CVS commit: pkgsrc/doc

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/doc
From: "Thomas Klausner" <wiz%netbsd.org@localhost>
Date: Sun, 2 Nov 2025 16:01:22 +0000

Module Name:    pkgsrc
Committed By:   wiz
Date:           Sun Nov  2 16:01:22 UTC 2025

Modified Files:
        pkgsrc/doc: TODO pkg-vulnerabilities

Log Message:
doc: comment out a git vulnerability

Upstream does not think it is a vulnerability
https://lore.kernel.org/git/aQd_iisOrwX909Fr%fruit.crustytoothpaste.net@localhost/T/#t


To generate a diff of this commit:
cvs rdiff -u -r1.26401 -r1.26402 pkgsrc/doc/TODO
cvs rdiff -u -r1.650 -r1.651 pkgsrc/doc/pkg-vulnerabilities

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/doc/TODO
diff -u pkgsrc/doc/TODO:1.26401 pkgsrc/doc/TODO:1.26402
--- pkgsrc/doc/TODO:1.26401     Sun Nov  2 13:50:57 2025
+++ pkgsrc/doc/TODO     Sun Nov  2 16:01:22 2025
@@ -1,4 +1,4 @@
-$NetBSD: TODO,v 1.26401 2025/11/02 13:50:57 wiz Exp $
+$NetBSD: TODO,v 1.26402 2025/11/02 16:01:22 wiz Exp $
 
 Suggested new packages
 ======================
@@ -941,6 +941,7 @@ For possible Perl packages updates, see 
        o nant-0.92
        o nap-1.5.3
        o nas-auscope-1.9.4
+       o nasm-3.00
        o ncview-2.1.8
        o netramet-50
        o newmail-1.0.2

Index: pkgsrc/doc/pkg-vulnerabilities
diff -u pkgsrc/doc/pkg-vulnerabilities:1.650 pkgsrc/doc/pkg-vulnerabilities:1.651
--- pkgsrc/doc/pkg-vulnerabilities:1.650        Sat Nov  1 10:36:33 2025
+++ pkgsrc/doc/pkg-vulnerabilities      Sun Nov  2 16:01:22 2025
@@ -1,4 +1,4 @@
-# $NetBSD: pkg-vulnerabilities,v 1.650 2025/11/01 10:36:33 leot Exp $
+# $NetBSD: pkg-vulnerabilities,v 1.651 2025/11/02 16:01:22 wiz Exp $
 #
 #FORMAT 1.0.0
 #
@@ -28497,7 +28497,8 @@ zabbix-agent<6.0.18     code-injection  https
 gindent<2.2.14 heap-overflow   https://nvd.nist.gov/vuln/detail/CVE-2023-40305
 gindent<2.2.14 heap-overflow   https://nvd.nist.gov/vuln/detail/CVE-2024-0911
 git-base<2.6.1 sensitive-information-disclosure        https://nvd.nist.gov/vuln/detail/CVE-2024-50338
-git-base-[0-9]*        input-validation        https://nvd.nist.gov/vuln/detail/CVE-2024-52005
+# disputed: https://lore.kernel.org/git/aQd_iisOrwX909Fr%fruit.crustytoothpaste.net@localhost/T/#t
+#git-base-[0-9]*       input-validation        https://nvd.nist.gov/vuln/detail/CVE-2024-52005
 git-base<2.26.1        sensitive-information-disclosure        https://nvd.nist.gov/vuln/detail/CVE-2024-52006
 git-lfs<3.6.1  sensitive-information-disclosure        https://nvd.nist.gov/vuln/detail/CVE-2024-53263
 gitea<1.17.2   unspecified     https://nvd.nist.gov/vuln/detail/CVE-2022-38795

Prev by Date: CVS commit: pkgsrc/devel/netcdf
Next by Date: CVS commit: pkgsrc/devel/cargo-c
Previous by Thread: CVS commit: pkgsrc/devel/netcdf
Next by Thread: CVS commit: pkgsrc/devel/cargo-c
Indexes:

Home | Main Index | Thread Index | Old Index