pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: pkgsrc/doc

Module Name:    pkgsrc
Committed By:   leot
Date:           Tue Oct 21 18:59:06 UTC 2025

Modified Files:
        pkgsrc/doc: pkg-vulnerabilities

Log Message:
pkg-vulnerabilities: add last 24 hours CVEs

+ libwebsockets (will be fixed in the next patch stable releases, added the next minor
  given that they are already in the minor branches),
  mbedtls, mongodb, trufflehog


To generate a diff of this commit:
cvs rdiff -u -r1.635 -r1.636 pkgsrc/doc/pkg-vulnerabilities

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: pkgsrc/doc/pkg-vulnerabilities
diff -u pkgsrc/doc/pkg-vulnerabilities:1.635 pkgsrc/doc/pkg-vulnerabilities:1.636
--- pkgsrc/doc/pkg-vulnerabilities:1.635        Tue Oct 21 12:32:16 2025
+++ pkgsrc/doc/pkg-vulnerabilities      Tue Oct 21 18:59:06 2025
@@ -1,4 +1,4 @@
-# $NetBSD: pkg-vulnerabilities,v 1.635 2025/10/21 12:32:16 leot Exp $
+# $NetBSD: pkg-vulnerabilities,v 1.636 2025/10/21 18:59:06 leot Exp $
 #
 #FORMAT 1.0.0
 #
@@ -28659,3 +28659,12 @@ radare2<6.0.0  memory-leak     https://nvd.ni
 squid<7.2      information-disclosure  https://nvd.nist.gov/vuln/detail/CVE-2025-62168
 xpdf<4.06      stack-overflow  https://nvd.nist.gov/vuln/detail/CVE-2025-11896
 bftpd-[0-9]*   heap-overflow   https://nvd.nist.gov/vuln/detail/CVE-2025-11947
+libwebsockets<4.3.7            use-after-free          https://nvd.nist.gov/vuln/detail/CVE-2025-11677
+libwebsockets>=4.4<4.4.2       use-after-free          https://nvd.nist.gov/vuln/detail/CVE-2025-11677
+libwebsockets<4.3.7            stack-overflow          https://nvd.nist.gov/vuln/detail/CVE-2025-11678
+libwebsockets>=4.4<4.4.2       stack-overflow          https://nvd.nist.gov/vuln/detail/CVE-2025-11678
+libwebsockets<4.4.2            out-of-bounds-read      https://nvd.nist.gov/vuln/detail/CVE-2025-11679
+libwebsockets<4.4.2            out-of-bounds-write     https://nvd.nist.gov/vuln/detail/CVE-2025-11680
+mbedtls<3.6.5          side-channel                    https://nvd.nist.gov/vuln/detail/CVE-2025-54764
+mongodb<7.0.25         use-after-free                  https://nvd.nist.gov/vuln/detail/CVE-2025-11979
+trufflehog<3.90.10     arbitrary-code-execution        https://nvd.nist.gov/vuln/detail/CVE-2025-41390
Home | Main Index | Thread Index | Old Index