pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/doc
Module Name: pkgsrc
Committed By: leot
Date: Wed Oct 1 20:16:55 UTC 2025
Modified Files:
pkgsrc/doc: pkg-vulnerabilities
Log Message:
pkg-vulnerabilities: add (other part of) last weeks CVEs
+ openssl,
podman (no useful details contained, unclear if fixed or not),
py-authlib,
py-pip (fixed upstream, no stable release with fix),
py-jupyterlab,
py-torch (CVE-2025-55551, CVE-2025-55552, CVE-2025-55554 not fixed)
To generate a diff of this commit:
cvs rdiff -u -r1.565 -r1.566 pkgsrc/doc/pkg-vulnerabilities
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/doc/pkg-vulnerabilities
diff -u pkgsrc/doc/pkg-vulnerabilities:1.565 pkgsrc/doc/pkg-vulnerabilities:1.566
--- pkgsrc/doc/pkg-vulnerabilities:1.565 Wed Oct 1 19:56:01 2025
+++ pkgsrc/doc/pkg-vulnerabilities Wed Oct 1 20:16:54 2025
@@ -1,4 +1,4 @@
-# $NetBSD: pkg-vulnerabilities,v 1.565 2025/10/01 19:56:01 leot Exp $
+# $NetBSD: pkg-vulnerabilities,v 1.566 2025/10/01 20:16:54 leot Exp $
#
#FORMAT 1.0.0
#
@@ -27660,3 +27660,22 @@ openbabel-[0-9]* null-pointer-dereferenc
openbabel-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-10999
openbabel-[0-9]* null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2025-11000
opengrok<1.14.2 cross-site-scripting https://nvd.nist.gov/vuln/detail/CVE-2025-30755
+openssl<3.5.4 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-9230
+openssl<3.5.4 timing-side-channel https://nvd.nist.gov/vuln/detail/CVE-2025-9231
+openssl<3.5.4 out-of-bounds-write https://nvd.nist.gov/vuln/detail/CVE-2025-9232
+podman-[0-9]* file-permissions https://nvd.nist.gov/vuln/detail/CVE-2025-4953
+py{27,39,310,311,312,313}-authlib<1.6.4 security-bypass https://nvd.nist.gov/vuln/detail/CVE-2025-59420
+py{27,39,310,311,312,313}-pip-[0-9]* symlink-attack https://nvd.nist.gov/vuln/detail/CVE-2025-8869
+py{27,39,310,311,312,313}-jupyterlab<4.4.8 input-validation https://nvd.nist.gov/vuln/detail/CVE-2025-59842
+py{27,39,310,311,312,313}-torch<2.8.0 incorrect-calculation https://nvd.nist.gov/vuln/detail/CVE-2025-46148
+py{27,39,310,311,312,313}-torch<2.7.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-46149
+py{27,39,310,311,312,313}-torch<2.7.0 incorrect-calculation https://nvd.nist.gov/vuln/detail/CVE-2025-46150
+py{27,39,310,311,312,313}-torch<2.7.0 incorrect-calculation https://nvd.nist.gov/vuln/detail/CVE-2025-46152
+py{27,39,310,311,312,313}-torch<2.7.0 unspecified https://nvd.nist.gov/vuln/detail/CVE-2025-46153
+py{27,39,310,311,312,313}-torch-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-55551
+py{27,39,310,311,312,313}-torch-[0-9]* unspecified https://nvd.nist.gov/vuln/detail/CVE-2025-55552
+py{27,39,310,311,312,313}-torch<2.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-55553
+py{27,39,310,311,312,313}-torch-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2025-55554
+py{27,39,310,311,312,313}-torch<2.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-55557
+py{27,39,310,311,312,313}-torch<2.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-55558
+py{27,39,310,311,312,313}-torch<2.8.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2025-55560
Home |
Main Index |
Thread Index |
Old Index