pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/doc
Module Name: pkgsrc
Committed By: kim
Date: Sat Jun 22 12:52:25 UTC 2024
Modified Files:
pkgsrc/doc: pkg-vulnerabilities
Log Message:
doc: Update CVE-2022-29458 (ncurses)
The vulnerability only applies to ncurses 6.3 before patch 20220416,
but since pkgsrc went from 6.3 directly to 6.4, mark this as applying
to <6.4 to avoid having to come up with a fictional convention for
identifying the patch version.
To generate a diff of this commit:
cvs rdiff -u -r1.209 -r1.210 pkgsrc/doc/pkg-vulnerabilities
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/doc/pkg-vulnerabilities
diff -u pkgsrc/doc/pkg-vulnerabilities:1.209 pkgsrc/doc/pkg-vulnerabilities:1.210
--- pkgsrc/doc/pkg-vulnerabilities:1.209 Tue Jun 18 06:50:04 2024
+++ pkgsrc/doc/pkg-vulnerabilities Sat Jun 22 12:52:25 2024
@@ -1,4 +1,4 @@
-# $NetBSD: pkg-vulnerabilities,v 1.209 2024/06/18 06:50:04 wiz Exp $
+# $NetBSD: pkg-vulnerabilities,v 1.210 2024/06/22 12:52:25 kim Exp $
#
#FORMAT 1.0.0
#
@@ -23387,7 +23387,7 @@ go117<1.18.1 denial-of-service https://n
go118<1.18.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-27536
go117<1.17.9 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-24675
go118<1.18.1 denial-of-service https://nvd.nist.gov/vuln/detail/CVE-2022-24675
-ncurses-[0-9]* out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-29458
+ncurses<6.4 out-of-bounds-read https://nvd.nist.gov/vuln/detail/CVE-2022-29458
ghostscript-gpl-[0-9]* arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-25059
ghostscript-agpl<9.27 arbitrary-code-execution https://nvd.nist.gov/vuln/detail/CVE-2019-25059
redis<6.2.7 null-pointer-dereference https://nvd.nist.gov/vuln/detail/CVE-2022-24736
Home |
Main Index |
Thread Index |
Old Index