According to upstream new python3 3.8.15 fixes security issues: Security content in this release - CVE-2022-40674: bundled libexpat was upgraded from 2.4.7 to 2.4.9 which fixes a heap use-after-free vulnerability in function doContent - gh-97616: a fix for a possible buffer overflow in list *= int - gh-97612: a fix for possible shell injection in the example script get-remote certificate.py (this issue originally had a CVE assigned to it, which its author withdrew) - gh-96577: a fix for a potential buffer overrun in msilib We don't use bundled libexpat.
Please test pkgs from mga8 core/updates_testing. SRPMS: python3-3.8.15-1.mga8 RPMS: python3-3.8.15-1.mga8 lib(64)python3.8-3.8.15-1.mga8 lib(64)python3.8-stdlib-3.8.15-1.mga8 lib(64)python3.8-testsuite-3.8.15-1.mga8 lib(64)python3-devel-3.8.15-1.mga8 python3-docs-3.8.15-1.mga8 tkinter3-3.8.15-1.mga8 tkinter3-apps-3.8.15-1.mga8
Assignee: jani.valimaa => qa-bugsURL: (none) => https://www.python.org/downloads/release/python-3815/
Please be on the lookout for bugs I file :o) *** This bug has been marked as a duplicate of bug 31000 ***
Resolution: (none) => DUPLICATEStatus: NEW => RESOLVED