python36 is not updated to 3.6.11 while it is vulnerable.
Are you planning to update it?
set + for MFH as a part of ports-secteam
3.6.11 hasn't yet been released. Please see: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=246984
A commit references this bug:
Date: Sat Jun 13 14:08:04 UTC 2020
New revision: 538674
security/vuxml: Update CVE-2019-18348 and CVE-2020-8492 entries
Python 3.6 and 3.7 are not vulnerable in the ports tree anymore.
Change range for python35 to <le>, suggested by swills.
PR: 246984, 246738
Python 3.6 has been updated to 3.6.10 with security fixes that will be present on the 3.6.11 version. Vuxml alert was cleared.
And closing this as we don't have Python 3.6.11 yet.