pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/doc
Module Name: pkgsrc
Committed By: kikadf
Date: Fri Oct 17 06:16:05 UTC 2025
Modified Files:
pkgsrc/doc: pkg-vulnerabilities
Log Message:
doc/pkg-vulnerabilities: restrict advancecomp patterns
CVE-2019-8379: fixed in 2.3, https://github.com/amadvance/advancecomp/commit/7894a6e684ce68ddff9f4f4919ab8e3911ac8040
CVE-2019-8383: fixed in 2.3, https://github.com/amadvance/advancecomp/commit/78a56b21340157775be2462a19276b4d31d2bd01
CVE-2019-9210: fixed in 2.3, https://github.com/amadvance/advancecomp/commit/fcf71a89265c78fc26243574dda3a872574a5c02
CVE-2022-35014, CVE-2022-35015, CVE-2022-35016, CVE-2022-35017, CVE-2022-35018, CVE-2022-35019 and
CVE-2022-35020: fixed in 2.4, https://github.com/amadvance/advancecomp/commit/f4fc0677527bdc7d1b78b1cc43974df7fe849d43
To generate a diff of this commit:
cvs rdiff -u -r1.625 -r1.626 pkgsrc/doc/pkg-vulnerabilities
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/doc/pkg-vulnerabilities
diff -u pkgsrc/doc/pkg-vulnerabilities:1.625 pkgsrc/doc/pkg-vulnerabilities:1.626
--- pkgsrc/doc/pkg-vulnerabilities:1.625 Thu Oct 16 21:28:01 2025
+++ pkgsrc/doc/pkg-vulnerabilities Fri Oct 17 06:16:05 2025
@@ -1,4 +1,4 @@
-# $NetBSD: pkg-vulnerabilities,v 1.625 2025/10/16 21:28:01 leot Exp $
+# $NetBSD: pkg-vulnerabilities,v 1.626 2025/10/17 06:16:05 kikadf Exp $
#
#FORMAT 1.0.0
#
@@ -16787,8 +16787,8 @@ hiawatha<10.8.4 directory-traversal htt
tcpreplay<4.3.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-8376
tcpreplay<4.3.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-8377
tcpreplay<4.3.2 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-8381
-advancecomp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-8379
-advancecomp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-8383
+advancecomp<2.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-8379
+advancecomp<2.3 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-8383
hdf5-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-8396
hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-8397
hdf5-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2019-8398
@@ -16876,7 +16876,7 @@ openssl<1.0.2r oracle-attack https://nv
podofo<0.9.6 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2019-9199
poppler<0.75.0 heap-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9200
podofo-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2018-20797
-advancecomp-[0-9]* integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9210
+advancecomp<2.3 integer-overflow https://nvd.nist.gov/vuln/detail/CVE-2019-9210
pspp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9211
wireshark<2.4.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9208
wireshark>=2.6<2.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9208
@@ -16885,7 +16885,7 @@ wireshark>=2.6<2.6.7 denial-of-service h
wireshark<2.4.13 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9214
wireshark>=2.6<2.6.7 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9214
liblive<20190227 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-9215
-ikiwiki<3.20190228 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-9187
+ikiwiki<3.20190228 server-side-request-forgery https://nvd.nist.gov/vuln/detail/CVE-2019-9187
asterisk>=15.0<15.7.2 denial-of-service https://downloads.asterisk.org/pub/security/AST-2019-001.html
asterisk>=16.0<16.2.1 denial-of-service https://downloads.asterisk.org/pub/security/AST-2019-001.html
nodejs<6.17.0 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2019-5737
@@ -24052,13 +24052,13 @@ redis>=7<7.0.8 denial-of-service https:/
redis>=6.0<6.0.17 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-35977
redis>=6.2<6.2.9 denial-of-service https://nvd.nist.gov/vuln/detail/cve-2022-35977
redis>=7<7.0.8 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-35977
-advancecomp-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-35020
-advancecomp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-35019
-advancecomp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-35018
-advancecomp-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-35017
-advancecomp-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-35016
-advancecomp-[0-9]* heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-35015
-advancecomp-[0-9]* denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-35014
+advancecomp<2.4 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-35020
+advancecomp<2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-35019
+advancecomp<2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-35018
+advancecomp<2.4 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-35017
+advancecomp<2.4 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-35016
+advancecomp<2.4 heap-based-buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-35015
+advancecomp<2.4 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-35014
nasm-[0-9]* stack-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-41420
nasm<2.16 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-46457
nasm-[0-9]* buffer-overflow https://nvd.nist.gov/vuln/detail/CVE-2022-46456
Home |
Main Index |
Thread Index |
Old Index