Thu Oct 5 13:48:21 2023 UTC ()
doc: +amanda-server, +lldpd, +zabbix


(tm)
diff -r1.8 -r1.9 pkgsrc/doc/pkg-vulnerabilities
cvs diff -r1.8 -r1.9 pkgsrc/doc/pkg-vulnerabilities (expand / switch to unified diff)

--- pkgsrc/doc/pkg-vulnerabilities 2023/10/05 13:21:51 1.8
+++ pkgsrc/doc/pkg-vulnerabilities 2023/10/05 13:48:21 1.9
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1# $NetBSD: pkg-vulnerabilities,v 1.8 2023/10/05 13:21:51 tm Exp $ 1# $NetBSD: pkg-vulnerabilities,v 1.9 2023/10/05 13:48:21 tm Exp $
2# 2#
3#FORMAT 1.0.0 3#FORMAT 1.0.0
4# 4#
5# Please read "Handling packages with security problems" in the pkgsrc 5# Please read "Handling packages with security problems" in the pkgsrc
6# guide before editing this file. 6# guide before editing this file.
7# 7#
8# Note: NEVER remove entries from this file; this should document *all* 8# Note: NEVER remove entries from this file; this should document *all*
9# known package vulnerabilities so it is entirely appropriate to have 9# known package vulnerabilities so it is entirely appropriate to have
10# multiple entries in this file for a single package, and to contain 10# multiple entries in this file for a single package, and to contain
11# entries for packages which have been removed from pkgsrc. 11# entries for packages which have been removed from pkgsrc.
12# 12#
13# New entries should be added at the end of this file. 13# New entries should be added at the end of this file.
14# 14#
@@ -25323,13 +25323,21 @@ croc-[0-9]* sensitive-information-disclo @@ -25323,13 +25323,21 @@ croc-[0-9]* sensitive-information-disclo
25323croc-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-43620 25323croc-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-43620
25324croc-[0-9]* remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2023-43619 25324croc-[0-9]* remote-command-execution https://nvd.nist.gov/vuln/detail/CVE-2023-43619
25325croc-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-43618 25325croc-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-43618
25326croc-[0-9]* arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2023-43616 25326croc-[0-9]* arbitrary-file-overwrite https://nvd.nist.gov/vuln/detail/CVE-2023-43616
25327croc-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-43617 25327croc-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-43617
25328ming-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-44232 25328ming-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-44232
25329ming-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-31976 25329ming-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-31976
25330ming-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-30085 25330ming-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-30085
25331ming-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-30084 25331ming-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-30084
25332ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-30083 25332ming-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-30083
25333ming-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-31240 25333ming-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2021-31240
25334ming-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-36239 25334ming-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-36239
25335ming-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-40781 25335ming-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-40781
 25336amanda-server<3.5.4 local-root-shell https://nvd.nist.gov/vuln/detail/CVE-2022-37705
 25337amanda-server<3.5.4 local-root-shell https://nvd.nist.gov/vuln/detail/CVE-2022-37704
 25338lldpd<1.0.13 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2021-43612
 25339lldpd<1.0.17 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2023-41910
 25340zabbix<4.0.47 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-29456
 25341zabbix<4.0.46 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-29457
 25342zabbix<4.0.46 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-29455
 25343zabbix<4.0.46 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-29454