Wed May 15 13:13:19 2024 UTC (32d)
doc: add dino vuln


(wiz)
diff -r1.197 -r1.198 pkgsrc/doc/pkg-vulnerabilities
cvs diff -r1.197 -r1.198 pkgsrc/doc/pkg-vulnerabilities (expand / switch to unified diff)

--- pkgsrc/doc/pkg-vulnerabilities 2024/05/15 08:18:54 1.197
+++ pkgsrc/doc/pkg-vulnerabilities 2024/05/15 13:13:19 1.198
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1# $NetBSD: pkg-vulnerabilities,v 1.197 2024/05/15 08:18:54 wiz Exp $ 1# $NetBSD: pkg-vulnerabilities,v 1.198 2024/05/15 13:13:19 wiz Exp $
2# 2#
3#FORMAT 1.0.0 3#FORMAT 1.0.0
4# 4#
5# Please read "Handling packages with security problems" in the pkgsrc 5# Please read "Handling packages with security problems" in the pkgsrc
6# guide before editing this file. 6# guide before editing this file.
7# 7#
8# Note: NEVER remove entries from this file; this should document *all* 8# Note: NEVER remove entries from this file; this should document *all*
9# known package vulnerabilities so it is entirely appropriate to have 9# known package vulnerabilities so it is entirely appropriate to have
10# multiple entries in this file for a single package, and to contain 10# multiple entries in this file for a single package, and to contain
11# entries for packages which have been removed from pkgsrc. 11# entries for packages which have been removed from pkgsrc.
12# 12#
13# New entries should be added at the end of this file. 13# New entries should be added at the end of this file.
14# 14#
@@ -25995,13 +25995,14 @@ p5-Email-MIME<1.954 denial-of-service ht @@ -25995,13 +25995,14 @@ p5-Email-MIME<1.954 denial-of-service ht
25995uriparser<0.9.8 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-34402 25995uriparser<0.9.8 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-34402
25996uriparser<0.9.8 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-34403 25996uriparser<0.9.8 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2024-34403
25997tinyproxy<1.11.1nb2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-49606 25997tinyproxy<1.11.1nb2 remote-code-execution https://nvd.nist.gov/vuln/detail/CVE-2023-49606
25998unbound<1.20.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33655 25998unbound<1.20.0 denial-of-service https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33655
25999phpldapadmin<1.2.6.7 cross-site-scripting https://github.com/leenooks/phpLDAPadmin/commit/d59cbfef5d8a78da55e4c1919862e9e3968b3715 25999phpldapadmin<1.2.6.7 cross-site-scripting https://github.com/leenooks/phpLDAPadmin/commit/d59cbfef5d8a78da55e4c1919862e9e3968b3715
26000go121<1.21.10 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-24787 26000go121<1.21.10 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-24787
26001go122<1.22.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-24787 26001go122<1.22.3 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2024-24787
26002vim<9.1.0404 buffer-overflow https://github.com/vim/vim/commit/67797191e039196128c69 26002vim<9.1.0404 buffer-overflow https://github.com/vim/vim/commit/67797191e039196128c69
26003git-base<2.45.1 execute-arbitrary-code https://nvd.nist.gov/vuln/detail/CVE-2024-32002 26003git-base<2.45.1 execute-arbitrary-code https://nvd.nist.gov/vuln/detail/CVE-2024-32002
26004git-base<2.45.1 execute-arbitrary-code https://nvd.nist.gov/vuln/detail/CVE-2024-32004 26004git-base<2.45.1 execute-arbitrary-code https://nvd.nist.gov/vuln/detail/CVE-2024-32004
26005git-base<2.45.1 insufficient-checks https://nvd.nist.gov/vuln/detail/CVE-2024-32020 26005git-base<2.45.1 insufficient-checks https://nvd.nist.gov/vuln/detail/CVE-2024-32020
26006git-base<2.45.1 toctou https://nvd.nist.gov/vuln/detail/CVE-2024-32021 26006git-base<2.45.1 toctou https://nvd.nist.gov/vuln/detail/CVE-2024-32021
26007git-base<2.45.1 execute-arbitrary-code https://nvd.nist.gov/vuln/detail/CVE-2024-32465 26007git-base<2.45.1 execute-arbitrary-code https://nvd.nist.gov/vuln/detail/CVE-2024-32465
 26008dino<0.4.2 information-disclosure https://nvd.nist.gov/vuln/detail/CVE-2023-28686