pkgsrc-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: pkgsrc/doc



Module Name:    pkgsrc
Committed By:   nia
Date:           Mon Feb  5 20:00:57 UTC 2024

Modified Files:
        pkgsrc/doc: pkg-vulnerabilities

Log Message:
libheif bug fixed according to linked github issue

(which is strangely still open, but mentions that it was fixed
in commit bca0162018df9a32d21c05aad1fa203881fa7813, introduced in 1.7.0)


To generate a diff of this commit:
cvs rdiff -u -r1.114 -r1.115 pkgsrc/doc/pkg-vulnerabilities

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/doc/pkg-vulnerabilities
diff -u pkgsrc/doc/pkg-vulnerabilities:1.114 pkgsrc/doc/pkg-vulnerabilities:1.115
--- pkgsrc/doc/pkg-vulnerabilities:1.114        Mon Feb  5 19:58:14 2024
+++ pkgsrc/doc/pkg-vulnerabilities      Mon Feb  5 20:00:56 2024
@@ -1,4 +1,4 @@
-# $NetBSD: pkg-vulnerabilities,v 1.114 2024/02/05 19:58:14 nia Exp $
+# $NetBSD: pkg-vulnerabilities,v 1.115 2024/02/05 20:00:56 nia Exp $
 #
 #FORMAT 1.0.0
 #
@@ -22339,7 +22339,7 @@ bind>=9.16<9.16.22      denial-of-service       htt
 htmldoc<1.9.12         denial-of-service       https://nvd.nist.gov/vuln/detail/CVE-2021-40985
 grafana>=8.0.0<8.2.3   cross-site-scripting    https://nvd.nist.gov/vuln/detail/CVE-2021-41174
 libxls-[0-9]*          denial-of-service       https://nvd.nist.gov/vuln/detail/CVE-2021-27836
-libheif-[0-9]*         heap-overflow           https://nvd.nist.gov/vuln/detail/CVE-2020-23109
+libheif<1.7.0          heap-overflow           https://nvd.nist.gov/vuln/detail/CVE-2020-23109
 cryptopp-[0-9]*                side-channel            https://nvd.nist.gov/vuln/detail/CVE-2021-43398
 vim<8.2.3581           heap-overflow           https://nvd.nist.gov/vuln/detail/CVE-2021-3928
 vim<8.2.3582           stack-overflow          https://nvd.nist.gov/vuln/detail/CVE-2021-3927



Home | Main Index | Thread Index | Old Index