Received: by mail.netbsd.org (Postfix, from userid 605) id 4439F84E5D; Mon, 4 Mar 2024 13:56:44 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=netbsd.org; s=20240131; t=1709560604; bh=B55CDx7CmMx63S/Ho2HS1XtfVXf17Sf0jf0oSFN1ydk=; h=Date:From:Subject:To:Reply-To:List-Id:List-Unsubscribe; b=oOqsTjJgf5pdUZmM6gKZ72QGdbQdKtVKVClfZgb9Zx/8CpAB0G5jQ46uspA5Em2qF FlyUwH+T/KsHKObOBQg2VYwNytPyRMH6URoR69Bg3q/gi1GBb3wiKTkUAerCDyGFGH hekd8r7y/5eYiPHfrjR+90qUSTfLp9ziLBmSrPn4= Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id 3537684D5B for ; Mon, 4 Mar 2024 13:56:43 +0000 (UTC) X-Virus-Scanned: amavisd-new at netbsd.org Authentication-Results: mail.netbsd.org (amavisd-new); dkim=pass (1024-bit key) header.d=netbsd.org Received: from mail.netbsd.org ([IPv6:::1]) by localhost (mail.netbsd.org [IPv6:::1]) (amavisd-new, port 10025) with ESMTP id 0PbmFZ_qGynN for ; Mon, 4 Mar 2024 13:56:42 +0000 (UTC) Received: from cvs.NetBSD.org (ivanova.NetBSD.org [IPv6:2001:470:a085:999:28c:faff:fe03:5984]) by mail.netbsd.org (Postfix) with ESMTP id 815D784D08 for ; Mon, 4 Mar 2024 13:56:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=netbsd.org; s=20240131; t=1709560602; bh=B55CDx7CmMx63S/Ho2HS1XtfVXf17Sf0jf0oSFN1ydk=; h=Date:From:Subject:To:Reply-To; b=lOCf+SoIACZ+vAXWxZ86Nehy9iSqO6Eidn63Mt7B4FvJbVS4gsjSp3+YNf+nLZ1mm 6inZRgTaiuKRcpMTF2mI0wyoNYWmjPBmaUAKr4Y81Rtgm/nZzVqsN3gtLyrSFsCxbY QK37vWRtBVZDMBhilm2oSYBoTv9cVZrptREokz/0= Received: by cvs.NetBSD.org (Postfix, from userid 500) id 7A1F0FA29; Mon, 4 Mar 2024 13:56:42 +0000 (UTC) Content-Transfer-Encoding: 7bit Content-Type: multipart/mixed; boundary="_----------=_1709560602233740" MIME-Version: 1.0 Date: Mon, 4 Mar 2024 13:56:42 +0000 From: "Thomas Klausner" Subject: CVS commit: pkgsrc/doc To: pkgsrc-changes@NetBSD.org Reply-To: wiz@netbsd.org X-Mailer: log_accum Message-Id: <20240304135642.7A1F0FA29@cvs.NetBSD.org> Sender: pkgsrc-changes-owner@NetBSD.org List-Id: Precedence: bulk List-Unsubscribe: This is a multi-part message in MIME format. --_----------=_1709560602233740 Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" Module Name: pkgsrc Committed By: wiz Date: Mon Mar 4 13:56:42 UTC 2024 Modified Files: pkgsrc/doc: pkg-vulnerabilities Log Message: doc: add new py-django DOS CVE To generate a diff of this commit: cvs rdiff -u -r1.144 -r1.145 pkgsrc/doc/pkg-vulnerabilities Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. --_----------=_1709560602233740 Content-Disposition: inline Content-Length: 1100 Content-Transfer-Encoding: binary Content-Type: text/x-diff; charset=us-ascii Modified files: Index: pkgsrc/doc/pkg-vulnerabilities diff -u pkgsrc/doc/pkg-vulnerabilities:1.144 pkgsrc/doc/pkg-vulnerabilities:1.145 --- pkgsrc/doc/pkg-vulnerabilities:1.144 Sun Mar 3 12:55:49 2024 +++ pkgsrc/doc/pkg-vulnerabilities Mon Mar 4 13:56:42 2024 @@ -1,4 +1,4 @@ -# $NetBSD: pkg-vulnerabilities,v 1.144 2024/03/03 12:55:49 wiz Exp $ +# $NetBSD: pkg-vulnerabilities,v 1.145 2024/03/04 13:56:42 wiz Exp $ # #FORMAT 1.0.0 # @@ -25922,3 +25922,6 @@ yasm-[0-9]* memory-leak https://nvd.nist fontforge-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2024-25081 fontforge-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2024-25082 opendmarc-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2024-25768 +py{27,37,38,39,310,311,312}-django>=3<3.2.25 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-27351 +py{27,37,38,39,310,311,312}-django>=4<4.2.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-27351 +py{27,37,38,39,310,311,312}-django>=5<5.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-27351 --_----------=_1709560602233740--