Subject: CVS commit: pkgsrc/lang
From: Adam Ciarcinski
Date: 2023-08-25 10:26:49
Message id: 20230825082649.B6AC3FBDB@cvs.NetBSD.org

Log Message:
python310 py310-html-docs: updated to 3.10.13

Python 3.10.13

Security

gh-108310: Fixed an issue where instances of ssl.SSLSocket were vulnerable to a \ 
bypass of the TLS handshake and included protections (like certificate \ 
verification) and treating sent unencrypted data as if it were post-handshake \ 
TLS encrypted data. Security issue reported as CVE-2023-40217 by Aapo Oksman. \ 
Patch by Gregory P. Smith.

Library

gh-107845: tarfile.data_filter() now takes the location of symlinks into account \ 
when determining their target, so it will no longer reject some valid tarballs \ 
with LinkOutsideDestinationError.

Tools/Demos

gh-107565: Update multissltests and GitHub CI workflows to use OpenSSL 1.1.1v, \ 
3.0.10, and 3.1.2.

C API

gh-99612: Fix PyUnicode_DecodeUTF8Stateful() for ASCII-only data: *consumed was \ 
not set.

Files:
RevisionActionfile
1.14modifypkgsrc/lang/py310-html-docs/Makefile
1.16modifypkgsrc/lang/py310-html-docs/distinfo
1.14modifypkgsrc/lang/python310/dist.mk
1.25modifypkgsrc/lang/python310/distinfo