Received: by mail.netbsd.org (Postfix, from userid 605) id 59DAE8533A; Sat, 3 Feb 2024 16:39:16 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id 8945685337 for ; Sat, 3 Feb 2024 16:39:15 +0000 (UTC) X-Virus-Scanned: amavisd-new at netbsd.org Received: from mail.netbsd.org ([127.0.0.1]) by localhost (mail.netbsd.org [127.0.0.1]) (amavisd-new, port 10025) with ESMTP id VbH-r030ane6 for ; Sat, 3 Feb 2024 16:39:14 +0000 (UTC) Received: from cvs.NetBSD.org (ivanova.NetBSD.org [IPv6:2001:470:a085:999:28c:faff:fe03:5984]) by mail.netbsd.org (Postfix) with ESMTP id BE1C085335 for ; Sat, 3 Feb 2024 16:39:14 +0000 (UTC) Received: by cvs.NetBSD.org (Postfix, from userid 500) id B9C7FFA42; Sat, 3 Feb 2024 16:39:14 +0000 (UTC) Content-Transfer-Encoding: 7bit Content-Type: multipart/mixed; boundary="_----------=_170697835486030" MIME-Version: 1.0 Date: Sat, 3 Feb 2024 16:39:14 +0000 From: "Thomas Merkel" Subject: CVS commit: pkgsrc/doc To: pkgsrc-changes@NetBSD.org Reply-To: tm@netbsd.org X-Mailer: log_accum Message-Id: <20240203163914.B9C7FFA42@cvs.NetBSD.org> Sender: pkgsrc-changes-owner@NetBSD.org List-Id: Precedence: bulk List-Unsubscribe: This is a multi-part message in MIME format. --_----------=_170697835486030 Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" Module Name: pkgsrc Committed By: tm Date: Sat Feb 3 16:39:14 UTC 2024 Modified Files: pkgsrc/doc: pkg-vulnerabilities Log Message: doc: pkg-vulnerabilities +curl, +glpi, +graphviz, +mbedtls, +opensc, +py-aiohttp, +py-octoprint To generate a diff of this commit: cvs rdiff -u -r1.112 -r1.113 pkgsrc/doc/pkg-vulnerabilities Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. --_----------=_170697835486030 Content-Disposition: inline Content-Length: 1908 Content-Transfer-Encoding: binary Content-Type: text/x-diff; charset=us-ascii Modified files: Index: pkgsrc/doc/pkg-vulnerabilities diff -u pkgsrc/doc/pkg-vulnerabilities:1.112 pkgsrc/doc/pkg-vulnerabilities:1.113 --- pkgsrc/doc/pkg-vulnerabilities:1.112 Wed Jan 24 20:16:09 2024 +++ pkgsrc/doc/pkg-vulnerabilities Sat Feb 3 16:39:14 2024 @@ -1,4 +1,4 @@ -# $NetBSD: pkg-vulnerabilities,v 1.112 2024/01/24 20:16:09 wiz Exp $ +# $NetBSD: pkg-vulnerabilities,v 1.113 2024/02/03 16:39:14 tm Exp $ # #FORMAT 1.0.0 # @@ -25855,3 +25855,15 @@ gnutls<3.8.3 timing-side-channel https:/ py{27,38,39,310,311,312}-Pillow<10.2.0 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-50447 postgresql-server>=11<12 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages nodejs>=16<18 eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages +py{27,37,38,39,310,311,312}-aiohttp<3.9.2 directory-traversal https://nvd.nist.gov/vuln/detail/CVE-2024-23334 +py{27,37,38,39,310,311,312}-aiohttp<3.9.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-23829 +curl<8.6.0 out-of-bounds https://nvd.nist.gov/vuln/detail/CVE-2023-52071 +mbedtls<2.28.7 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-23170 +mbedtls>=3<3.5.2 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-23170 +mbedtls<2.28.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-23775 +mbedtls>=3<3.5.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-23775 +opensc-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-5992 +py{27,37,38,39,310,311,312}-octoprint-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2024-23637 +glpi<10.0.12 code-injection https://nvd.nist.gov/vuln/detail/CVE-2023-51446 +glpi<10.0.12 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-23645 +graphviz<10 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-46045 --_----------=_170697835486030--