| @@ -1,14 +1,14 @@ | | | @@ -1,14 +1,14 @@ |
1 | # $NetBSD: pkg-vulnerabilities,v 1.39 2023/10/10 19:25:06 tm Exp $ | | 1 | # $NetBSD: pkg-vulnerabilities,v 1.40 2023/10/10 19:32:44 tm Exp $ |
2 | # | | 2 | # |
3 | #FORMAT 1.0.0 | | 3 | #FORMAT 1.0.0 |
4 | # | | 4 | # |
5 | # Please read "Handling packages with security problems" in the pkgsrc | | 5 | # Please read "Handling packages with security problems" in the pkgsrc |
6 | # guide before editing this file. | | 6 | # guide before editing this file. |
7 | # | | 7 | # |
8 | # Note: NEVER remove entries from this file; this should document *all* | | 8 | # Note: NEVER remove entries from this file; this should document *all* |
9 | # known package vulnerabilities so it is entirely appropriate to have | | 9 | # known package vulnerabilities so it is entirely appropriate to have |
10 | # multiple entries in this file for a single package, and to contain | | 10 | # multiple entries in this file for a single package, and to contain |
11 | # entries for packages which have been removed from pkgsrc. | | 11 | # entries for packages which have been removed from pkgsrc. |
12 | # | | 12 | # |
13 | # New entries should be added at the end of this file. | | 13 | # New entries should be added at the end of this file. |
14 | # | | 14 | # |
| @@ -25660,13 +25660,19 @@ tiff<4.5.0 denial-of-service https://nvd | | | @@ -25660,13 +25660,19 @@ tiff<4.5.0 denial-of-service https://nvd |
25660 | tiff-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-26965 | | 25660 | tiff-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-26965 |
25661 | tiff>=3.9.0<4.5.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-3316 | | 25661 | tiff>=3.9.0<4.5.1 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-3316 |
25662 | tiff<4.5.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-3618 | | 25662 | tiff<4.5.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-3618 |
25663 | tiff<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-40090 | | 25663 | tiff<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-40090 |
25664 | consul>=1.15.0<1.15.3 sensitive-information-leak https://nvd.nist.gov/vuln/detail/CVE-2023-2816 | | 25664 | consul>=1.15.0<1.15.3 sensitive-information-leak https://nvd.nist.gov/vuln/detail/CVE-2023-2816 |
25665 | consul>=1.13.0<1.15.3 sensitive-information-leak https://nvd.nist.gov/vuln/detail/CVE-2023-1297 | | 25665 | consul>=1.13.0<1.15.3 sensitive-information-leak https://nvd.nist.gov/vuln/detail/CVE-2023-1297 |
25666 | consul<1.16.1 sensitive-information-leak https://nvd.nist.gov/vuln/detail/CVE-2023-3518 | | 25666 | consul<1.16.1 sensitive-information-leak https://nvd.nist.gov/vuln/detail/CVE-2023-3518 |
25667 | faad2-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-38858 | | 25667 | faad2-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-38858 |
25668 | faad2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-38857 | | 25668 | faad2-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-38857 |
25669 | bitcoin<24.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-33297 | | 25669 | bitcoin<24.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-33297 |
25670 | bitcoin-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2023-37192 | | 25670 | bitcoin-[0-9]* memory-leak https://nvd.nist.gov/vuln/detail/CVE-2023-37192 |
25671 | gnuplot-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-25969 | | 25671 | gnuplot-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-25969 |
25672 | screen<4.9.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-24626 | | 25672 | screen<4.9.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-24626 |
| | | 25673 | terraform>=1.0.8<1.5.7 overwrite-arbitrary-files https://nvd.nist.gov/vuln/detail/CVE-2023-4782 |
| | | 25674 | sniproxy<0.6.1 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-25076 |
| | | 25675 | spice-server-[0-9]* authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2020-23793 |
| | | 25676 | routinator<0.12.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-39915 |
| | | 25677 | routinator>=0.9.0<0.12.2 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2023-39916 |
| | | 25678 | sofia-sip<1.13.15 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-32307 |