gnurl: Add link to upstream statement

To: pkgsrc-wip-changes%NetBSD.org@localhost
Subject: gnurl: Add link to upstream statement
From: nikita <nikita%NetBSD.org@localhost>
Date: Fri, 08 Apr 2022 19:52:02 +0000

Module Name:	pkgsrc-wip
Committed By:	nikita <nikita%NetBSD.org@localhost>
Pushed By:	nikita
Date:		Fri Apr 8 21:52:02 2022 +0200
Changeset:	2be3dccd9b47d482c762a4e95f765878cacf707e

Modified Files:
	gnurl/gnurl-CVEs

Log Message:
gnurl: Add link to upstream statement

To see a diff of this commit:
https://wip.pkgsrc.org/cgi-bin/gitweb.cgi?p=pkgsrc-wip.git;a=commitdiff;h=2be3dccd9b47d482c762a4e95f765878cacf707e

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

diffstat:
 gnurl/gnurl-CVEs | 3 +++
 1 file changed, 3 insertions(+)

diffs:
diff --git a/gnurl/gnurl-CVEs b/gnurl/gnurl-CVEs
index 190a57f1d3..7078c8dbab 100644
--- a/gnurl/gnurl-CVEs
+++ b/gnurl/gnurl-CVEs
@@ -3,6 +3,9 @@ The following is a list of CVEs checked against since its
 last release (7.72.0) against an upstream CVE list up until
 7.82.0 with no warranty of completion or correctness.
 
+For all CVEs marked "?" see the following discussion with upstream:
+https://lists.gnu.org/archive/html/gnunet-developers/2022-04/msg00022.html
+
 CVE-2020-8284 (fixed in cURL 7.74.0) does not apply, as gnurl is built without FTP support.
 CVE-2020-8285 (fixed in cURL 7.74.0) most likely does not apply, as gnurl is built without FTP support.
 CVE-2020-8286 (fixed in cURL 7.74.0) does not apply (only applies if the designated TLS Backend is OpenSSL).

Prev by Date: gnunet: hopefully fix services not communicating with each other.
Next by Date: remove unnecessary wip comment from MESSAGE
Previous by Thread: gnunet: hopefully fix services not communicating with each other.
Next by Thread: remove unnecessary wip comment from MESSAGE
Indexes:

Home | Main Index | Thread Index | Old Index