CVS commit: pkgsrc/doc

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/doc
From: "Leonardo Taccari" <leot%netbsd.org@localhost>
Date: Tue, 30 Dec 2025 11:56:20 +0000

Module Name:    pkgsrc
Committed By:   leot
Date:           Tue Dec 30 11:56:20 UTC 2025

Modified Files:
        pkgsrc/doc: pkg-vulnerabilities

Log Message:
pkg-vulnerabilities: add last 24-36 hours CVEs

+ binutils (no information from upstream (probably not shared) and old
  binutils release, assume not fixed),
  coturn (it will be fixed in 4.8.0, not yet released),
  libheif,
  ming (not fixed)


To generate a diff of this commit:
cvs rdiff -u -r1.693 -r1.694 pkgsrc/doc/pkg-vulnerabilities

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/doc/pkg-vulnerabilities
diff -u pkgsrc/doc/pkg-vulnerabilities:1.693 pkgsrc/doc/pkg-vulnerabilities:1.694
--- pkgsrc/doc/pkg-vulnerabilities:1.693        Mon Dec 29 11:18:09 2025
+++ pkgsrc/doc/pkg-vulnerabilities      Tue Dec 30 11:56:20 2025
@@ -1,4 +1,4 @@
-# $NetBSD: pkg-vulnerabilities,v 1.693 2025/12/29 11:18:09 leot Exp $
+# $NetBSD: pkg-vulnerabilities,v 1.694 2025/12/30 11:56:20 leot Exp $
 #
 #FORMAT 1.0.0
 #
@@ -29184,3 +29184,13 @@ php83<8.3.29   null-pointer-dereference        ht
 php84<8.4.16   null-pointer-dereference        https://nvd.nist.gov/vuln/detail/CVE-2025-14180
 gnupg2-[0-9]*  ui-spoofing             https://nvd.nist.gov/vuln/detail/CVE-2025-68972
 gnupg2-[0-9]*  out-of-bounds-write     https://nvd.nist.gov/vuln/detail/CVE-2025-68973
+binutils-[0-9]*        denial-of-service       https://nvd.nist.gov/vuln/detail/CVE-2025-66861
+binutils-[0-9]*        denial-of-service       https://nvd.nist.gov/vuln/detail/CVE-2025-66862
+binutils-[0-9]*        denial-of-service       https://nvd.nist.gov/vuln/detail/CVE-2025-66863
+binutils-[0-9]*        denial-of-service       https://nvd.nist.gov/vuln/detail/CVE-2025-66864
+binutils-[0-9]*        denial-of-service       https://nvd.nist.gov/vuln/detail/CVE-2025-66865
+binutils-[0-9]*        denial-of-service       https://nvd.nist.gov/vuln/detail/CVE-2025-66866
+coturn>=4.6.3<4.8.0    insufficiently-random-numbers   https://nvd.nist.gov/vuln/detail/CVE-2025-69217
+libheif<1.221.0        out-of-bounds-read      https://nvd.nist.gov/vuln/detail/CVE-2025-68431
+ming-[0-9]*    buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-66869
+ming-[0-9]*    buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-66877

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: CVS commit: pkgsrc/multimedia/t-rec
Previous by Thread: CVS commit: pkgsrc/doc
Next by Thread: CVS commit: pkgsrc/multimedia/t-rec
Indexes:

Home | Main Index | Thread Index | Old Index