diff options
Diffstat (limited to 'security')
| -rw-r--r-- | security/apg/Makefile | 3 | ||||
| -rw-r--r-- | security/aws-c-auth/Makefile | 2 | ||||
| -rw-r--r-- | security/aws-c-auth/distinfo | 6 | ||||
| -rw-r--r-- | security/certspotter/Makefile | 3 | ||||
| -rw-r--r-- | security/gauth/Makefile | 4 | ||||
| -rw-r--r-- | security/git-credential-gopass/Makefile | 3 | ||||
| -rw-r--r-- | security/lego/Makefile | 3 | ||||
| -rw-r--r-- | security/lego/distinfo | 10 | ||||
| -rw-r--r-- | security/local-php-security-checker/Makefile | 4 | ||||
| -rw-r--r-- | security/nss/Makefile | 2 | ||||
| -rw-r--r-- | security/nss/distinfo | 6 | ||||
| -rw-r--r-- | security/openvpn-auth-oauth2/Makefile | 4 | ||||
| -rw-r--r-- | security/openvpn-devel/Makefile | 4 | ||||
| -rw-r--r-- | security/openvpn-devel/distinfo | 6 | ||||
| -rw-r--r-- | security/opkssh/Makefile | 2 | ||||
| -rw-r--r-- | security/s2n-tls/Makefile | 2 | ||||
| -rw-r--r-- | security/s2n-tls/distinfo | 6 | ||||
| -rw-r--r-- | security/sshesame/Makefile | 2 | ||||
| -rw-r--r-- | security/step-certificates/Makefile | 3 | ||||
| -rw-r--r-- | security/step-cli/Makefile | 3 | ||||
| -rw-r--r-- | security/trezord/Makefile | 3 | ||||
| -rw-r--r-- | security/trivy/Makefile | 3 | ||||
| -rw-r--r-- | security/trivy/distinfo | 10 | ||||
| -rw-r--r-- | security/vuxml/vuln/2025.xml | 172 |
24 files changed, 226 insertions, 40 deletions
diff --git a/security/apg/Makefile b/security/apg/Makefile index 2f17bb03d649..2025c0417726 100644 --- a/security/apg/Makefile +++ b/security/apg/Makefile @@ -18,6 +18,9 @@ GH_ACCOUNT= wneessen GH_PROJECT= apg-go GH_TUPLE= wneessen:go-hibp:v1.0.6:wneessen_go_hibp/vendor/github.com/wneessen/go-hibp +DEPRECATED= Uses old go, but try building without USES=go:someversion +EXPIRATION_DATE=2026-01-01 + GO_PKGNAME= github.com/${GH_ACCOUNT}/${GH_PROJECT} GO_TARGET= ./cmd/${PORTNAME} diff --git a/security/aws-c-auth/Makefile b/security/aws-c-auth/Makefile index 2f522470ecf4..74328cc0f17d 100644 --- a/security/aws-c-auth/Makefile +++ b/security/aws-c-auth/Makefile @@ -1,6 +1,6 @@ PORTNAME= aws-c-auth DISTVERSIONPREFIX= v -DISTVERSION= 0.9.2 +DISTVERSION= 0.9.3 CATEGORIES= security MAINTAINER= eduardo@FreeBSD.org diff --git a/security/aws-c-auth/distinfo b/security/aws-c-auth/distinfo index b721cfeb373d..a54e929c9948 100644 --- a/security/aws-c-auth/distinfo +++ b/security/aws-c-auth/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1763592265 -SHA256 (awslabs-aws-c-auth-v0.9.2_GH0.tar.gz) = 1925c0032321969ccb1333d9cfdba1564d705e64c899265613c9d7841ba66cc1 -SIZE (awslabs-aws-c-auth-v0.9.2_GH0.tar.gz) = 280216 +TIMESTAMP = 1764967115 +SHA256 (awslabs-aws-c-auth-v0.9.3_GH0.tar.gz) = e7ad0abad2b2b4211483e6a57cf8ccb9b56b5c6bd10e94864566fd1dcd85dafd +SIZE (awslabs-aws-c-auth-v0.9.3_GH0.tar.gz) = 