Thu Nov 16 09:42:02 2023 UTC ()
doc: pkg-vulnerabilities: gstreamer


(wiz)
diff -r1.64 -r1.65 pkgsrc/doc/pkg-vulnerabilities
cvs diff -r1.64 -r1.65 pkgsrc/doc/pkg-vulnerabilities (expand / switch to unified diff)

--- pkgsrc/doc/pkg-vulnerabilities 2023/11/15 21:18:05 1.64
+++ pkgsrc/doc/pkg-vulnerabilities 2023/11/16 09:42:02 1.65
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1# $NetBSD: pkg-vulnerabilities,v 1.64 2023/11/15 21:18:05 wiz Exp $ 1# $NetBSD: pkg-vulnerabilities,v 1.65 2023/11/16 09:42:02 wiz Exp $
2# 2#
3#FORMAT 1.0.0 3#FORMAT 1.0.0
4# 4#
5# Please read "Handling packages with security problems" in the pkgsrc 5# Please read "Handling packages with security problems" in the pkgsrc
6# guide before editing this file. 6# guide before editing this file.
7# 7#
8# Note: NEVER remove entries from this file; this should document *all* 8# Note: NEVER remove entries from this file; this should document *all*
9# known package vulnerabilities so it is entirely appropriate to have 9# known package vulnerabilities so it is entirely appropriate to have
10# multiple entries in this file for a single package, and to contain 10# multiple entries in this file for a single package, and to contain
11# entries for packages which have been removed from pkgsrc. 11# entries for packages which have been removed from pkgsrc.
12# 12#
13# New entries should be added at the end of this file. 13# New entries should be added at the end of this file.
14# 14#
@@ -25755,13 +25755,22 @@ php{56,73,74,80,81,82}-roundcube<1.6.3 c @@ -25755,13 +25755,22 @@ php{56,73,74,80,81,82}-roundcube<1.6.3 c
25755exiv2>=0.28<0.28.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-44398 25755exiv2>=0.28<0.28.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2023-44398
25756ltm<1.2.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-36328 25756ltm<1.2.1 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-36328
25757gimp<2.10.36 unknown-impact https://www.gimp.org/news/2023/11/07/gimp-2-10-36-released/#security-and-bug-fixes 25757gimp<2.10.36 unknown-impact https://www.gimp.org/news/2023/11/07/gimp-2-10-36-released/#security-and-bug-fixes
25758tor<0.4.8.8 unknown-impact https://gitlab.torproject.org/tpo/core/team/-/wikis/NetworkTeam/TROVE 25758tor<0.4.8.8 unknown-impact https://gitlab.torproject.org/tpo/core/team/-/wikis/NetworkTeam/TROVE
25759tor<0.4.8.9 unknown-impact https://gitlab.torproject.org/tpo/core/team/-/wikis/NetworkTeam/TROVE 25759tor<0.4.8.9 unknown-impact https://gitlab.torproject.org/tpo/core/team/-/wikis/NetworkTeam/TROVE
25760yt-dlp<2023.11.14 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2023-46121 25760yt-dlp<2023.11.14 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2023-46121
25761webkit-gtk<2.38.4 ui-spoofing https://nvd.nist.gov/vuln/detail/CVE-2023-32919 25761webkit-gtk<2.38.4 ui-spoofing https://nvd.nist.gov/vuln/detail/CVE-2023-32919
25762webkit-gtk<2.38.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-32933 25762webkit-gtk<2.38.0 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-32933
25763webkit-gtk<2.38.4 ui-spoofing https://nvd.nist.gov/vuln/detail/CVE-2022-46705 25763webkit-gtk<2.38.4 ui-spoofing https://nvd.nist.gov/vuln/detail/CVE-2022-46705
25764webkit-gtk<2.38.4 ui-spoofing https://nvd.nist.gov/vuln/detail/CVE-2022-46725 25764webkit-gtk<2.38.4 ui-spoofing https://nvd.nist.gov/vuln/detail/CVE-2022-46725
25765webkit-gtk<2.42 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-32359 25765webkit-gtk<2.42 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-32359
25766webkit-gtk<2.42.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-41983 25766webkit-gtk<2.42.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-41983
25767webkit-gtk<2.42.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-42852 25767webkit-gtk<2.42.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-42852
 25768gst-plugins1-base<1.22.4 heap-overwrite https://nvd.nist.gov/vuln/detail/CVE-2023-37328
 25769gst-plugins1-base<1.22.4 heap-overwrite https://nvd.nist.gov/vuln/detail/CVE-2023-37329
 25770gst-plugins1-ugly<1.22.5 integer-overflow https://gstreamer.freedesktop.org/security/sa-2023-0004.html
 25771gst-plugins1-ugly<1.22.5 integer-overflow https://gstreamer.freedesktop.org/security/sa-2023-0005.html
 25772gst-plugins1-bad<1.22.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-40474
 25773gst-plugins1-bad<1.22.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-40475
 25774gst-plugins1-bad<1.22.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-40476
 25775gst-plugins1-bad<1.22.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-44429
 25776gst-plugins1-bad<1.22.6 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-44446