pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/doc
Module Name: pkgsrc
Committed By: wiz
Date: Wed Nov 5 11:53:25 UTC 2025
Modified Files:
pkgsrc/doc: pkg-vulnerabilities
Log Message:
doc: comment out redis vuln, disputed
To generate a diff of this commit:
cvs rdiff -u -r1.655 -r1.656 pkgsrc/doc/pkg-vulnerabilities
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/doc/pkg-vulnerabilities
diff -u pkgsrc/doc/pkg-vulnerabilities:1.655 pkgsrc/doc/pkg-vulnerabilities:1.656
--- pkgsrc/doc/pkg-vulnerabilities:1.655 Wed Nov 5 09:03:45 2025
+++ pkgsrc/doc/pkg-vulnerabilities Wed Nov 5 11:53:25 2025
@@ -1,4 +1,4 @@
-# $NetBSD: pkg-vulnerabilities,v 1.655 2025/11/05 09:03:45 leot Exp $
+# $NetBSD: pkg-vulnerabilities,v 1.656 2025/11/05 11:53:25 wiz Exp $
#
#FORMAT 1.0.0
#
@@ -27237,7 +27237,8 @@ chromium<138.0.7204.168 heap-corruption
php{56,73,74,80,81,82,83,84}-xdebug-[0-9]* command-injection https://nvd.nist.gov/vuln/detail/CVE-2015-10141
apache<2.4.65 invalid-validation https://nvd.nist.gov/vuln/detail/CVE-2025-54090
py{27,39,310,311,312,313}-mezzanine<6.1.1 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-50481
-redis-[0-9]* memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-46686
+# disputed because abuse of the commands network protocol is not a violation of the Redis Security Model
+#redis-[0-9]* memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-46686
thunderbird<140 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2025-54/
thunderbird<128.12 multiple-vulnerabilities https://www.mozilla.org/security/advisories/mfsa2025-55/
firefox<141 multiple-vulnerabilities https://www.mozilla.org/en-US/security/advisories/mfsa2025-56/
Home |
Main Index |
Thread Index |
Old Index