| @@ -1,14 +1,14 @@ | | | @@ -1,14 +1,14 @@ |
1 | # $NetBSD: pkg-vulnerabilities,v 1.66 2023/11/16 18:02:50 nia Exp $ | | 1 | # $NetBSD: pkg-vulnerabilities,v 1.67 2023/11/16 18:10:44 nia Exp $ |
2 | # | | 2 | # |
3 | #FORMAT 1.0.0 | | 3 | #FORMAT 1.0.0 |
4 | # | | 4 | # |
5 | # Please read "Handling packages with security problems" in the pkgsrc | | 5 | # Please read "Handling packages with security problems" in the pkgsrc |
6 | # guide before editing this file. | | 6 | # guide before editing this file. |
7 | # | | 7 | # |
8 | # Note: NEVER remove entries from this file; this should document *all* | | 8 | # Note: NEVER remove entries from this file; this should document *all* |
9 | # known package vulnerabilities so it is entirely appropriate to have | | 9 | # known package vulnerabilities so it is entirely appropriate to have |
10 | # multiple entries in this file for a single package, and to contain | | 10 | # multiple entries in this file for a single package, and to contain |
11 | # entries for packages which have been removed from pkgsrc. | | 11 | # entries for packages which have been removed from pkgsrc. |
12 | # | | 12 | # |
13 | # New entries should be added at the end of this file. | | 13 | # New entries should be added at the end of this file. |
14 | # | | 14 | # |
| @@ -24232,38 +24232,38 @@ radare2<4.4.0 null-pointer-dereference h | | | @@ -24232,38 +24232,38 @@ radare2<4.4.0 null-pointer-dereference h |
24232 | radare2-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-4398 | | 24232 | radare2-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-4398 |
24233 | radare2<5.8.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-4843 | | 24233 | radare2<5.8.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-4843 |
24234 | radare2<5.8.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-0302 | | 24234 | radare2<5.8.2 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-0302 |
24235 | exim-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-3559 | | 24235 | exim-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-3559 |
24236 | exim-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-3620 | | 24236 | exim-[0-9]* use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-3620 |
24237 | sox-[0-9]* division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-33844 | | 24237 | sox-[0-9]* division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-33844 |
24238 | sox-[0-9]* division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-23210 | | 24238 | sox-[0-9]* division-by-zero https://nvd.nist.gov/vuln/detail/CVE-2021-23210 |
24239 | sox-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-23172 | | 24239 | sox-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-23172 |
24240 | sox-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-23159 | | 24240 | sox-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-23159 |
24241 | tiff<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2869 | | 24241 | tiff<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2869 |
24242 | tiff<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2868 | | 24242 | tiff<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2868 |
24243 | tiff<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2867 | | 24243 | tiff<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2867 |
24244 | tiff<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2953 | | 24244 | tiff<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2953 |
24245 | tiff-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2521 | | 24245 | tiff<4.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2521 |
24246 | tiff-[0-9]* double-free https://nvd.nist.gov/vuln/detail/CVE-2022-2519 | | 24246 | tiff<4.5.0 double-free https://nvd.nist.gov/vuln/detail/CVE-2022-2519 |
24247 | tiff-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2520 | | 24247 | tiff<4.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2520 |
24248 | tiff<4.4.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1355 | | 24248 | tiff<4.4.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-1355 |
24249 | tiff<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1354 | | 24249 | tiff<4.4.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1354 |
24250 | tiff<4.5.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-3599 | | 24250 | tiff<4.5.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-3599 |
24251 | tiff<4.5.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-3598 | | 24251 | tiff<4.5.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-3598 |
24252 | tiff<4.5.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-3627 | | 24252 | tiff<4.5.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-3627 |
24253 | tiff<4.5.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-3626 | | 24253 | tiff<4.5.0 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2022-3626 |
24254 | tiff<4.5.0 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-3570 | | 24254 | tiff<4.5.0 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-3570 |
24255 | tiff<4.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3970 | | 24255 | tiff<4.5.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3970 |
24256 | tiff-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-48281 | | 24256 | tiff<4.5.1 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-48281 |
24257 | libraw<0.21.1 ut-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35535 | | 24257 | libraw<0.21.1 ut-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35535 |
24258 | libraw<0.21.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35533 | | 24258 | libraw<0.21.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35533 |
24259 | libraw<0.21.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35531 | | 24259 | libraw<0.21.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35531 |
24260 | libraw<0.21.1 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2020-35534 | | 24260 | libraw<0.21.1 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2020-35534 |
24261 | libraw<0.21.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-35530 | | 24261 | libraw<0.21.1 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2020-35530 |
24262 | libraw<0.21.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35532 | | 24262 | libraw<0.21.1 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2020-35532 |
24263 | libredwg<0.12.4.4608 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-35164 | | 24263 | libredwg<0.12.4.4608 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2022-35164 |
24264 | libredwg-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-45332 | | 24264 | libredwg-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-45332 |
24265 | blender-[0-9]* infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2022-2833 | | 24265 | blender-[0-9]* infinite-loop https://nvd.nist.gov/vuln/detail/CVE-2022-2833 |
24266 | blender-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2832 | | 24266 | blender-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-2832 |
24267 | blender-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-2831 | | 24267 | blender-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-2831 |
24268 | consul<1.11.9 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-41803 | | 24268 | consul<1.11.9 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2021-41803 |
24269 | consul<1.12.5 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-40716 | | 24269 | consul<1.12.5 privilege-escalation https://nvd.nist.gov/vuln/detail/CVE-2022-40716 |