280180 diff --git a/security/certspotter/Makefile b/security/certspotter/Makefile index 1e72e32655ca..f66ed4525249 100644 --- a/security/certspotter/Makefile +++ b/security/certspotter/Makefile @@ -15,6 +15,9 @@ USE_RC_SUBR= certspotter GO_MODULE= software.sslmate.com/src/certspotter GO_TARGET= ./cmd/${PORTNAME}:${PREFIX}/sbin/${PORTNAME} +DEPRECATED= Uses old go, but try building without USES=go:someversion +EXPIRATION_DATE=2026-01-01 + CERTSPOTTER_USER?= certspotter CERTSPOTTER_GROUP?= certspotter diff --git a/security/gauth/Makefile b/security/gauth/Makefile index 217881711ace..9cdb9b3113bb 100644 --- a/security/gauth/Makefile +++ b/security/gauth/Makefile @@ -1,7 +1,7 @@ PORTNAME= gauth DISTVERSIONPREFIX= v DISTVERSION= 1.5.0 -PORTREVISION= 4 +PORTREVISION= 5 CATEGORIES= security MAINTAINER= nxjoseph@protonmail.com @@ -12,7 +12,7 @@ WWW= https://github.com/pcarrier/gauth \ LICENSE= ISCL LICENSE_FILE= ${WRKSRC}/LICENSE -USES= go:1.23,modules +USES= go:modules GO_MODULE= github.com/pcarrier/gauth diff --git a/security/git-credential-gopass/Makefile b/security/git-credential-gopass/Makefile index 31ee815c9fd9..613391333411 100644 --- a/security/git-credential-gopass/Makefile +++ b/security/git-credential-gopass/Makefile @@ -1,6 +1,7 @@ PORTNAME= git-credential-gopass DISTVERSIONPREFIX= v DISTVERSION= 1.16.0 +PORTREVISION= 1 CATEGORIES= security MAINTAINER= ehaupt@FreeBSD.org @@ -10,7 +11,7 @@ WWW= https://github.com/gopasspw/git-credential-gopass LICENSE= MIT LICENSE_FILE= ${WRKSRC}/LICENSE -USES= go:1.22,modules +USES= go:modules USE_GITHUB= yes GH_ACCOUNT= gopasspw diff --git a/security/lego/Makefile b/security/lego/Makefile index 50ac850f4504..180e0df2aa65 100644 --- a/security/lego/Makefile +++ b/security/lego/Makefile @@ -1,7 +1,6 @@ PORTNAME= lego DISTVERSIONPREFIX= v -DISTVERSION= 4.28.1 -PORTREVISION= 1 +DISTVERSION= 4.29.0 CATEGORIES= security MAINTAINER= matt@matthoran.com diff --git a/security/lego/distinfo b/security/lego/distinfo index 66aebb0a2db1..1e9f5c6269e4 100644 --- a/security/lego/distinfo +++ b/security/lego/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1762612035 -SHA256 (go/security_lego/lego-v4.28.1/v4.28.1.mod) = 08b0178bf0929722a39e7bc70a79701ffd726fd3708efccc64ebb36a201ffb33 -SIZE (go/security_lego/lego-v4.28.1/v4.28.1.mod) = 10956 -SHA256 (go/security_lego/lego-v4.28.1/v4.28.1.zip) = a44e2b3b41d9384b89d9f63c5b3d3dd2ee2b2bf9023c836f948181546d4b5d3a -SIZE (go/security_lego/lego-v4.28.1/v4.28.1.zip) = 1681655 +TIMESTAMP = 1764930207 +SHA256 (go/security_lego/lego-v4.29.0/v4.29.0.mod) = a17bdec8e819a9e763c3e7fba4805146f738fa430dda64bc0c64cd617afd25f4 +SIZE (go/security_lego/lego-v4.29.0/v4.29.0.mod) = 11062 +SHA256 (go/security_lego/lego-v4.29.0/v4.29.0.zip) = 