CVS commit: pkgsrc/doc

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/doc
From: "Leonardo Taccari" <leot%netbsd.org@localhost>
Date: Sat, 3 Jan 2026 21:37:25 +0000

Module Name:    pkgsrc
Committed By:   leot
Date:           Sat Jan  3 21:37:25 UTC 2026

Modified Files:
        pkgsrc/doc: pkg-vulnerabilities

Log Message:
pkg-vulnerabilities: add last 24-36 hours CVEs

+ cpp-httplib, gitea, gpsd, libtpms, messagelib,
  wabt (not fixed)

(Same of -r1.698 but without removing most comments!)


To generate a diff of this commit:
cvs rdiff -u -r1.699 -r1.700 pkgsrc/doc/pkg-vulnerabilities

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/doc/pkg-vulnerabilities
diff -u pkgsrc/doc/pkg-vulnerabilities:1.699 pkgsrc/doc/pkg-vulnerabilities:1.700
--- pkgsrc/doc/pkg-vulnerabilities:1.699        Sat Jan  3 21:36:23 2026
+++ pkgsrc/doc/pkg-vulnerabilities      Sat Jan  3 21:37:25 2026
@@ -1,4 +1,4 @@
-# $NetBSD: pkg-vulnerabilities,v 1.699 2026/01/03 21:36:23 leot Exp $
+# $NetBSD: pkg-vulnerabilities,v 1.700 2026/01/03 21:37:25 leot Exp $
 #
 #FORMAT 1.0.0
 #
@@ -29219,3 +29219,11 @@ sox-[0-9]*     floating-point-exception        http
 lua51-[0-9]*   eol             https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
 lua52-[0-9]*   eol             https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
 lua53-[0-9]*   eol             https://ftp.NetBSD.org/pub/NetBSD/packages/vulns/eol-packages
+cpp-httplib<0.30.0     server-side-request-forgery     https://nvd.nist.gov/vuln/detail/CVE-2026-21428
+gitea<1.25.2   timing-side-channel     https://nvd.nist.gov/vuln/detail/CVE-2025-69413
+gpsd<3.27.1    out-of-bounds-write     https://nvd.nist.gov/vuln/detail/CVE-2025-67268
+gpsd<3.27.1    denial-of-service       https://nvd.nist.gov/vuln/detail/CVE-2025-67269
+libtpms<0.10.2 insufficiently-random-numbers   https://nvd.nist.gov/vuln/detail/CVE-2026-21444
+messagelib<25.11.90    improper-certificate-validation https://nvd.nist.gov/vuln/detail/CVE-2025-69412
+wabt-[0-9]*    memory-corruption       https://nvd.nist.gov/vuln/detail/CVE-2025-15411
+wabt-[0-9]*    out-of-bounds-read      https://nvd.nist.gov/vuln/detail/CVE-2025-15412

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: CVS commit: pkgsrc/doc
Previous by Thread: CVS commit: pkgsrc/doc
Next by Thread: CVS commit: pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index