pkgsrc-WIP-changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
gnurl-CVEs: fix some versions.
Module Name: pkgsrc-wip
Committed By: nikita <nikita%NetBSD.org@localhost>
Pushed By: nikita
Date: Mon Apr 4 16:41:47 2022 +0200
Changeset: dc3a8af1b2e2dd89aa5ea141b57ed36d3c76ca55
Modified Files:
gnurl/gnurl-CVEs
Log Message:
gnurl-CVEs: fix some versions.
To see a diff of this commit:
https://wip.pkgsrc.org/cgi-bin/gitweb.cgi?p=pkgsrc-wip.git;a=commitdiff;h=dc3a8af1b2e2dd89aa5ea141b57ed36d3c76ca55
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
diffstat:
gnurl/gnurl-CVEs | 19 +++++++++++--------
1 file changed, 11 insertions(+), 8 deletions(-)
diffs:
diff --git a/gnurl/gnurl-CVEs b/gnurl/gnurl-CVEs
index f28ba0d401..190a57f1d3 100644
--- a/gnurl/gnurl-CVEs
+++ b/gnurl/gnurl-CVEs
@@ -3,20 +3,23 @@ The following is a list of CVEs checked against since its
last release (7.72.0) against an upstream CVE list up until
7.82.0 with no warranty of completion or correctness.
-CVE-2020-8286 (fixed in cURL 7.74.0) does not apply (only applies if the designated TLS Backend is OpenSSL).
CVE-2020-8284 (fixed in cURL 7.74.0) does not apply, as gnurl is built without FTP support.
-CVE-2020-8285 (fixed in cURL 7.74.0) most likely does not apply for the same reason.
+CVE-2020-8285 (fixed in cURL 7.74.0) most likely does not apply, as gnurl is built without FTP support.
+CVE-2020-8286 (fixed in cURL 7.74.0) does not apply (only applies if the designated TLS Backend is OpenSSL).
+
CVE-2021-22876 (fixed in cURL 7.76.0) does not apply in the upstream user wip/gnunet, as it makes no use of CURLOPT_AUTOREFERER.
-CVE-2021-22890: ?
-CVE-2021-22897 (fixed in cURL 7.61.0) does not apply in the upstream user wip/gnunet, as it makes no use of CURLOPT_SSL_CIPHER_LIST.
-CVE-2021-22898 (fixed in cURL 7.61.0) does not apply, as gnurl is built without Telnet support.
+CVE-2021-22890 (fixed in cURL 7.76.0): ?
+
+CVE-2021-22897 (fixed in cURL 7.77.0) does not apply in the upstream user wip/gnunet, as it makes no use of CURLOPT_SSL_CIPHER_LIST.
+CVE-2021-22898 (fixed in cURL 7.77.0) does not apply, as gnurl is built without Telnet support.
CVE-2021-22901 (fixed in cURL 7.77.0) does not apply, as gnurl is built without OpenSSL.
-CVE-2021-22924: ?
-CVE-2021-22926 (fixed in cURL 7.78.0) most likely does not apply, as gnurl does not support being built on macOS built to use Secure Transport.
+
CVE-2021-22922 (fixed in cURL 7.78.0) does not apply, as gnurl is built without libmetalink.
CVE-2021-22923 (fixed in cURL 7.78.0) does not apply, as gnurl is built without libmetalink.
CVE-2021-22924 (fixed in cURL 7.78.0): ?
CVE-2021-22925 (fixed in cURL 7.78.0) does not apply, as gnurl is built without Telnet support.
+CVE-2021-22926 (fixed in cURL 7.78.0) most likely does not apply, as gnurl does not support being built on macOS built to use Secure Transport.
+
CVE-2021-22945 (fixed in cURL 7.79.0) does not apply, as the current gnurl release is based on curl 7.72.0 and did not enable experimental features.
CVE-2021-22946 (fixed in cURL 7.79.0) does not apply, as gnurl is built without fpt, pop3 and imap support.
-CVE-2021-22947 (fixed in cURL 7.79.0) does not apply, as gnurl is built without IMAP, POP3, SMTP and FTP support.
\ No newline at end of file
+CVE-2021-22947 (fixed in cURL 7.79.0) does not apply, as gnurl is built without IMAP, POP3, SMTP and FTP support.
Home |
Main Index |
Thread Index |
Old Index