Fri Dec 15 13:13:23 2023 UTC (164d)
doc: asterisk vuln


(wiz)
diff -r1.77 -r1.78 pkgsrc/doc/pkg-vulnerabilities
cvs diff -r1.77 -r1.78 pkgsrc/doc/pkg-vulnerabilities (expand / switch to unified diff)

--- pkgsrc/doc/pkg-vulnerabilities 2023/12/13 15:55:24 1.77
+++ pkgsrc/doc/pkg-vulnerabilities 2023/12/15 13:13:23 1.78
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1# $NetBSD: pkg-vulnerabilities,v 1.77 2023/12/13 15:55:24 wiz Exp $ 1# $NetBSD: pkg-vulnerabilities,v 1.78 2023/12/15 13:13:23 wiz Exp $
2# 2#
3#FORMAT 1.0.0 3#FORMAT 1.0.0
4# 4#
5# Please read "Handling packages with security problems" in the pkgsrc 5# Please read "Handling packages with security problems" in the pkgsrc
6# guide before editing this file. 6# guide before editing this file.
7# 7#
8# Note: NEVER remove entries from this file; this should document *all* 8# Note: NEVER remove entries from this file; this should document *all*
9# known package vulnerabilities so it is entirely appropriate to have 9# known package vulnerabilities so it is entirely appropriate to have
10# multiple entries in this file for a single package, and to contain 10# multiple entries in this file for a single package, and to contain
11# entries for packages which have been removed from pkgsrc. 11# entries for packages which have been removed from pkgsrc.
12# 12#
13# New entries should be added at the end of this file. 13# New entries should be added at the end of this file.
14# 14#
@@ -25787,13 +25787,16 @@ py{27,38,39,310,311,312}-cryptography>=3 @@ -25787,13 +25787,16 @@ py{27,38,39,310,311,312}-cryptography>=3
25787perl>=5.30.0<5.38.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-47038 25787perl>=5.30.0<5.38.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-47038
25788webkit-gtk<2.42.3 disclose-sensitive-information https://nvd.nist.gov/vuln/detail/CVE-2023-42916 25788webkit-gtk<2.42.3 disclose-sensitive-information https://nvd.nist.gov/vuln/detail/CVE-2023-42916
25789webkit-gtk<2.42.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-42917 25789webkit-gtk<2.42.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-42917
25790go120<1.20.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-39326 25790go120<1.20.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-39326
25791go121<1.21.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-39326 25791go121<1.21.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-39326
25792go120<1.20.12 insecure-fallback https://nvd.nist.gov/vuln/detail/CVE-2023-45285 25792go120<1.20.12 insecure-fallback https://nvd.nist.gov/vuln/detail/CVE-2023-45285
25793go121<1.21.5 insecure-fallback https://nvd.nist.gov/vuln/detail/CVE-2023-45285 25793go121<1.21.5 insecure-fallback https://nvd.nist.gov/vuln/detail/CVE-2023-45285
25794curl>=7.46.0<8.5.0 information-exposure-through-sent-data https://nvd.nist.gov/vuln/detail/CVE-2023-46218 25794curl>=7.46.0<8.5.0 information-exposure-through-sent-data https://nvd.nist.gov/vuln/detail/CVE-2023-46218
25795curl>=7.84.0<8.5.0 missing-encryption-of-sensitive-data https://nvd.nist.gov/vuln/detail/CVE-2023-46219 25795curl>=7.84.0<8.5.0 missing-encryption-of-sensitive-data https://nvd.nist.gov/vuln/detail/CVE-2023-46219
25796fish<3.6.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-49284 25796fish<3.6.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-49284
25797modular-xorg-server<21.1.10 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-CVE-2023-6377 25797modular-xorg-server<21.1.10 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-CVE-2023-6377
25798modular-xorg-server<21.1.10 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-CVE-2023-6478 25798modular-xorg-server<21.1.10 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-CVE-2023-6478
25799opensc>=0.17.0<0.24.0 potential-pin-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-40660 25799opensc>=0.17.0<0.24.0 potential-pin-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-40660
 25800asterisk<18.20.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-49786
 25801asterisk>=20<20.5.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-49786
 25802asterisk>=21<21.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-49786