| @@ -1,14 +1,14 @@ | | | @@ -1,14 +1,14 @@ |
1 | # $NetBSD: pkg-vulnerabilities,v 1.6 2023/10/03 21:46:00 wiz Exp $ | | 1 | # $NetBSD: pkg-vulnerabilities,v 1.7 2023/10/04 16:27:27 wiz Exp $ |
2 | # | | 2 | # |
3 | #FORMAT 1.0.0 | | 3 | #FORMAT 1.0.0 |
4 | # | | 4 | # |
5 | # Please read "Handling packages with security problems" in the pkgsrc | | 5 | # Please read "Handling packages with security problems" in the pkgsrc |
6 | # guide before editing this file. | | 6 | # guide before editing this file. |
7 | # | | 7 | # |
8 | # Note: NEVER remove entries from this file; this should document *all* | | 8 | # Note: NEVER remove entries from this file; this should document *all* |
9 | # known package vulnerabilities so it is entirely appropriate to have | | 9 | # known package vulnerabilities so it is entirely appropriate to have |
10 | # multiple entries in this file for a single package, and to contain | | 10 | # multiple entries in this file for a single package, and to contain |
11 | # entries for packages which have been removed from pkgsrc. | | 11 | # entries for packages which have been removed from pkgsrc. |
12 | # | | 12 | # |
13 | # New entries should be added at the end of this file. | | 13 | # New entries should be added at the end of this file. |
14 | # | | 14 | # |
| @@ -25304,13 +25304,18 @@ exim-[0-9]* sensitive-information-disclo | | | @@ -25304,13 +25304,18 @@ exim-[0-9]* sensitive-information-disclo |
25304 | exim-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-42115 | | 25304 | exim-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-42115 |
25305 | exim-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-42116 | | 25305 | exim-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-42116 |
25306 | exim-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-42117 | | 25306 | exim-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-42117 |
25307 | libspf2-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-42118 | | 25307 | libspf2-[0-9]* remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-42118 |
25308 | exim-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-42119 | | 25308 | exim-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-42119 |
25309 | gst-plugins1-bad<1.22.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-40474 | | 25309 | gst-plugins1-bad<1.22.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-40474 |
25310 | gst-plugins1-bad<1.22.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-40475 | | 25310 | gst-plugins1-bad<1.22.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-40475 |
25311 | gst-plugins1-bad<1.22.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-40476 | | 25311 | gst-plugins1-bad<1.22.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-40476 |
25312 | libX11<1.8.7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-43785 | | 25312 | libX11<1.8.7 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-43785 |
25313 | libX11<1.8.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-43786 | | 25313 | libX11<1.8.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-43786 |
25314 | libX11<1.8.7 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-43787 | | 25314 | libX11<1.8.7 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-43787 |
25315 | libXpm<3.5.17 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-43788 | | 25315 | libXpm<3.5.17 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-43788 |
25316 | libXpm<3.5.17 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-43789 | | 25316 | libXpm<3.5.17 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-43789 |
| | | 25317 | py{27,37,38,39,310,311}-django>=3.2<3.2.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-43665 |
| | | 25318 | py{27,37,38,39,310,311}-django>=4.1<4.1.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-43665 |
| | | 25319 | py{27,37,38,39,310,311}-django>=4.2<4.2.6 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-43665 |
| | | 25320 | grub2-[0-9]* out-of-bounds https://nvd.nist.gov/vuln/detail/CVE-2023-4692 |
| | | 25321 | grub2-[0-9]* out-of-bounds https://nvd.nist.gov/vuln/detail/CVE-2023-4693 |