pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/doc
Module Name: pkgsrc
Committed By: leot
Date: Fri Oct 31 09:48:45 UTC 2025
Modified Files:
pkgsrc/doc: pkg-vulnerabilities
Log Message:
pkg-vulnerabilities: Add last 12 hours CVEs
+ py-brotli (actual report is for scrapy but py-brotli seems the culprit, NVD
link still not public but see
<https://huntr.com/bounties/2c26a886-5984-47ee-a421-0d5fe1344eb0> and
<https://www.cve.org/CVERecord?id=CVE-2025-6176>),
qt-qtconnectivity
To generate a diff of this commit:
cvs rdiff -u -r1.646 -r1.647 pkgsrc/doc/pkg-vulnerabilities
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/doc/pkg-vulnerabilities
diff -u pkgsrc/doc/pkg-vulnerabilities:1.646 pkgsrc/doc/pkg-vulnerabilities:1.647
--- pkgsrc/doc/pkg-vulnerabilities:1.646 Thu Oct 30 11:08:22 2025
+++ pkgsrc/doc/pkg-vulnerabilities Fri Oct 31 09:48:45 2025
@@ -1,4 +1,4 @@
-# $NetBSD: pkg-vulnerabilities,v 1.646 2025/10/30 11:08:22 leot Exp $
+# $NetBSD: pkg-vulnerabilities,v 1.647 2025/10/31 09:48:45 leot Exp $
#
#FORMAT 1.0.0
#
@@ -28764,3 +28764,6 @@ rt5>=5.0.4<5.0.9 cross-site-scripting ht
sqlite3<3.50.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-52099
vault<1.21.0 authentication-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-11621
vault<1.21.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-12044
+py{27,39,310,311,312,313,314}-brotli<1.2.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-6176
+qt5-qtconnectivity<5.15.19 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-23050
+qt6-qtconnectivity<6.9.0 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2025-23050
Home |
Main Index |
Thread Index |
Old Index