pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/doc
Module Name: pkgsrc
Committed By: leot
Date: Thu Jul 17 09:38:19 UTC 2025
Modified Files:
pkgsrc/doc: pkg-vulnerabilities
Log Message:
pkg-vulnerabilities: Add recent CVEs
+ bind, chromium, mysql-client, mysql-cluster, mysql-server,
openjdk{11,17,21}, sqlite3, unbound, vim,
xenkernel{415,418} (fixed via XSA-470 patch, no stable releases with patch)
To generate a diff of this commit:
cvs rdiff -u -r1.469 -r1.470 pkgsrc/doc/pkg-vulnerabilities
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/doc/pkg-vulnerabilities
diff -u pkgsrc/doc/pkg-vulnerabilities:1.469 pkgsrc/doc/pkg-vulnerabilities:1.470
--- pkgsrc/doc/pkg-vulnerabilities:1.469 Wed Jul 16 21:44:36 2025
+++ pkgsrc/doc/pkg-vulnerabilities Thu Jul 17 09:38:19 2025
@@ -1,4 +1,4 @@
-# $NetBSD: pkg-vulnerabilities,v 1.469 2025/07/16 21:44:36 wiz Exp $
+# $NetBSD: pkg-vulnerabilities,v 1.470 2025/07/17 09:38:19 leot Exp $
#
#FORMAT 1.0.0
#
@@ -27164,3 +27164,20 @@ py{27,39,310,311,312,313}-aiohttp<3.12.1
roundup<2.5.0 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-53865
p5-Plack-Middleware-Session<0.35 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2025-40923
p5-Authen-SASL<2.1800nb2 insufficiently-random-numbers https://nvd.nist.gov/vuln/detail/CVE-2025-40918
+bind>=9.20<9.20.11 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-40777
+chromium<138.0.7204.157 sandbox-escape https://nvd.nist.gov/vuln/detail/CVE-2025-6558
+chromium<138.0.7204.157 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-7656
+chromium<138.0.7204.157 heap-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-7657
+mysql-client<8.0.43 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2025.html#AppendixMSQL
+mysql-cluster<8.0.43 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2025.html#AppendixMSQL
+mysql-server<8.0.43 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2025.html#AppendixMSQL
+openjdk11<11.0.28 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2025.html#AppendixJAVA
+openjdk17<17.0.16 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2025.html#AppendixJAVA
+openjdk21<21.0.8 multiple-vulnerabilities https://www.oracle.com/security-alerts/cpujul2025.html#AppendixJAVA
+php{56,73,74,80,81,82,83,84}-tiki6<14.2 command-injection https://nvd.nist.gov/vuln/detail/CVE-2025-34113
+sqlite3<3.50.2 memory-corruption https://nvd.nist.gov/vuln/detail/CVE-2025-6965
+unbound<1.23.1 cache-poisoning https://nvd.nist.gov/vuln/detail/CVE-2025-5994
+vim<9.1.1552 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2025-53905
+vim<9.1.1551 path-traversal https://nvd.nist.gov/vuln/detail/CVE-2025-53906
+xenkernel415-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-27465
+xenkernel418-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-27465
Home |
Main Index |
Thread Index |
Old Index