Tue Oct 10 20:17:44 2023 UTC ()
doc: pkg-vulnerabilities +KeePass, +atasm, +h2o, +kilo, +libdwarf


(tm)
diff -r1.44 -r1.45 pkgsrc/doc/pkg-vulnerabilities
cvs diff -r1.44 -r1.45 pkgsrc/doc/pkg-vulnerabilities (expand / switch to unified diff)

--- pkgsrc/doc/pkg-vulnerabilities 2023/10/10 20:07:15 1.44
+++ pkgsrc/doc/pkg-vulnerabilities 2023/10/10 20:17:44 1.45
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1# $NetBSD: pkg-vulnerabilities,v 1.44 2023/10/10 20:07:15 tm Exp $ 1# $NetBSD: pkg-vulnerabilities,v 1.45 2023/10/10 20:17:44 tm Exp $
2# 2#
3#FORMAT 1.0.0 3#FORMAT 1.0.0
4# 4#
5# Please read "Handling packages with security problems" in the pkgsrc 5# Please read "Handling packages with security problems" in the pkgsrc
6# guide before editing this file. 6# guide before editing this file.
7# 7#
8# Note: NEVER remove entries from this file; this should document *all* 8# Note: NEVER remove entries from this file; this should document *all*
9# known package vulnerabilities so it is entirely appropriate to have 9# known package vulnerabilities so it is entirely appropriate to have
10# multiple entries in this file for a single package, and to contain 10# multiple entries in this file for a single package, and to contain
11# entries for packages which have been removed from pkgsrc. 11# entries for packages which have been removed from pkgsrc.
12# 12#
13# New entries should be added at the end of this file. 13# New entries should be added at the end of this file.
14# 14#
@@ -25716,13 +25716,19 @@ frr-[0-9]* null-pointer-dereference http @@ -25716,13 +25716,19 @@ frr-[0-9]* null-pointer-dereference http
25716mupdf<1.18.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-26683 25716mupdf<1.18.0 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2020-26683
25717mupdf<1.18.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21896 25717mupdf<1.18.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-21896
25718binutils<2.40 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-48065 25718binutils<2.40 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2022-48065
25719binutils<2.40 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-48064 25719binutils<2.40 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-48064
25720binutils<2.39.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-47696 25720binutils<2.39.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-47696
25721binutils<2.39.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-47695 25721binutils<2.39.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-47695
25722binutils<2.39.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-47673 25722binutils<2.39.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-47673
25723binutils<2.40 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-48063 25723binutils<2.40 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-48063
25724binutils<2.40 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-44840 25724binutils<2.40 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-44840
25725binutils<2.38 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-46174 25725binutils<2.38 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-46174
25726binutils<2.34 sensitive-information-leak https://nvd.nist.gov/vuln/detail/CVE-2020-35342 25726binutils<2.34 sensitive-information-leak https://nvd.nist.gov/vuln/detail/CVE-2020-35342
25727binutils<2.34 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-21490 25727binutils<2.34 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2020-21490
25728binutils<2.34 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-19724 25728binutils<2.34 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-19724
 25729libdwarf<0.3.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-27545
 25730libdwarf<0.3.4 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2020-28163
 25731kilo-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2020-20335
 25732h2o-[0-9]* sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-30847
 25733atasm-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-34123
 25734KeePass>=2.00<2.54 memory-leak https://nvd.nist.gov/vuln/detail/CVE-2023-32784