Subject: CVS commit: pkgsrc/lang
From: Adam Ciarcinski
Date: 2023-08-25 10:26:13
Message id: 20230825082613.E20F1FBDB@cvs.NetBSD.org

Log Message:
python39 py39-html-docs: updated to 3.9.18

Python 3.9.18

Security

gh-108310: Fixed an issue where instances of ssl.SSLSocket were vulnerable to a \ 
bypass of the TLS handshake and included protections (like certificate \ 
verification) and treating sent unencrypted data as if it were post-handshake \ 
TLS encrypted data. Security issue reported as CVE-2023-40217 by Aapo Oksman. \ 
Patch by Gregory P. Smith.

Library

gh-107845: tarfile.data_filter() now takes the location of symlinks into account \ 
when determining their target, so it will no longer reject some valid tarballs \ 
with LinkOutsideDestinationError.

Tools/Demos

gh-107565: Update multissltests and GitHub CI workflows to use OpenSSL 1.1.1v, \ 
3.0.10, and 3.1.2.

C API

gh-99612: Fix PyUnicode_DecodeUTF8Stateful() for ASCII-only data: *consumed was \ 
not set.

Files:
RevisionActionfile
1.19modifypkgsrc/lang/py39-html-docs/Makefile
1.21modifypkgsrc/lang/py39-html-docs/distinfo
1.19modifypkgsrc/lang/python39/dist.mk
1.35modifypkgsrc/lang/python39/distinfo