CVS commit: pkgsrc/doc

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/doc
From: "Leonardo Taccari" <leot%netbsd.org@localhost>
Date: Wed, 10 Sep 2025 10:12:57 +0000

Module Name:    pkgsrc
Committed By:   leot
Date:           Wed Sep 10 10:12:57 UTC 2025

Modified Files:
        pkgsrc/doc: pkg-vulnerabilities

Log Message:
pkg-vulnerabilities: add last day CVEs

+ ffmpeg (no details regarding commits, probably also 8.0.0 is affected because
  there are no references in <https://ffmpeg.org/security.html>),
  libssh, py-installer, py-octoprint, shibboleth-sp,
  typo3


To generate a diff of this commit:
cvs rdiff -u -r1.543 -r1.544 pkgsrc/doc/pkg-vulnerabilities

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/doc/pkg-vulnerabilities
diff -u pkgsrc/doc/pkg-vulnerabilities:1.543 pkgsrc/doc/pkg-vulnerabilities:1.544
--- pkgsrc/doc/pkg-vulnerabilities:1.543        Tue Sep  9 15:48:36 2025
+++ pkgsrc/doc/pkg-vulnerabilities      Wed Sep 10 10:12:56 2025
@@ -1,4 +1,4 @@
-# $NetBSD: pkg-vulnerabilities,v 1.543 2025/09/09 15:48:36 leot Exp $
+# $NetBSD: pkg-vulnerabilities,v 1.544 2025/09/10 10:12:56 leot Exp $
 #
 #FORMAT 1.0.0
 #
@@ -27502,3 +27502,17 @@ sqlite3<3.50.3 integer-overflow        https://
 tcpreplay<4.5.3        divide-by-zero          https://nvd.nist.gov/vuln/detail/CVE-2025-9649
 vault<1.20.3   denial-of-service       https://nvd.nist.gov/vuln/detail/CVE-2025-6203
 wireshark<4.4.9        denial-of-service       https://nvd.nist.gov/vuln/detail/CVE-2025-9817
+ffmpeg6-[0-9]* denial-of-service       https://nvd.nist.gov/vuln/detail/CVE-2025-9951
+ffmpeg7-[0-9]* denial-of-service       https://nvd.nist.gov/vuln/detail/CVE-2025-9951
+ffmpeg8-[0-9]* denial-of-service       https://nvd.nist.gov/vuln/detail/CVE-2025-9951
+libssh<0.11.3  denial-of-service       https://nvd.nist.gov/vuln/detail/CVE-2025-8277
+py{27,39,310,311,312,313}-installer<6.0.0      privilege-escalation    https://nvd.nist.gov/vuln/detail/CVE-2025-59042
+py{27,39,310,311,312,313}-octoprint<1.11.3     command-injection       https://nvd.nist.gov/vuln/detail/CVE-2025-58180
+shibboleth-sp<3.5.1    sql-injection   https://nvd.nist.gov/vuln/detail/CVE-2025-9943
+php{56,74,81,82,83,84}-typo3<13.4.18   open-redirect           https://nvd.nist.gov/vuln/detail/CVE-2025-59013
+php{56,74,81,82,83,84}-typo3<13.4.18   denial-of-service       https://nvd.nist.gov/vuln/detail/CVE-2025-59014
+php{56,74,81,82,83,84}-typo3<13.4.18   brute-force-attack      https://nvd.nist.gov/vuln/detail/CVE-2025-59015
+php{56,74,81,82,83,84}-typo3<13.4.18   information-disclosure  https://nvd.nist.gov/vuln/detail/CVE-2025-59016
+php{56,74,81,82,83,84}-typo3<13.4.18   improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2025-59017
+php{56,74,81,82,83,84}-typo3<13.4.18   improper-access-control https://nvd.nist.gov/vuln/detail/CVE-2025-59018
+php{56,74,81,82,83,84}-typo3<13.4.18   information-disclosure  https://nvd.nist.gov/vuln/detail/CVE-2025-59019

Prev by Date: CVS commit: pkgsrc/news/usenet_reborn
Next by Date: CVS commit: pkgsrc/net/libasr
Previous by Thread: CVS commit: pkgsrc/news/usenet_reborn
Next by Thread: CVS commit: pkgsrc/net/libasr
Indexes:

Home | Main Index | Thread Index | Old Index