pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/doc
Module Name: pkgsrc
Committed By: leot
Date: Thu May 29 08:12:01 UTC 2025
Modified Files:
pkgsrc/doc: pkg-vulnerabilities
Log Message:
pkg-vulnerabilities: Use CVE URL for last coreutils entry
In that way we can easily deduplicate it because in the pkgsrc-security
RT queue we get NVD URLs. CVEs also usually contains references.
To generate a diff of this commit:
cvs rdiff -u -r1.382 -r1.383 pkgsrc/doc/pkg-vulnerabilities
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/doc/pkg-vulnerabilities
diff -u pkgsrc/doc/pkg-vulnerabilities:1.382 pkgsrc/doc/pkg-vulnerabilities:1.383
--- pkgsrc/doc/pkg-vulnerabilities:1.382 Thu May 29 08:09:27 2025
+++ pkgsrc/doc/pkg-vulnerabilities Thu May 29 08:12:01 2025
@@ -1,4 +1,4 @@
-# $NetBSD: pkg-vulnerabilities,v 1.382 2025/05/29 08:09:27 leot Exp $
+# $NetBSD: pkg-vulnerabilities,v 1.383 2025/05/29 08:12:01 leot Exp $
#
#FORMAT 1.0.0
#
@@ -26201,7 +26201,7 @@ perl<5.41.13 permission-race https://nvd
ghostscript-gpl-[0-9]* passphrase-leakage https://nvd.nist.gov/vuln/detail/CVE-2025-48708
ghostscript-agpl<10.05.1 passphrase-leakage https://nvd.nist.gov/vuln/detail/CVE-2025-48708
libxslt<1.1.43 use-after-free https://nvd.nist.gov/vuln/detail/CVE-2025-24855
-coreutils<9.6nb1 heap-overflow https://cgit.git.savannah.gnu.org/cgit/coreutils.git/commit/?id=8c9602e3a145e9596dc1a63c6ed67865814b6633
+coreutils<9.6nb1 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-5278
openssl>=3.5<3.5.1 improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2025-4575
asterisk<18.26.2 email-spoofing https://nvd.nist.gov/vuln/detail/CVE-2025-47779
asterisk>=20<20.14.1 email-spoofing https://nvd.nist.gov/vuln/detail/CVE-2025-47779
Home |
Main Index |
Thread Index |
Old Index