96639130d037324c87f6165d95256f03edfe403a1518124424051e4829b125ed +SIZE (go/security_lego/lego-v4.29.0/v4.29.0.zip) = 1718850 diff --git a/security/local-php-security-checker/Makefile b/security/local-php-security-checker/Makefile index 7d0b72cf4ac3..b5f2db86ce55 100644 --- a/security/local-php-security-checker/Makefile +++ b/security/local-php-security-checker/Makefile @@ -1,7 +1,7 @@ PORTNAME= local-php-security-checker DISTVERSIONPREFIX= v DISTVERSION= 2.1.3 -PORTREVISION= 7 +PORTREVISION= 8 CATEGORIES= security MASTER_SITES= GH @@ -12,7 +12,7 @@ WWW= https://github.com/fabpot/local-php-security-checker LICENSE= AGPLv3 LICENSE_FILE= ${WRKSRC}/LICENSE -USES= go:1.22,modules +USES= go:modules USE_GITHUB= yes GH_ACCOUNT= fabpot diff --git a/security/nss/Makefile b/security/nss/Makefile index 0aa58183d688..58a3877b77a1 100644 --- a/security/nss/Makefile +++ b/security/nss/Makefile @@ -1,5 +1,5 @@ PORTNAME= nss -PORTVERSION= 3.118.1 +PORTVERSION= 3.119 CATEGORIES= security MASTER_SITES= MOZILLA/security/${PORTNAME}/releases/${DISTNAME:tu:C/[-.]/_/g}_RTM/src diff --git a/security/nss/distinfo b/security/nss/distinfo index af21eaf40bc6..47aab9c33814 100644 --- a/security/nss/distinfo +++ b/security/nss/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1763494141 -SHA256 (nss-3.118.1.tar.gz) = 8c390a676ea37266fcd3d0cd2fb070e2f69f4d78fa4ed88e07ac0c9eb5aab8d3 -SIZE (nss-3.118.1.tar.gz) = 77625759 +TIMESTAMP = 1764961743 +SHA256 (nss-3.119.tar.gz) = e8412db6c9d6f531e8adfe8a122ec33a8fae920681ff47231a1349bdd399f0e9 +SIZE (nss-3.119.tar.gz) = 77633205 diff --git a/security/openvpn-auth-oauth2/Makefile b/security/openvpn-auth-oauth2/Makefile index 3fed1bf952da..0243b85a27c2 100644 --- a/security/openvpn-auth-oauth2/Makefile +++ b/security/openvpn-auth-oauth2/Makefile @@ -1,7 +1,7 @@ PORTNAME= openvpn-auth-oauth2 DISTVERSIONPREFIX= v DISTVERSION= 1.26.4 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= security net net-vpn MAINTAINER= otis@FreeBSD.org @@ -13,7 +13,7 @@ LICENSE_FILE= ${WRKSRC}/LICENSE.txt EXTRACT_DEPENDS= ${BUILD_DEPENDS} -USES= go:1.25,modules +USES= go:modules GO_MODULE= github.com/jkroepke/openvpn-auth-oauth2 GO_TARGET= ./cmd/openvpn-auth-oauth2 diff --git a/security/openvpn-devel/Makefile b/security/openvpn-devel/Makefile index 1fa17d217cc5..2fa50d005f48 100644 --- a/security/openvpn-devel/Makefile +++ b/security/openvpn-devel/Makefile @@ -1,5 +1,5 @@ PORTNAME= openvpn -DISTVERSION= g20251117 +DISTVERSION= g20251128 PORTREVISION= 0 # leave in even if 0 to avoid accidental PORTEPOCH bumps PORTEPOCH= 1 CATEGORIES= security net net-vpn @@ -21,7 +21,7 @@ LIB_DEPENDS+= liblzo2.so:archivers/lzo2 USES= autoreconf cpe libtool pkgconfig python:build shebangfix tar:xz IGNORE_SSL= libressl libressl-devel USE_GITLAB= yes -GL_TAGNAME= d6ee27b4ff31e4469d699f3bfd7b9998ab167230 +GL_TAGNAME= 31ef3d66c20e62cd6cc87a6b9f9c9987b889335c USE_RC_SUBR= openvpn SHEBANG_FILES= sample/sample-scripts/auth-pam.pl \ diff --git a/security/openvpn-devel/distinfo b/security/openvpn-devel/distinfo index 6d2c15323da2..0314026c6b95 100644 --- a/security/openvpn-devel/distinfo +++ b/security/openvpn-devel/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1763394774 -SHA256 (openvpn-openvpn-d6ee27b4ff31e4469d699f3bfd7b9998ab167230_GL0.tar.gz) = 8f57323446853027ed6140521b8485aff100d5858877083059dfaed64ff92edb -SIZE (openvpn-openvpn-d6ee27b4ff31e4469d699f3bfd7b9998ab167230_GL0.tar.gz) = 1347484 +TIMESTAMP = 1764356557 +SHA256 (openvpn-openvpn-31ef3d66c20e62cd6cc87a6b9f9c9987b889335c_GL0.tar.gz) = cb4f8d9b30628955a5cbf34e362167152bea49f8c181732a6260f96172ae2e76 +SIZE (openvpn-openvpn-31ef3d66c20e62cd6cc87a6b9f9c9987b889335c_GL0.tar.gz) = 1348842 diff --git a/security/opkssh/Makefile b/security/opkssh/Makefile index 36c50d9ac217..225500a886d7 100644 --- a/security/opkssh/Makefile +++ b/security/opkssh/Makefile @@ -11,7 +11,7 @@ COMMENT= Tool which enables SSH to be used with OpenID Connect LICENSE= APACHE20 LICENSE_FILE= ${WRKSRC}/LICENSE -USES= go:1.23,modules +USES= go:modules USE_GITHUB= yes GH_ACCOUNT= openpubkey GO_BUILDFLAGS= -ldflags "-X main.Version=${DISTVERSIONPREFIX}${DISTVERSION}" diff --git a/security/s2n-tls/Makefile b/security/s2n-tls/Makefile index fb28c47877bb..83352f59dbe0 100644 --- a/security/s2n-tls/Makefile +++ b/security/s2n-tls/Makefile @@ -1,6 +1,6 @@ PORTNAME= s2n-tls DISTVERSIONPREFIX= v -DISTVERSION= 1.6.1 +DISTVERSION= 1.6.2 PORTEPOCH= 1 CATEGORIES= security diff --git a/security/s2n-tls/distinfo b/security/s2n-tls/distinfo index 241d66f84ffe..996e5561b7dd 100644 --- a/security/s2n-tls/distinfo +++ b/security/s2n-tls/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1763805921 -SHA256 (aws-s2n-tls-v1.6.1_GH0.tar.gz) = d913741fd8329b2ff4f9f153cb1b4a0a88e788f0217f28ded1f207db6fabd5eb -SIZE (aws-s2n-tls-v1.6.1_GH0.tar.gz) = 5119769 +TIMESTAMP = 1764963686 +SHA256 (aws-s2n-tls-v1.6.2_GH0.tar.gz) = b62c52ededd0b42e58fea660727141728cfb853c564083dbfc6fd027a1564582 +SIZE (aws-s2n-tls-v1.6.2_GH0.tar.gz) = 5155040 diff --git a/security/sshesame/Makefile b/security/sshesame/Makefile index ddba948fae64..7e7aaca64b03 100644 --- a/security/sshesame/Makefile +++ b/security/sshesame/Makefile @@ -10,7 +10,7 @@ WWW= https://github.com/jaksi/sshesame LICENSE= APACHE20 LICENSE_FILE= ${WRKSRC}/LICENSE -USES= go:1.22,modules +USES= go:modules USE_RC_SUBR= ${PORTNAME} USERS= sshesame diff --git a/security/step-certificates/Makefile b/security/step-certificates/Makefile index 7b865e0753a4..a74198bdc18c 100644 --- a/security/step-certificates/Makefile +++ b/security/step-certificates/Makefile @@ -16,6 +16,9 @@ RUN_DEPENDS= step:security/step-cli USES= go:1.22,modules +DEPRECATED= Uses old go, but try building without USES=go:someversion +EXPIRATION_DATE=2026-01-01 + USE_RC_SUBR= step_ca GO_MODULE= github.com/smallstep/certificates diff --git a/security/step-cli/Makefile b/security/step-cli/Makefile index d58b502aa605..a9a897b5f233 100644 --- a/security/step-cli/Makefile +++ b/security/step-cli/Makefile @@ -12,6 +12,9 @@ LICENSE_FILE= ${WRKSRC}/LICENSE USES= go:1.22,modules shebangfix +DEPRECATED= Uses old go, but try building without USES=go:someversion +EXPIRATION_DATE=2026-01-01 + SHEBANG_FILES= autocomplete/bash_autocomplete GO_MODULE= github.com/smallstep/cli diff --git a/security/trezord/Makefile b/security/trezord/Makefile index 0519f75984be..7ac421f20675 100644 --- a/security/trezord/Makefile +++ b/security/trezord/Makefile @@ -13,6 +13,9 @@ LICENSE_FILE= ${WRKSRC}/COPYING USES= go:1.20,modules +DEPRECATED= Uses old go, but try building without USES=go:someversion +EXPIRATION_DATE=2026-01-01 + USE_RC_SUBR= ${PORTNAME} USE_GITHUB= yes diff --git a/security/trivy/Makefile b/security/trivy/Makefile index d45780e3c7c7..62547a137464 100644 --- a/security/trivy/Makefile +++ b/security/trivy/Makefile @@ -1,7 +1,6 @@ PORTNAME= trivy DISTVERSIONPREFIX= v -DISTVERSION= 0.67.2 -PORTREVISION= 3 +DISTVERSION= 0.68.1 CATEGORIES= security MAINTAINER= mfechner@FreeBSD.org diff --git a/security/trivy/distinfo b/security/trivy/distinfo index 28fde0ce1daa..b97aa771a9ea 100644 --- a/security/trivy/distinfo +++ b/security/trivy/distinfo @@ -1,5 +1,5 @@ -TIMESTAMP = 1760123985 -SHA256 (go/security_trivy/aquasecurity-trivy-v0.67.2_GH0/go.mod) = 130a0a0c893125dadbcc30ec66370aac6f848cc1b116a5d1acae4ceecb5a256d -SIZE (go/security_trivy/aquasecurity-trivy-v0.67.2_GH0/go.mod) = 26741 -SHA256 (go/security_trivy/aquasecurity-trivy-v0.67.2_GH0/aquasecurity-trivy-v0.67.2_GH0.tar.gz) = 280ff8cfb17d05d6b4d1b07bdd3cd26971032301bedb3b800a14886e64ce75eb -SIZE (go/security_trivy/aquasecurity-trivy-v0.67.2_GH0/aquasecurity-trivy-v0.67.2_GH0.tar.gz) = 57236343 +TIMESTAMP = 1764769990 +SHA256 (go/security_trivy/aquasecurity-trivy-v0.68.1_GH0/go.mod) = ed1e2812f402bc580b5cdd5665d62f0aef5f8d12d1a36dc3f808c3e13cd227f9 +SIZE (go/security_trivy/aquasecurity-trivy-v0.68.1_GH0/go.mod) = 26727 +SHA256 (go/security_trivy/aquasecurity-trivy-v0.68.1_GH0/aquasecurity-trivy-v0.68.1_GH0.tar.gz) = 9dd35dd79b0452ab5cf426fac6511718473cc42f92dc6c494839e42690f8023d +SIZE (go/security_trivy/aquasecurity-trivy-v0.68.1_GH0/aquasecurity-trivy-v0.68.1_GH0.tar.gz) = 56758578 diff --git a/security/vuxml/vuln/2025.xml b/security/vuxml/vuln/2025.xml index e73059383e25..83004d9b0e45 100644 --- a/security/vuxml/vuln/2025.xml +++ b/security/vuxml/vuln/2025.xml @@ -1,3 +1,175 @@ + <vuln