| @@ -1,14 +1,14 @@ | | | @@ -1,14 +1,14 @@ |
1 | # $NetBSD: pkg-vulnerabilities,v 1.67 2023/11/16 18:10:44 nia Exp $ | | 1 | # $NetBSD: pkg-vulnerabilities,v 1.68 2023/11/17 08:05:29 nia Exp $ |
2 | # | | 2 | # |
3 | #FORMAT 1.0.0 | | 3 | #FORMAT 1.0.0 |
4 | # | | 4 | # |
5 | # Please read "Handling packages with security problems" in the pkgsrc | | 5 | # Please read "Handling packages with security problems" in the pkgsrc |
6 | # guide before editing this file. | | 6 | # guide before editing this file. |
7 | # | | 7 | # |
8 | # Note: NEVER remove entries from this file; this should document *all* | | 8 | # Note: NEVER remove entries from this file; this should document *all* |
9 | # known package vulnerabilities so it is entirely appropriate to have | | 9 | # known package vulnerabilities so it is entirely appropriate to have |
10 | # multiple entries in this file for a single package, and to contain | | 10 | # multiple entries in this file for a single package, and to contain |
11 | # entries for packages which have been removed from pkgsrc. | | 11 | # entries for packages which have been removed from pkgsrc. |
12 | # | | 12 | # |
13 | # New entries should be added at the end of this file. | | 13 | # New entries should be added at the end of this file. |
14 | # | | 14 | # |
| @@ -23548,28 +23548,28 @@ libredwg-[0-9]* stack-overflow https://n | | | @@ -23548,28 +23548,28 @@ libredwg-[0-9]* stack-overflow https://n |
23548 | libxml2<2.9.14 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-29824 | | 23548 | libxml2<2.9.14 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-29824 |
23549 | lighttpd<1.4.59 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30780 | | 23549 | lighttpd<1.4.59 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30780 |
23550 | lrzip-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-33067 | | 23550 | lrzip-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-33067 |
23551 | mantis<2.25.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-33910 | | 23551 | mantis<2.25.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-33910 |
23552 | mariadb-server<10.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31621 | | 23552 | mariadb-server<10.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31621 |
23553 | mariadb-server<10.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31622 | | 23553 | mariadb-server<10.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31622 |
23554 | mariadb-server<10.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31623 | | 23554 | mariadb-server<10.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31623 |
23555 | mariadb-server<10.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31624 | | 23555 | mariadb-server<10.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31624 |
23556 | matio<1.5.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1515 | | 23556 | matio<1.5.22 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1515 |
23557 | moodle<4.0.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-30596 | | 23557 | moodle<4.0.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2022-30596 |
23558 | moodle<4.0.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-30597 | | 23558 | moodle<4.0.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-30597 |
23559 | moodle<4.0.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-30598 | | 23559 | moodle<4.0.1 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-30598 |
23560 | moodle<4.0.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-30600 | | 23560 | moodle<4.0.1 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-30600 |
23561 | mupdf-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30974 | | 23561 | mupdf<1.3.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30974 |
23562 | mupdf-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-30975 | | 23562 | mupdf<1.3.0 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-30975 |
23563 | njs<0.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-29779 | | 23563 | njs<0.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-29779 |
23564 | njs<0.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-29780 | | 23564 | njs<0.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-29780 |
23565 | njs<0.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30503 | | 23565 | njs<0.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-30503 |
23566 | njs<0.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31306 | | 23566 | njs<0.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31306 |
23567 | njs<0.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31307 | | 23567 | njs<0.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-31307 |
23568 | njs<0.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32414 | | 23568 | njs<0.7.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-32414 |
23569 | nuitka<0.9 shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2022-2054 | | 23569 | nuitka<0.9 shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2022-2054 |
23570 | openldap<2.6.2 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-29155 | | 23570 | openldap<2.6.2 sql-injection https://nvd.nist.gov/vuln/detail/CVE-2022-29155 |
23571 | openssl<1.1.1o shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2022-1292 | | 23571 | openssl<1.1.1o shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2022-1292 |
23572 | openssl>=3.0.0<3.0.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-1343 | | 23572 | openssl>=3.0.0<3.0.3 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-1343 |
23573 | openssl>=3.0.0<3.0.3 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2022-1434 | | 23573 | openssl>=3.0.0<3.0.3 man-in-the-middle-attack https://nvd.nist.gov/vuln/detail/CVE-2022-1434 |
23574 | openssl>=3.0.0<3.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1473 | | 23574 | openssl>=3.0.0<3.0.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-1473 |
23575 | openssl<1.1.1p shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2022-2068 | | 23575 | openssl<1.1.1p shell-command-injection https://nvd.nist.gov/vuln/detail/CVE-2022-2068 |