CVS commit: pkgsrc/doc

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/doc
From: "Nia Alarie" <nia%netbsd.org@localhost>
Date: Sun, 4 May 2025 11:05:30 +0000

Module Name:    pkgsrc
Committed By:   nia
Date:           Sun May  4 11:05:30 UTC 2025

Modified Files:
        pkgsrc/doc: pkg-vulnerabilities

Log Message:
two fixed wavpack bugs

CVE-2021-44269 https://github.com/dbry/WavPack/commit/773f9d0803c6888ae7d5391878d7337f24216f4a
CVE-2022-2476 https://github.com/dbry/WavPack/commit/25b4a2725d8568212e7cf89ca05ca29d128af7ac


To generate a diff of this commit:
cvs rdiff -u -r1.356 -r1.357 pkgsrc/doc/pkg-vulnerabilities

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/doc/pkg-vulnerabilities
diff -u pkgsrc/doc/pkg-vulnerabilities:1.356 pkgsrc/doc/pkg-vulnerabilities:1.357
--- pkgsrc/doc/pkg-vulnerabilities:1.356        Sun May  4 11:02:59 2025
+++ pkgsrc/doc/pkg-vulnerabilities      Sun May  4 11:05:29 2025
@@ -1,4 +1,4 @@
-# $NetBSD: pkg-vulnerabilities,v 1.356 2025/05/04 11:02:59 nia Exp $
+# $NetBSD: pkg-vulnerabilities,v 1.357 2025/05/04 11:05:29 nia Exp $
 #
 #FORMAT 1.0.0
 #
@@ -23144,7 +23144,7 @@ gerbv-[0-9]*    out-of-bounds-read      https://
 openexr<3.1.5  denial-of-service       https://nvd.nist.gov/vuln/detail/CVE-2021-3941
 openexr<3.1.2  denial-of-service       https://nvd.nist.gov/vuln/detail/CVE-2021-3933
 py{27,34,35,36,37,38,39,310}-tryton<6.2.6      authorization-bypass    https://nvd.nist.gov/vuln/detail/CVE-2022-26661
-wavpack-[0-9]* denial-of-service       https://nvd.nist.gov/vuln/detail/CVE-2021-44269
+wavpack<5.5.0  denial-of-service       https://nvd.nist.gov/vuln/detail/CVE-2021-44269
 grub2-[0-9]*   sensitive-information-disclosure        https://nvd.nist.gov/vuln/detail/CVE-2021-3981
 horde<2.2.4    cross-site-scripting    https://nvd.nist.gov/vuln/detail/CVE-2022-26874
 fish<3.4.0     arbitrary-code-execution        https://nvd.nist.gov/vuln/detail/CVE-2022-20001
@@ -23808,7 +23808,7 @@ grub2<2.12      buffer-underflow        https://nvd.
 grub2<2.12     out-of-bounds-write     https://nvd.nist.gov/vuln/detail/CVE-2021-3696
 grub2<2.12     out-of-bounds-write     https://nvd.nist.gov/vuln/detail/CVE-2021-3695
 vault<1.11.1   improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2022-36129
-wavpack-[0-9]* null-pointer-dereference        https://nvd.nist.gov/vuln/detail/CVE-2022-2476
+wavpack<5.5.0  null-pointer-dereference        https://nvd.nist.gov/vuln/detail/CVE-2022-2476
 tor>=0.4.7<0.4.7.8     denial-of-service       https://nvd.nist.gov/vuln/detail/CVE-2022-33903
 moodle<4.0.2   invalid-validation      https://nvd.nist.gov/vuln/detail/CVE-2022-35650
 moodle<4.0.2   cross-site-scripting    https://nvd.nist.gov/vuln/detail/CVE-2022-35653

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: CVS commit: pkgsrc/graphics
Previous by Thread: CVS commit: pkgsrc/doc
Next by Thread: CVS commit: pkgsrc/graphics
Indexes:

Home | Main Index | Thread Index | Old Index