Content-Transfer-Encoding: 7bit
Content-Type: multipart/mixed; boundary="_----------=_1696946172107920"
MIME-Version: 1.0
Date: Tue, 10 Oct 2023 13:56:12 +0000
From: "Thomas Merkel" <tm@netbsd.org>
Subject: CVS commit: pkgsrc/doc
To: pkgsrc-changes@NetBSD.org
Approved: commit_and_comment
Reply-To: tm@netbsd.org
Message-Id: <20231010135612.0F1D4FADC@cvs.NetBSD.org>

This is a multi-part message in MIME format.

--_----------=_1696946172107920
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="US-ASCII"

Module Name:	pkgsrc
Committed By:	tm
Date:		Tue Oct 10 13:56:11 UTC 2023

Modified Files:
	pkgsrc/doc: pkg-vulnerabilities

Log Message:
doc: pkg-vulnerabilities +gradle, +grafana, +libde265, +libheif, +mbedtls, +memcached, +moodle, +pev, +redis, +samba4


To generate a diff of this commit:
cvs rdiff -u -r1.29 -r1.30 pkgsrc/doc/pkg-vulnerabilities

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


--_----------=_1696946172107920
Content-Disposition: inline
Content-Length: 2352
Content-Transfer-Encoding: binary
Content-Type: text/x-diff; charset=us-ascii

Modified files:

Index: pkgsrc/doc/pkg-vulnerabilities
diff -u pkgsrc/doc/pkg-vulnerabilities:1.29 pkgsrc/doc/pkg-vulnerabilities:1.30
--- pkgsrc/doc/pkg-vulnerabilities:1.29	Tue Oct 10 12:12:17 2023
+++ pkgsrc/doc/pkg-vulnerabilities	Tue Oct 10 13:56:11 2023
@@ -1,4 +1,4 @@
-# $NetBSD: pkg-vulnerabilities,v 1.29 2023/10/10 12:12:17 tm Exp $
+# $NetBSD: pkg-vulnerabilities,v 1.30 2023/10/10 13:56:11 tm Exp $
 #
 #FORMAT 1.0.0
 #
@@ -25553,3 +25553,22 @@ cmark-gfm<0.29.0.gfm.10	denial-of-servic
 cmark-gfm<0.29.0.gfm.10	denial-of-service	https://nvd.nist.gov/vuln/detail/CVE-2023-26485
 cmark-gfm<0.29.0.gfm.12	denial-of-service	https://nvd.nist.gov/vuln/detail/CVE-2023-37463
 syncthing<1.23.5	cross-site-scripting	https://nvd.nist.gov/vuln/detail/CVE-2022-46165
+memcached<1.6.8	denial-of-service	https://nvd.nist.gov/vuln/detail/CVE-2022-48571
+memcached>=1.6.0<1.6.3	denial-of-service	https://nvd.nist.gov/vuln/detail/CVE-2020-22570
+mbedtls<2.28.5	buffer-overflow	https://nvd.nist.gov/vuln/detail/CVE-2023-43615
+libheif<1.15.2	floating-point-exception	https://nvd.nist.gov/vuln/detail/CVE-2023-29659
+grafana<9.3.8	cross-site-scripting	https://nvd.nist.gov/vuln/detail/CVE-2023-0594
+grafana<9.3.8	cross-site-scripting	https://nvd.nist.gov/vuln/detail/CVE-2023-0507
+redis<7.0.9	denial-of-service	https://nvd.nist.gov/vuln/detail/CVE-2022-36021
+gradle>=6.2<6.9.4	verification-bypass	https://nvd.nist.gov/vuln/detail/CVE-2023-26053
+redis<7.0.9		integer-overflow	https://nvd.nist.gov/vuln/detail/CVE-2023-25155
+grafana<9.3.4	cross-site-scripting	https://nvd.nist.gov/vuln/detail/CVE-2023-22462
+libde265<1.0.10	out-of-bounds-write	https://nvd.nist.gov/vuln/detail/CVE-2022-47665
+moodle<3.11.1	cross-site-scripting	https://nvd.nist.gov/vuln/detail/CVE-2021-36398
+moodle<3.11.1	cross-site-scripting	https://nvd.nist.gov/vuln/detail/CVE-2021-36397
+moodle<3.11.1	cross-site-scripting	https://nvd.nist.gov/vuln/detail/CVE-2021-36396
+moodle<3.11.1	sql-injection	https://nvd.nist.gov/vuln/detail/CVE-2021-36393
+moodle<3.11.1	denial-of-service	https://nvd.nist.gov/vuln/detail/CVE-2021-36395
+moodle<3.11.1	cross-site-scripting	https://nvd.nist.gov/vuln/detail/CVE-2021-36403
+samba4<4.17.4	brute-force-attack	https://nvd.nist.gov/vuln/detail/CVE-2021-20251
+pev-[0-9]*	arbitrary-code-execution	https://nvd.nist.gov/vuln/detail/CVE-2021-45423


--_----------=_1696946172107920--