Opened 4 months ago
Closed 3 months ago
#5727 closed enhancement (fixed)
Bring over the Python security fixes patch from BLFS.
Reported by: | Douglas R. Reno | Owned by: | lfs-book |
---|---|---|---|
Priority: | high | Milestone: | 12.4 |
Component: | Book | Version: | git |
Severity: | normal | Keywords: | |
Cc: |
Description
This will fix the following vulnerability:
"[CVE-2025-4516] Use-after-free crash using bytes.decode("unicode_escape", error="ignore|replace")"
Details can be found at https://mail.python.org/archives/list/security-announce@python.org/thread/L75IPBBTSCYEF56I2M4KIW353BB3AY74/
SA-12.3-018 has been prefiled for this issue as it's fixed in BLFS as of earlier today. This should be safe to put in with the June 1st update.
Note:
See TracTickets
for help on using tickets.
Fixed in trunk from the gcc15 branch.