow in pyexpat Character Data Buffering #148441 which is believed to be only triggered in rare circumstances. Changelog: https://www.python.org/downloads/release/python-3145/ PR: 295200 MFH: 2026Q2 (cherry picked from commit ecdfdb02e3cdae8b5d61d074175ee0424f90bd85) lang/python314/Makefile | 2 +- lang/python314/Makefile.version | 2 +- lang/python314/distinfo | 6 +- ...ect-CR_LF-in-HTTP-tunnel-request-headers (gone) | 108 --------------------- ...ratic-regex-backtracking-in-configparser (gone) | 83 ---------------- ...substitution-bypass-of-dash-prefix-check (gone) | 66 ------------- ...148395-fix-possible-uaf-in-decompressors (gone) | 65 ------------- ...r-overflow-in-Expats-CharacterDataHandler (new) | 70 +++++++++++++ lang/python314/pkg-plist | 7 +- 9 files changed, 77 insertions(+), 332 deletions(-) -- You are receiving this mail because: You are on the CC list for the bug.
