| @@ -1,14 +1,14 @@ | | | @@ -1,14 +1,14 @@ |
1 | # $NetBSD: pkg-vulnerabilities,v 1.70 2023/11/20 20:26:34 wiz Exp $ | | 1 | # $NetBSD: pkg-vulnerabilities,v 1.71 2023/11/23 10:59:49 wiz Exp $ |
2 | # | | 2 | # |
3 | #FORMAT 1.0.0 | | 3 | #FORMAT 1.0.0 |
4 | # | | 4 | # |
5 | # Please read "Handling packages with security problems" in the pkgsrc | | 5 | # Please read "Handling packages with security problems" in the pkgsrc |
6 | # guide before editing this file. | | 6 | # guide before editing this file. |
7 | # | | 7 | # |
8 | # Note: NEVER remove entries from this file; this should document *all* | | 8 | # Note: NEVER remove entries from this file; this should document *all* |
9 | # known package vulnerabilities so it is entirely appropriate to have | | 9 | # known package vulnerabilities so it is entirely appropriate to have |
10 | # multiple entries in this file for a single package, and to contain | | 10 | # multiple entries in this file for a single package, and to contain |
11 | # entries for packages which have been removed from pkgsrc. | | 11 | # entries for packages which have been removed from pkgsrc. |
12 | # | | 12 | # |
13 | # New entries should be added at the end of this file. | | 13 | # New entries should be added at the end of this file. |
14 | # | | 14 | # |
| @@ -25770,13 +25770,14 @@ webkit-gtk<2.42.2 denial-of-service http | | | @@ -25770,13 +25770,14 @@ webkit-gtk<2.42.2 denial-of-service http |
25770 | webkit-gtk<2.42.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-42852 | | 25770 | webkit-gtk<2.42.2 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-42852 |
25771 | gst-plugins1-base<1.22.4 heap-overwrite https://nvd.nist.gov/vuln/detail/CVE-2023-37328 | | 25771 | gst-plugins1-base<1.22.4 heap-overwrite https://nvd.nist.gov/vuln/detail/CVE-2023-37328 |
25772 | gst-plugins1-base<1.22.4 heap-overwrite https://nvd.nist.gov/vuln/detail/CVE-2023-37329 | | 25772 | gst-plugins1-base<1.22.4 heap-overwrite https://nvd.nist.gov/vuln/detail/CVE-2023-37329 |
25773 | gst-plugins1-ugly<1.22.5 integer-overflow https://gstreamer.freedesktop.org/security/sa-2023-0004.html | | 25773 | gst-plugins1-ugly<1.22.5 integer-overflow https://gstreamer.freedesktop.org/security/sa-2023-0004.html |
25774 | gst-plugins1-ugly<1.22.5 integer-overflow https://gstreamer.freedesktop.org/security/sa-2023-0005.html | | 25774 | gst-plugins1-ugly<1.22.5 integer-overflow https://gstreamer.freedesktop.org/security/sa-2023-0005.html |
25775 | gst-plugins1-bad<1.22.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-40474 | | 25775 | gst-plugins1-bad<1.22.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-40474 |
25776 | gst-plugins1-bad<1.22.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-40475 | | 25776 | gst-plugins1-bad<1.22.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-40475 |
25777 | gst-plugins1-bad<1.22.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-40476 | | 25777 | gst-plugins1-bad<1.22.6 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-40476 |
25778 | gst-plugins1-bad<1.22.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-44429 | | 25778 | gst-plugins1-bad<1.22.6 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-44429 |
25779 | gst-plugins1-bad<1.22.6 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-44446 | | 25779 | gst-plugins1-bad<1.22.6 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-44446 |
25780 | vim<9.0.2106 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-48231 | | 25780 | vim<9.0.2106 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2021-48231 |
25781 | vim<9.0.2112 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-48237 | | 25781 | vim<9.0.2112 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2021-48237 |
25782 | gnutls<3.8.2 timing-side-channel https://nvd.nist.gov/vuln/detail/CVE-2023-5981 | | 25782 | gnutls<3.8.2 timing-side-channel https://nvd.nist.gov/vuln/detail/CVE-2023-5981 |
| | | 25783 | vim<9.0.2121 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2023-48706 |