@@ -1,4 +1,4 @@
-# $NetBSD: pkg-vulnerabilities,v 1.121 2024/02/09 20:31:43 wiz Exp $
+# $NetBSD: pkg-vulnerabilities,v 1.122 2024/02/11 10:07:10 wiz Exp $
#
#FORMAT 1.0.0
#
@@ -24801,7 +24801,7 @@
qemu<7.1.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-3872
qemu<7.2.0 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-4172
qemu<7.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-4144
-png-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-4214
+#png-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2021-4214 # test program only, not installed
pngcheck<3.0.3 buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2020-35511
py{27,36,37,38,39,310,311}-matrix-nio<0.20 sensitive-information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2022-39254
py{27,36,37,38,39,310,311}-octoprint<1.9.0 security-restrictions-bypass https://nvd.nist.gov/vuln/detail/CVE-2022-2822
@@ -25524,7 +25524,7 @@
vim<9.0.1531 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2023-2609
vim<9.0.1532 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-2610
optipng-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-43907
-png-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-3857
+#png-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-3857 # false positive
jpegoptim<1.5.3 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2023-27781
phppgadmin<7.14.5 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2023-40619
phppgadmin<7.7 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2023-5002