gnurl-CVEs: fix some versions.

To: pkgsrc-wip-changes%NetBSD.org@localhost
Subject: gnurl-CVEs: fix some versions.
From: nikita <nikita%NetBSD.org@localhost>
Date: Mon, 04 Apr 2022 14:41:47 +0000

Module Name:	pkgsrc-wip
Committed By:	nikita <nikita%NetBSD.org@localhost>
Pushed By:	nikita
Date:		Mon Apr 4 16:41:47 2022 +0200
Changeset:	dc3a8af1b2e2dd89aa5ea141b57ed36d3c76ca55

Modified Files:
	gnurl/gnurl-CVEs

Log Message:
gnurl-CVEs: fix some versions.

To see a diff of this commit:
https://wip.pkgsrc.org/cgi-bin/gitweb.cgi?p=pkgsrc-wip.git;a=commitdiff;h=dc3a8af1b2e2dd89aa5ea141b57ed36d3c76ca55

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

diffstat:
 gnurl/gnurl-CVEs | 19 +++++++++++--------
 1 file changed, 11 insertions(+), 8 deletions(-)

diffs:
diff --git a/gnurl/gnurl-CVEs b/gnurl/gnurl-CVEs
index f28ba0d401..190a57f1d3 100644
--- a/gnurl/gnurl-CVEs
+++ b/gnurl/gnurl-CVEs
@@ -3,20 +3,23 @@ The following is a list of CVEs checked against since its
 last release (7.72.0) against an upstream CVE list up until
 7.82.0 with no warranty of completion or correctness.
 
-CVE-2020-8286 (fixed in cURL 7.74.0) does not apply (only applies if the designated TLS Backend is OpenSSL).
 CVE-2020-8284 (fixed in cURL 7.74.0) does not apply, as gnurl is built without FTP support.
-CVE-2020-8285 (fixed in cURL 7.74.0) most likely does not apply for the same reason.
+CVE-2020-8285 (fixed in cURL 7.74.0) most likely does not apply, as gnurl is built without FTP support.
+CVE-2020-8286 (fixed in cURL 7.74.0) does not apply (only applies if the designated TLS Backend is OpenSSL).
+
 CVE-2021-22876 (fixed in cURL 7.76.0) does not apply in the upstream user wip/gnunet, as it makes no use of CURLOPT_AUTOREFERER.
-CVE-2021-22890: ?
-CVE-2021-22897 (fixed in cURL 7.61.0) does not apply in the upstream user wip/gnunet, as it makes no use of CURLOPT_SSL_CIPHER_LIST.
-CVE-2021-22898 (fixed in cURL 7.61.0) does not apply, as gnurl is built without Telnet support.
+CVE-2021-22890 (fixed in cURL 7.76.0): ?
+
+CVE-2021-22897 (fixed in cURL 7.77.0) does not apply in the upstream user wip/gnunet, as it makes no use of CURLOPT_SSL_CIPHER_LIST.
+CVE-2021-22898 (fixed in cURL 7.77.0) does not apply, as gnurl is built without Telnet support.
 CVE-2021-22901 (fixed in cURL 7.77.0) does not apply, as gnurl is built without OpenSSL.
-CVE-2021-22924: ?
-CVE-2021-22926 (fixed in cURL 7.78.0) most likely does not apply, as gnurl does not support being built on macOS built to use Secure Transport.
+
 CVE-2021-22922 (fixed in cURL 7.78.0) does not apply, as gnurl is built without libmetalink.
 CVE-2021-22923 (fixed in cURL 7.78.0) does not apply, as gnurl is built without libmetalink.
 CVE-2021-22924 (fixed in cURL 7.78.0): ?
 CVE-2021-22925 (fixed in cURL 7.78.0) does not apply, as gnurl is built without Telnet support.
+CVE-2021-22926 (fixed in cURL 7.78.0) most likely does not apply, as gnurl does not support being built on macOS built to use Secure Transport.
+
 CVE-2021-22945 (fixed in cURL 7.79.0) does not apply, as the current gnurl release is based on curl 7.72.0 and did not enable experimental features.
 CVE-2021-22946 (fixed in cURL 7.79.0) does not apply, as gnurl is built without fpt, pop3 and imap support.
-CVE-2021-22947 (fixed in cURL 7.79.0) does not apply, as gnurl is built without IMAP, POP3, SMTP and FTP support.
\ No newline at end of file
+CVE-2021-22947 (fixed in cURL 7.79.0) does not apply, as gnurl is built without IMAP, POP3, SMTP and FTP support.

Prev by Date: gnurl-CVEs: CVE-2021-22946 does not apply.
Next by Date: libgtextutils: some minor improvements
Previous by Thread: gnurl-CVEs: CVE-2021-22946 does not apply.
Next by Thread: libgtextutils: some minor improvements
Indexes:

Home | Main Index | Thread Index | Old Index