Opened 4 months ago

Closed 3 months ago

#5727 closed enhancement (fixed)

Bring over the Python security fixes patch from BLFS.

Reported by: Douglas R. Reno Owned by: lfs-book
Priority: high Milestone: 12.4
Component: Book Version: git
Severity: normal Keywords:
Cc:

Description

This will fix the following vulnerability:

"[CVE-2025-4516] Use-after-free crash using bytes.decode("unicode_escape", error="ignore|replace")"

Details can be found at https://mail.python.org/archives/list/security-announce@python.org/thread/L75IPBBTSCYEF56I2M4KIW353BB3AY74/

SA-12.3-018 has been prefiled for this issue as it's fixed in BLFS as of earlier today. This should be safe to put in with the June 1st update.

Change History (1)

comment:1 by Bruce Dubbs, 3 months ago

Resolution: fixed
Status: newclosed

Fixed in trunk from the gcc15 branch.

Note: See TracTickets for help on using tickets.