CVS commit: pkgsrc/doc

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/doc
From: "Thomas Klausner" <wiz%netbsd.org@localhost>
Date: Fri, 12 Apr 2024 07:28:33 +0000

Module Name:    pkgsrc
Committed By:   wiz
Date:           Fri Apr 12 07:28:33 UTC 2024

Modified Files:
        pkgsrc/doc: pkg-vulnerabilities

Log Message:
doc: add more upper bounds

tex-context was fixed in
https://github.com/contextgarden/context-mirror/commit/25fcad7435f56cdce2658336909f4da6a65589c0
in 2018, but I'm not sure what version that corresponds to so just mark
today's version safe.


To generate a diff of this commit:
cvs rdiff -u -r1.169 -r1.170 pkgsrc/doc/pkg-vulnerabilities

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/doc/pkg-vulnerabilities
diff -u pkgsrc/doc/pkg-vulnerabilities:1.169 pkgsrc/doc/pkg-vulnerabilities:1.170
--- pkgsrc/doc/pkg-vulnerabilities:1.169        Thu Apr 11 06:46:19 2024
+++ pkgsrc/doc/pkg-vulnerabilities      Fri Apr 12 07:28:33 2024
@@ -1,4 +1,4 @@
-# $NetBSD: pkg-vulnerabilities,v 1.169 2024/04/11 06:46:19 wiz Exp $
+# $NetBSD: pkg-vulnerabilities,v 1.170 2024/04/12 07:28:33 wiz Exp $
 #
 #FORMAT 1.0.0
 #
@@ -14074,8 +14074,8 @@ poppler-utils<0.57.0    heap-overflow           http
 poppler<0.60.0         null-dereference        https://nvd.nist.gov/vuln/detail/CVE-2017-14975
 poppler<0.60.0         heap-overflow           https://nvd.nist.gov/vuln/detail/CVE-2017-14976
 poppler<0.60.0         null-dereference        https://nvd.nist.gov/vuln/detail/CVE-2017-14977
-tex-context-[0-9]*     command-injection       https://nvd.nist.gov/vuln/detail/CVE-2017-17513
-tex-lualibs-[0-9]*     command-injection       https://nvd.nist.gov/vuln/detail/CVE-2017-17513
+tex-context<2024       command-injection       https://nvd.nist.gov/vuln/detail/CVE-2017-17513
+tex-lualibs<2.61       command-injection       https://nvd.nist.gov/vuln/detail/CVE-2017-17513
 ruby{22,23,24,25}-rails-[0-9]* sql-injection   https://nvd.nist.gov/vuln/detail/CVE-2017-17920
 ImageMagick<7.0.7.19   denial-of-service       https://nvd.nist.gov/vuln/detail/CVE-2017-18008
 opencv<3.4.1           out-of-bounds-read      https://nvd.nist.gov/vuln/detail/CVE-2017-18009

Prev by Date: CVS commit: pkgsrc/www/firefox115
Next by Date: CVS commit: pkgsrc/www/py-django-countries
Previous by Thread: CVS commit: pkgsrc/www/firefox115
Next by Thread: CVS commit: pkgsrc/www/py-django-countries
Indexes:

Home | Main Index | Thread Index | Old Index