| @@ -1,14 +1,14 @@ | | | @@ -1,14 +1,14 @@ |
1 | # $NetBSD: pkg-vulnerabilities,v 1.99 2023/12/26 19:27:49 wiz Exp $ | | 1 | # $NetBSD: pkg-vulnerabilities,v 1.100 2023/12/26 19:46:34 wiz Exp $ |
2 | # | | 2 | # |
3 | #FORMAT 1.0.0 | | 3 | #FORMAT 1.0.0 |
4 | # | | 4 | # |
5 | # Please read "Handling packages with security problems" in the pkgsrc | | 5 | # Please read "Handling packages with security problems" in the pkgsrc |
6 | # guide before editing this file. | | 6 | # guide before editing this file. |
7 | # | | 7 | # |
8 | # Note: NEVER remove entries from this file; this should document *all* | | 8 | # Note: NEVER remove entries from this file; this should document *all* |
9 | # known package vulnerabilities so it is entirely appropriate to have | | 9 | # known package vulnerabilities so it is entirely appropriate to have |
10 | # multiple entries in this file for a single package, and to contain | | 10 | # multiple entries in this file for a single package, and to contain |
11 | # entries for packages which have been removed from pkgsrc. | | 11 | # entries for packages which have been removed from pkgsrc. |
12 | # | | 12 | # |
13 | # New entries should be added at the end of this file. | | 13 | # New entries should be added at the end of this file. |
14 | # | | 14 | # |
| @@ -25832,13 +25832,15 @@ ssh-chat-[0-9]* man-in-the-middle https: | | | @@ -25832,13 +25832,15 @@ ssh-chat-[0-9]* man-in-the-middle https: |
25832 | influxdb-[0-9]* denial-of-service https://pkg.go.dev/vuln/GO-2023-1571 | | 25832 | influxdb-[0-9]* denial-of-service https://pkg.go.dev/vuln/GO-2023-1571 |
25833 | lazygit-[0-9]* man-in-the-middle https://pkg.go.dev/vuln/GO-2023-2402 | | 25833 | lazygit-[0-9]* man-in-the-middle https://pkg.go.dev/vuln/GO-2023-2402 |
25834 | amfora-[0-9]* infinite-loop https://pkg.go.dev/vuln/GO-2021-0238 | | 25834 | amfora-[0-9]* infinite-loop https://pkg.go.dev/vuln/GO-2021-0238 |
25835 | hub-[0-9]* denial-of-service https://pkg.go.dev/vuln/GO-2021-0061 | | 25835 | hub-[0-9]* denial-of-service https://pkg.go.dev/vuln/GO-2021-0061 |
25836 | nats-server-[0-9]* permissions-checking https://pkg.go.dev/vuln/GO-2022-0386 | | 25836 | nats-server-[0-9]* permissions-checking https://pkg.go.dev/vuln/GO-2022-0386 |
25837 | obfs4proxy-[0-9]* denial-of-service https://pkg.go.dev/vuln/GO-2023-1571 | | 25837 | obfs4proxy-[0-9]* denial-of-service https://pkg.go.dev/vuln/GO-2023-1571 |
25838 | terraform-provider-aws-[0-9]* denial-of-service https://pkg.go.dev/vuln/GO-2023-2153 | | 25838 | terraform-provider-aws-[0-9]* denial-of-service https://pkg.go.dev/vuln/GO-2023-2153 |
25839 | terraform-provider-aws-[0-9]* denial-of-service https://pkg.go.dev/vuln/GO-2023-1571 | | 25839 | terraform-provider-aws-[0-9]* denial-of-service https://pkg.go.dev/vuln/GO-2023-1571 |
25840 | authelia-[0-9]* path-traversal https://pkg.go.dev/vuln/GO-2022-0355 | | 25840 | authelia-[0-9]* path-traversal https://pkg.go.dev/vuln/GO-2022-0355 |
25841 | authelia-[0-9]* out-of-bounds-read https://pkg.go.dev/vuln/GO-2021-0113 | | 25841 | authelia-[0-9]* out-of-bounds-read https://pkg.go.dev/vuln/GO-2021-0113 |
25842 | apisprout-[0-9]* denial-of-service https://pkg.go.dev/vuln/GO-2021-0061 | | 25842 | apisprout-[0-9]* denial-of-service https://pkg.go.dev/vuln/GO-2021-0061 |
25843 | gitea-[0-9]* man-in-the-middle https://pkg.go.dev/vuln/GO-2023-2402 | | 25843 | gitea-[0-9]* man-in-the-middle https://pkg.go.dev/vuln/GO-2023-2402 |
25844 | gitea-[0-9]* improper-rendering https://pkg.go.dev/vuln/GO-2023-1988 | | 25844 | gitea-[0-9]* improper-rendering https://pkg.go.dev/vuln/GO-2023-1988 |
| | | 25845 | openssh<9.6 command-injection https://nvd.nist.gov/vuln/detail/CVE-2023-51385 |
| | | 25846 | libssh<0.10.6 command-injection https://nvd.nist.gov/vuln/detail/CVE-2023-6004 |