| @@ -1,14 +1,14 @@ | | | @@ -1,14 +1,14 @@ |
1 | # $NetBSD: pkg-vulnerabilities,v 1.77 2023/12/13 15:55:24 wiz Exp $ | | 1 | # $NetBSD: pkg-vulnerabilities,v 1.78 2023/12/15 13:13:23 wiz Exp $ |
2 | # | | 2 | # |
3 | #FORMAT 1.0.0 | | 3 | #FORMAT 1.0.0 |
4 | # | | 4 | # |
5 | # Please read "Handling packages with security problems" in the pkgsrc | | 5 | # Please read "Handling packages with security problems" in the pkgsrc |
6 | # guide before editing this file. | | 6 | # guide before editing this file. |
7 | # | | 7 | # |
8 | # Note: NEVER remove entries from this file; this should document *all* | | 8 | # Note: NEVER remove entries from this file; this should document *all* |
9 | # known package vulnerabilities so it is entirely appropriate to have | | 9 | # known package vulnerabilities so it is entirely appropriate to have |
10 | # multiple entries in this file for a single package, and to contain | | 10 | # multiple entries in this file for a single package, and to contain |
11 | # entries for packages which have been removed from pkgsrc. | | 11 | # entries for packages which have been removed from pkgsrc. |
12 | # | | 12 | # |
13 | # New entries should be added at the end of this file. | | 13 | # New entries should be added at the end of this file. |
14 | # | | 14 | # |
| @@ -25787,13 +25787,16 @@ py{27,38,39,310,311,312}-cryptography>=3 | | | @@ -25787,13 +25787,16 @@ py{27,38,39,310,311,312}-cryptography>=3 |
25787 | perl>=5.30.0<5.38.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-47038 | | 25787 | perl>=5.30.0<5.38.1 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-47038 |
25788 | webkit-gtk<2.42.3 disclose-sensitive-information https://nvd.nist.gov/vuln/detail/CVE-2023-42916 | | 25788 | webkit-gtk<2.42.3 disclose-sensitive-information https://nvd.nist.gov/vuln/detail/CVE-2023-42916 |
25789 | webkit-gtk<2.42.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-42917 | | 25789 | webkit-gtk<2.42.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-42917 |
25790 | go120<1.20.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-39326 | | 25790 | go120<1.20.12 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-39326 |
25791 | go121<1.21.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-39326 | | 25791 | go121<1.21.5 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-39326 |
25792 | go120<1.20.12 insecure-fallback https://nvd.nist.gov/vuln/detail/CVE-2023-45285 | | 25792 | go120<1.20.12 insecure-fallback https://nvd.nist.gov/vuln/detail/CVE-2023-45285 |
25793 | go121<1.21.5 insecure-fallback https://nvd.nist.gov/vuln/detail/CVE-2023-45285 | | 25793 | go121<1.21.5 insecure-fallback https://nvd.nist.gov/vuln/detail/CVE-2023-45285 |
25794 | curl>=7.46.0<8.5.0 information-exposure-through-sent-data https://nvd.nist.gov/vuln/detail/CVE-2023-46218 | | 25794 | curl>=7.46.0<8.5.0 information-exposure-through-sent-data https://nvd.nist.gov/vuln/detail/CVE-2023-46218 |
25795 | curl>=7.84.0<8.5.0 missing-encryption-of-sensitive-data https://nvd.nist.gov/vuln/detail/CVE-2023-46219 | | 25795 | curl>=7.84.0<8.5.0 missing-encryption-of-sensitive-data https://nvd.nist.gov/vuln/detail/CVE-2023-46219 |
25796 | fish<3.6.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-49284 | | 25796 | fish<3.6.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-49284 |
25797 | modular-xorg-server<21.1.10 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-CVE-2023-6377 | | 25797 | modular-xorg-server<21.1.10 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-CVE-2023-6377 |
25798 | modular-xorg-server<21.1.10 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-CVE-2023-6478 | | 25798 | modular-xorg-server<21.1.10 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-CVE-2023-6478 |
25799 | opensc>=0.17.0<0.24.0 potential-pin-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-40660 | | 25799 | opensc>=0.17.0<0.24.0 potential-pin-bypass https://nvd.nist.gov/vuln/detail/CVE-2023-40660 |
| | | 25800 | asterisk<18.20.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-49786 |
| | | 25801 | asterisk>=20<20.5.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-49786 |
| | | 25802 | asterisk>=21<21.0.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2023-49786 |