libxls: extend CVE list

To: pkgsrc-wip-changes%NetBSD.org@localhost
Subject: libxls: extend CVE list
From: Sijmen J. Mulder <ik%sjmulder.nl@localhost>
Date: Wed, 09 Jan 2019 13:46:20 +0000

Module Name:	pkgsrc-wip
Committed By:	Sijmen J. Mulder <ik%sjmulder.nl@localhost>
Pushed By:	sjmulder
Date:		Wed Jan 9 14:46:20 2019 +0100
Changeset:	1e6a0a277b928672cef3e83d3e0896f0b1622c5b

Modified Files:
	libxls/TODO

Log Message:
libxls: extend CVE list

To see a diff of this commit:
https://wip.pkgsrc.org/cgi-bin/gitweb.cgi?p=pkgsrc-wip.git;a=commitdiff;h=1e6a0a277b928672cef3e83d3e0896f0b1622c5b

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

diffstat:
 libxls/TODO | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diffs:
diff --git a/libxls/TODO b/libxls/TODO
index 73fb4a1c65..c1736a4996 100644
--- a/libxls/TODO
+++ b/libxls/TODO
@@ -1,2 +1,8 @@
-This package has known vulnerabilities, please investigate and fix if possible:
-  CVE-2018-20450, CVE-2018-20452
+Several known vulnerabilities, but fixed upstream. Patches need to be
+incorporated.
+
+CVE-2017-12110 https://github.com/evanmiller/libxls/issues/2
+CVE-2017-12111 https://github.com/evanmiller/libxls/issues/3
+CVE-2017-2919 https://github.com/evanmiller/libxls/issues/4
+CVE-2017-2897 https://github.com/evanmiller/libxls/issues/5
+CVE-2017-2896 https://github.com/evanmiller/libxls/issues/6

Prev by Date: rename xtrackcad to match the upstream name.
Next by Date: lgogdownloader: bump version after release
Previous by Thread: rename xtrackcad to match the upstream name.
Next by Thread: lgogdownloader: bump version after release
Indexes:

Home | Main Index | Thread Index | Old Index