Thu Apr 25 15:14:49 2024 UTC (52d)
doc/pkg-vulnerabilities: add CVE-2024-27282

Add CVE-2024-27282 for ruby31-base, ruby32-base and ruby33.


(taca)
diff -r1.179 -r1.180 pkgsrc/doc/pkg-vulnerabilities
cvs diff -r1.179 -r1.180 pkgsrc/doc/pkg-vulnerabilities (expand / switch to context diff)
--- pkgsrc/doc/pkg-vulnerabilities 2024/04/25 07:24:08 1.179
+++ pkgsrc/doc/pkg-vulnerabilities 2024/04/25 15:14:49 1.180
@@ -1,4 +1,4 @@
-# $NetBSD: pkg-vulnerabilities,v 1.179 2024/04/25 07:24:08 wiz Exp $
+# $NetBSD: pkg-vulnerabilities,v 1.180 2024/04/25 15:14:49 taca Exp $
 #
 #FORMAT 1.0.0
 #
@@ -25992,3 +25992,6 @@
 php>=8.0<8.1		eol	http://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
 putty<0.81	secret-key-recovery	https://nvd.nist.gov/vuln/detail/CVE-2024-31497
 filezilla<3.67.0	secret-key-recovery	https://nvd.nist.gov/vuln/detail/CVE-2024-31497
+ruby31-base>=3.1<3.1.5	arbitrary-memory-read	https://www.ruby-lang.org/en/news/2024/04/23/arbitrary-memory-address-read-regexp-cve-2024-27282/
+ruby32-base>=3.2<3.2.4	arbitrary-memory-read	https://www.ruby-lang.org/en/news/2024/04/23/arbitrary-memory-address-read-regexp-cve-2024-27282/
+ruby33>=3.3<3.3.1	arbitrary-memory-read	https://www.ruby-lang.org/en/news/2024/04/23/arbitrary-memory-address-read-regexp-cve-2024-27282/