CVS commit: pkgsrc/doc

["Thomas Klausner" <wiz%netbsd.org@localhost>]

Module Name:    pkgsrc
Committed By:   wiz
Date:           Wed Jan 15 12:28:39 UTC 2025

Modified Files:
        pkgsrc/doc: TODO pkg-vulnerabilities

Log Message:
doc: new pam-u2f release, fixing CVE-2025-23013


To generate a diff of this commit:
cvs rdiff -u -r1.25317 -r1.25318 pkgsrc/doc/TODO
cvs rdiff -u -r1.294 -r1.295 pkgsrc/doc/pkg-vulnerabilities

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/doc/TODO
diff -u pkgsrc/doc/TODO:1.25317 pkgsrc/doc/TODO:1.25318
--- pkgsrc/doc/TODO:1.25317     Tue Jan 14 19:30:15 2025
+++ pkgsrc/doc/TODO     Wed Jan 15 12:28:38 2025
@@ -1,4 +1,4 @@
-$NetBSD: TODO,v 1.25317 2025/01/14 19:30:15 wiz Exp $
+$NetBSD: TODO,v 1.25318 2025/01/15 12:28:38 wiz Exp $
 
 Suggested new packages
 ======================
@@ -1034,6 +1034,7 @@ For possible Perl packages updates, see 
        o packagekit-0.5.3
        o pam-krb5-4.10
        o pam-passwdqc-2.0.2
+       o pam-u2f-1.3.1
        o papirus-folders-1.8.0
        o parrot-8.1.0
        o passenger-6.0.20

Index: pkgsrc/doc/pkg-vulnerabilities
diff -u pkgsrc/doc/pkg-vulnerabilities:1.294 pkgsrc/doc/pkg-vulnerabilities:1.295
--- pkgsrc/doc/pkg-vulnerabilities:1.294        Tue Jan 14 20:42:02 2025
+++ pkgsrc/doc/pkg-vulnerabilities      Wed Jan 15 12:28:39 2025
@@ -1,4 +1,4 @@
-# $NetBSD: pkg-vulnerabilities,v 1.294 2025/01/14 20:42:02 wiz Exp $
+# $NetBSD: pkg-vulnerabilities,v 1.295 2025/01/15 12:28:39 wiz Exp $
 #
 #FORMAT 1.0.0
 #
@@ -26126,3 +26126,4 @@ vim<9.1.1003    heap-buffer-overflow    https:
 rsync<3.4.0    file-leak       https://nvd.nist.gov/vuln/detail/CVE-2024-12086
 rsync<3.4.0    path-traversal  https://nvd.nist.gov/vuln/detail/CVE-2024-12087
 git-base<2.48.1        missing-url-sanitizing  https://nvd.nist.gov/vuln/detail/CVE-2024-50349
+pam-u2f<1.3.1  authentication-bypass           https://nvd.nist.gov/vuln/detail/CVE-2025-23013