Authentication-Results: name.execsw.org; dkim=pass (1024-bit key) header.d=netbsd.org header.i=@netbsd.org header.b=UV8rsXm5; dkim=pass (1024-bit key) header.d=netbsd.org header.i=@netbsd.org header.b=HAQriFef Received: by mail.netbsd.org (Postfix, from userid 605) id 33BA484F3B; Sun, 7 Apr 2024 14:00:56 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=netbsd.org; s=20240131; t=1712498456; bh=ZTbea+QmLLnPvTnmbyemBT907GBB2YoZOi3j4nwlVvg=; h=Date:From:Subject:To:Reply-To:List-Id:List-Unsubscribe; b=UV8rsXm5da+2b1sCACVPWFQN3twJi5kxYRewSJwFDyrod+6Yv/CPBKOVTjTt06CWx KMecamP4uQyosZdrhjkVrAI2BurH30y9xeqUdSAX+jvwhXkSXWDRyBMrLCMqrlX8Jl RNRQRwzLLnFiYlKxKp/BWTYWkZ5DLFQA3+2EAdHA= Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id 243F184F36 for ; Sun, 7 Apr 2024 14:00:55 +0000 (UTC) X-Virus-Scanned: amavisd-new at netbsd.org Authentication-Results: mail.netbsd.org (amavisd-new); dkim=pass (1024-bit key) header.d=netbsd.org Received: from mail.netbsd.org ([IPv6:::1]) by localhost (mail.netbsd.org [IPv6:::1]) (amavisd-new, port 10025) with ESMTP id WtzbrbeycYxk for ; Sun, 7 Apr 2024 14:00:54 +0000 (UTC) Received: from cvs.NetBSD.org (ivanova.NetBSD.org [IPv6:2001:470:a085:999:28c:faff:fe03:5984]) by mail.netbsd.org (Postfix) with ESMTP id 57B4184CEB for ; Sun, 7 Apr 2024 14:00:54 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=netbsd.org; s=20240131; t=1712498454; bh=ZTbea+QmLLnPvTnmbyemBT907GBB2YoZOi3j4nwlVvg=; h=Date:From:Subject:To:Reply-To; b=HAQriFeftSdJ9iIBNbqsKcGWFDf8xVkpnm2xvAnJODbZzBsT98WmQGGgcO2v799Vh Zh7nifJVmfkua18Qe+v00jGyaEHUdPRMrTn9v+rNyVkzxm9Ftlk35WkglrHZxbpiC6 XqsVd6yE+kvvd0ZyVOa66UJRLSsUsR46XHyiTQ5s= Received: by cvs.NetBSD.org (Postfix, from userid 500) id 5307AFA2C; Sun, 7 Apr 2024 14:00:54 +0000 (UTC) Content-Transfer-Encoding: 7bit Content-Type: multipart/mixed; boundary="_----------=_1712498454157900" MIME-Version: 1.0 Date: Sun, 7 Apr 2024 14:00:54 +0000 From: "Takahiro Kambe" Subject: CVS commit: pkgsrc/doc To: pkgsrc-changes@NetBSD.org Reply-To: taca@netbsd.org X-Mailer: log_accum Message-Id: <20240407140054.5307AFA2C@cvs.NetBSD.org> Sender: pkgsrc-changes-owner@NetBSD.org List-Id: Precedence: bulk List-Unsubscribe: This is a multi-part message in MIME format. --_----------=_1712498454157900 Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" Module Name: pkgsrc Committed By: taca Date: Sun Apr 7 14:00:54 UTC 2024 Modified Files: pkgsrc/doc: pkg-vulnerabilities Log Message: doc/pkg-vulnerabilities: add several php-concrete-cms entries php{80,81,82}-concrete-cms<9.2.8 XSS CVE-2024-2753 CVE-2024-3178 CVE-2024-3179 CVE-2024-3180 CVE-2024-3181 To generate a diff of this commit: cvs rdiff -u -r1.161 -r1.162 pkgsrc/doc/pkg-vulnerabilities Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. --_----------=_1712498454157900 Content-Disposition: inline Content-Length: 1260 Content-Transfer-Encoding: binary Content-Type: text/x-diff; charset=us-ascii Modified files: Index: pkgsrc/doc/pkg-vulnerabilities diff -u pkgsrc/doc/pkg-vulnerabilities:1.161 pkgsrc/doc/pkg-vulnerabilities:1.162 --- pkgsrc/doc/pkg-vulnerabilities:1.161 Fri Apr 5 20:11:27 2024 +++ pkgsrc/doc/pkg-vulnerabilities Sun Apr 7 14:00:53 2024 @@ -1,4 +1,4 @@ -# $NetBSD: pkg-vulnerabilities,v 1.161 2024/04/05 20:11:27 wiz Exp $ +# $NetBSD: pkg-vulnerabilities,v 1.162 2024/04/07 14:00:53 taca Exp $ # #FORMAT 1.0.0 # @@ -25957,3 +25957,8 @@ go121<1.21.9 denial-of-service https://n go122<1.22.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-45288 nghttp2<1.61.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-28182 apache<2.4.59 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2024-28182 +php{80,81,82}-concrete-cms<9.2.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-2753 +php{80,81,82}-concrete-cms<9.2.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-3178 +php{80,81,82}-concrete-cms<9.2.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-3179 +php{80,81,82}-concrete-cms<9.2.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-3180 +php{80,81,82}-concrete-cms<9.2.8 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2024-3181 --_----------=_1712498454157900--