Wed Feb 7 18:01:17 2024 UTC (108d)

doc: webkit-gtk 2.42.5 out


(wiz)

diff -r1.23995 -r1.23996 pkgsrc/doc/TODO
diff -r1.117 -r1.118 pkgsrc/doc/pkg-vulnerabilities

--- pkgsrc/doc/TODO 2024/02/07 17:50:54 1.23995
+++ pkgsrc/doc/TODO 2024/02/07 18:01:16 1.23996

 @@ -1,14 +1,14 @@
-$NetBSD: TODO,v 1.23995 2024/02/07 17:50:54 wiz Exp $
+$NetBSD: TODO,v 1.23996 2024/02/07 18:01:16 wiz Exp $
 Suggested new packages
 ======================
 	Any unresolved PRs (if you have commit access)
 	http://gnats.NetBSD.org/summary/category/pkg.html
 	Any complete, polished packages in pkgsrc-wip (ditto)
 	https://www.pkgsrc.org/wip/
 	Any interesting packages in FreeBSD's ports.
 	http://freshports.org/
 @@ -1406,27 +1406,27 @@ For possible Perl packages updates, see
 	o virt-what-1.21
 	o virtinst-0.600.4
 	o virtuoso-7.2.0p1
 	o visual-regexp-3.1
 	o vms-empire-1.16
 	o vnc-4.0 [http://www.realvnc.com/download.html|pkgsrc-wip]
 	o vnstat-2.14
 	o wMosaic-3.8.22
 	o wandio-4.2.3
 	o wap-utils-1.4.1
 	o wbm-virtual-server-6.16
 	o wcalc-2.4
 	o webkit-gtk-2.38.5 [wip]
-	o webkit-gtk-2.42.4
+	o webkit-gtk-2.42.5
 	o webmin-2.0
 	o websvn-2.6.0
 	o wgetpaste-2.30
 	o whowatch-1.8.5
 	o widelands-1.1
 	o windowlab-1.40
 	o wine-9.0
 	o wine-devel-3.7
 	o wiredtiger-10.0.0
 	o wkhtmltopdf-0.12.6
 	o wmi-11
 	o wordwarvi-1.0.4
 	o worker-4.8.0

--- pkgsrc/doc/pkg-vulnerabilities 2024/02/07 16:35:29 1.117
+++ pkgsrc/doc/pkg-vulnerabilities 2024/02/07 18:01:16 1.118

 @@ -1,14 +1,14 @@
-# $NetBSD: pkg-vulnerabilities,v 1.117 2024/02/07 16:35:29 wiz Exp $
+# $NetBSD: pkg-vulnerabilities,v 1.118 2024/02/07 18:01:16 wiz Exp $
+#
 #FORMAT 1.0.0
+#
 # Please read "Handling packages with security problems" in the pkgsrc
 # guide before editing this file.
+#
 # Note: NEVER remove entries from this file; this should document *all*
 # known package vulnerabilities so it is entirely appropriate to have
 # multiple entries in this file for a single package, and to contain
 # entries for packages which have been removed from pkgsrc.
+#
 # New entries should be added at the end of this file.
+#
 @@ -25859,13 +25859,14 @@ py{27,37,38,39,310,311,312}-aiohttp<3.9.
 py{27,37,38,39,310,311,312}-aiohttp<3.9.2	denial-of-service	https://nvd.nist.gov/vuln/detail/CVE-2024-23829
 curl<8.6.0	out-of-bounds	https://nvd.nist.gov/vuln/detail/CVE-2023-52071
 mbedtls<2.28.7	sensitive-information-disclosure	https://nvd.nist.gov/vuln/detail/CVE-2024-23170
 mbedtls>=3<3.5.2	sensitive-information-disclosure	https://nvd.nist.gov/vuln/detail/CVE-2024-23170
 mbedtls<2.28.7	denial-of-service	https://nvd.nist.gov/vuln/detail/CVE-2024-23775
 mbedtls>=3<3.5.2	denial-of-service	https://nvd.nist.gov/vuln/detail/CVE-2024-23775
 opensc-[0-9]*	sensitive-information-disclosure	https://nvd.nist.gov/vuln/detail/CVE-2023-5992
 py{27,37,38,39,310,311,312}-octoprint-[0-9]*	sensitive-information-disclosure	https://nvd.nist.gov/vuln/detail/CVE-2024-23637
 glpi<10.0.12	code-injection	https://nvd.nist.gov/vuln/detail/CVE-2023-51446
 glpi<10.0.12	cross-site-scripting	https://nvd.nist.gov/vuln/detail/CVE-2024-23645
 graphviz<10	out-of-bounds-read	https://nvd.nist.gov/vuln/detail/CVE-2023-46045
 expat<2.6.0	denial-of-service	https://nvd.nist.gov/vuln/detail/CVE-2023-52425
 expat<2.6.0	denial-of-service	https://nvd.nist.gov/vuln/detail/CVE-2023-52426
 webkit-gtk<2.42.5	arbitrary-code-execution	https://nvd.nist.gov/vuln/detail/CVE-2024-23222