| @@ -1,14 +1,14 @@ | | | @@ -1,14 +1,14 @@ |
1 | # $NetBSD: pkg-vulnerabilities,v 1.126 2024/02/13 14:13:37 taca Exp $ | | 1 | # $NetBSD: pkg-vulnerabilities,v 1.127 2024/02/13 15:24:30 taca Exp $ |
2 | # | | 2 | # |
3 | #FORMAT 1.0.0 | | 3 | #FORMAT 1.0.0 |
4 | # | | 4 | # |
5 | # Please read "Handling packages with security problems" in the pkgsrc | | 5 | # Please read "Handling packages with security problems" in the pkgsrc |
6 | # guide before editing this file. | | 6 | # guide before editing this file. |
7 | # | | 7 | # |
8 | # Note: NEVER remove entries from this file; this should document *all* | | 8 | # Note: NEVER remove entries from this file; this should document *all* |
9 | # known package vulnerabilities so it is entirely appropriate to have | | 9 | # known package vulnerabilities so it is entirely appropriate to have |
10 | # multiple entries in this file for a single package, and to contain | | 10 | # multiple entries in this file for a single package, and to contain |
11 | # entries for packages which have been removed from pkgsrc. | | 11 | # entries for packages which have been removed from pkgsrc. |
12 | # | | 12 | # |
13 | # New entries should be added at the end of this file. | | 13 | # New entries should be added at the end of this file. |
14 | # | | 14 | # |
| @@ -25877,13 +25877,18 @@ libuv>=1.24.0<1.48 address-check-bypass | | | @@ -25877,13 +25877,18 @@ libuv>=1.24.0<1.48 address-check-bypass |
25877 | postgresql-server>=12<12.18 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2024-0985 | | 25877 | postgresql-server>=12<12.18 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2024-0985 |
25878 | postgresql-server>=13<13.14 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2024-0985 | | 25878 | postgresql-server>=13<13.14 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2024-0985 |
25879 | postgresql-server>=14<14.11 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2024-0985 | | 25879 | postgresql-server>=14<14.11 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2024-0985 |
25880 | postgresql-server>=15<15.6 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2024-0985 | | 25880 | postgresql-server>=15<15.6 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2024-0985 |
25881 | postgresql-server>=16<16.2 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2024-0985 | | 25881 | postgresql-server>=16<16.2 arbitrary-command-execution https://nvd.nist.gov/vuln/detail/CVE-2024-0985 |
25882 | asterisk-13.* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages | | 25882 | asterisk-13.* eol http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages |
25883 | unbound<1.19.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387 | | 25883 | unbound<1.19.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50387 |
25884 | unbound<1.19.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868 | | 25884 | unbound<1.19.1 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-50868 |
25885 | bind>=9.18<9.18.24 denial-of-service https://kb.isc.org/docs/cve-2023-4408 | | 25885 | bind>=9.18<9.18.24 denial-of-service https://kb.isc.org/docs/cve-2023-4408 |
25886 | bind>=9.18<9.18.24 denial-of-service https://kb.isc.org/docs/cve-2023-5517 | | 25886 | bind>=9.18<9.18.24 denial-of-service https://kb.isc.org/docs/cve-2023-5517 |
25887 | bind>=9.18<9.18.24 denial-of-service https://kb.isc.org/docs/cve-2023-5679 | | 25887 | bind>=9.18<9.18.24 denial-of-service https://kb.isc.org/docs/cve-2023-5679 |
25888 | bind>=9.18<9.18.24 denial-of-service https://kb.isc.org/docs/cve-2023-50387 | | 25888 | bind>=9.18<9.18.24 denial-of-service https://kb.isc.org/docs/cve-2023-50387 |
25889 | bind>=9.18<9.18.24 denial-of-service https://kb.isc.org/docs/cve-2023-50868 | | 25889 | bind>=9.18<9.18.24 denial-of-service https://kb.isc.org/docs/cve-2023-50868 |
| | | 25890 | bind>=9.16<9.16.48 denial-of-service https://kb.isc.org/docs/cve-2023-4408 |
| | | 25891 | bind>=9.16<9.16.48 denial-of-service https://kb.isc.org/docs/cve-2023-5517 |
| | | 25892 | bind>=9.16<9.16.48 denial-of-service https://kb.isc.org/docs/cve-2023-5679 |
| | | 25893 | bind>=9.16<9.16.48 denial-of-service https://kb.isc.org/docs/cve-2023-50387 |
| | | 25894 | bind>=9.16<9.16.48 denial-of-service https://kb.isc.org/docs/cve-2023-50868 |