Received: from localhost (localhost [127.0.0.1])
	by mail.netbsd.org (Postfix) with ESMTP id AA10284E74
	for <pkgsrc-changes@NetBSD.org>; Sat, 30 Dec 2023 12:04:22 +0000 (UTC)
X-Virus-Scanned: amavisd-new at netbsd.org
Received: from mail.netbsd.org ([127.0.0.1])
	by localhost (mail.netbsd.org [127.0.0.1]) (amavisd-new, port 10025)
	with ESMTP id s2oPo1e-wrhr for <pkgsrc-changes@netbsd.org>;
	Sat, 30 Dec 2023 12:04:22 +0000 (UTC)
Received: from cvs.NetBSD.org (ivanova.NetBSD.org [IPv6:2001:470:a085:999:28c:faff:fe03:5984])
	by mail.netbsd.org (Postfix) with ESMTP id 2487084D74
	for <pkgsrc-changes@NetBSD.org>; Sat, 30 Dec 2023 12:04:22 +0000 (UTC)
Received: by cvs.NetBSD.org (Postfix, from userid 500)
	id 1256BFA42; Sat, 30 Dec 2023 12:04:22 +0000 (UTC)
Content-Transfer-Encoding: 7bit
Content-Type: multipart/mixed; boundary="_----------=_1703937862293370"
MIME-Version: 1.0
Date: Sat, 30 Dec 2023 12:04:22 +0000
From: "Thomas Klausner" <wiz@netbsd.org>
Subject: CVS commit: pkgsrc/doc
To: pkgsrc-changes@NetBSD.org
Approved: commit_and_comment
Reply-To: wiz@netbsd.org
X-Mailer: log_accum
Message-Id: <20231230120422.1256BFA42@cvs.NetBSD.org>

This is a multi-part message in MIME format.

--_----------=_1703937862293370
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="US-ASCII"

Module Name:	pkgsrc
Committed By:	wiz
Date:		Sat Dec 30 12:04:21 UTC 2023

Modified Files:
	pkgsrc/doc: TODO pkg-vulnerabilities

Log Message:
doc: libheif, libde265 vulns


To generate a diff of this commit:
cvs rdiff -u -r1.23832 -r1.23833 pkgsrc/doc/TODO
cvs rdiff -u -r1.103 -r1.104 pkgsrc/doc/pkg-vulnerabilities

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


--_----------=_1703937862293370
Content-Disposition: inline
Content-Length: 1517
Content-Transfer-Encoding: binary
Content-Type: text/x-diff; charset=us-ascii

Modified files:

Index: pkgsrc/doc/TODO
diff -u pkgsrc/doc/TODO:1.23832 pkgsrc/doc/TODO:1.23833
--- pkgsrc/doc/TODO:1.23832	Sat Dec 30 10:55:02 2023
+++ pkgsrc/doc/TODO	Sat Dec 30 12:04:21 2023
@@ -1,4 +1,4 @@
-$NetBSD: TODO,v 1.23832 2023/12/30 10:55:02 wiz Exp $
+$NetBSD: TODO,v 1.23833 2023/12/30 12:04:21 wiz Exp $
 
 Suggested new packages
 ======================
@@ -1258,7 +1258,6 @@ For possible Perl packages updates, see 
 	o scilab-5.5.2
 	o scm-5f3 [dholland has a partial update]
 	o scm-blackbox-2.0.0
-	o scons4-4.6.0
 	o scripts-1.0.1
 	o scrollz-2.3
 	o scsh-1.3.0

Index: pkgsrc/doc/pkg-vulnerabilities
diff -u pkgsrc/doc/pkg-vulnerabilities:1.103 pkgsrc/doc/pkg-vulnerabilities:1.104
--- pkgsrc/doc/pkg-vulnerabilities:1.103	Fri Dec 29 20:29:51 2023
+++ pkgsrc/doc/pkg-vulnerabilities	Sat Dec 30 12:04:21 2023
@@ -1,4 +1,4 @@
-# $NetBSD: pkg-vulnerabilities,v 1.103 2023/12/29 20:29:51 wiz Exp $
+# $NetBSD: pkg-vulnerabilities,v 1.104 2023/12/30 12:04:21 wiz Exp $
 #
 #FORMAT 1.0.0
 #
@@ -25846,3 +25846,5 @@ openssh<9.6	command-injection	https://nv
 libssh<0.10.6	command-injection	https://nvd.nist.gov/vuln/detail/CVE-2023-6004
 p5-Spreadsheet-ParseExcel<0.6600		remote-code-execution	https://nvd.nist.gov/vuln/detail/CVE-2023-7101
 filezilla<3.66.4	extension-negotiation-downgrade	https://nvd.nist.gov/vuln/detail/CVE-2023-48795
+libheif<1.17.6	integer-overflow	https://nvd.nist.gov/vuln/detail/CVE-2023-49462
+libde265<1.0.15	buffer-overflow	https://nvd.nist.gov/vuln/detail/CVE-2023-49468


--_----------=_1703937862293370--