vid="c7187676-d176-11f0-841f-843a4b343614"> + <topic>xkbcomp -- Several vulnerabilities</topic> + <affects> + <package> + <name>xkbcomp</name> + <range><lt>1.5.0</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>X.Org reports:</p> + <blockquote cite="https://lists.x.org/archives/xorg-announce/2025-December/003644.html"> + <p>Multiple issues have been found in xkbcomp that have been previously + been published as CVEs in libxbkcommon. libxkbcommon is (to some degree) + a fork of xkbcomp and some of the code base is identical. These CVEs + were published earlier as:</p> + <ul> + <li>CVE-2018-15853: Endless recursion in xkbcomp/expr.c resulting in a crash</li> + <li>CVE-2018-15859: NULL pointer dereference when parsing invalid atoms in + ExprResolveLhs resulting in a crash</li> + <li>CVE-2018-15861: NULL pointer dereference in ExprResolveLhs resulting + in a crash</li> + <li>CVE-2018-15863: NULL pointer dereference in ResolveStateAndPredicate + resulting in a crash</li> + </ul> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2018-15863</cvename> + <url>https://cveawg.mitre.org/api/cve/CVE-2018-15863</url> + <cvename>CVE-2018-15859</cvename> + <url>https://cveawg.mitre.org/api/cve/CVE-2018-15859</url> + <cvename>CVE-2018-15861</cvename> + <url>https://cveawg.mitre.org/api/cve/CVE-2018-15861</url> + <cvename>CVE-2018-15863</cvename> + <url>https://cveawg.mitre.org/api/cve/CVE-2018-15863</url> + </references> + <dates> + <discovery>2025-12-03</discovery> + <entry>2025-12-05</entry> + </dates> + </vuln> + + <vuln vid="f323f148-d181-11f0-841f-843a4b343614"> + <topic>png -- Out-of-bounds read</topic> + <affects> + <package> + <name>png</name> + <range><lt>1.6.52</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>https://github.com/pnggroup/libpng/security/advisories/GHSA-9mpm-9pxh-mg4f reports:</p> + <blockquote cite="https://github.com/pnggroup/libpng/security/advisories/GHSA-9mpm-9pxh-mg4f"> + <p>Prior to 1.6.52, an out-of-bounds read vulnerability in + libpng's simplified API allows reading up to 1012 bytes beyond the + png_sRGB_base[512] array when processing valid palette PNG images + with partial transparency and gamma correction. The PNG files that + trigger this vulnerability are valid per the PNG specification; the + bug is in libpng's internal state management.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-66293</cvename> + <url>https://cveawg.mitre.org/api/cve/CVE-2025-66293</url> + </references> + <dates> + <discovery>2025-12-03</discovery> + <entry>2025-12-05</entry> + </dates> + </vuln> + + <vuln vid="be3167b5-d140-11f0-ad27-c01803b56cc4"> + <topic>libvirt -- Multiple vulnerabilities</topic> + <affects> + <package> + <name>libvirt</name> + <range><lt>11.10.0</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>The libvirt project reports:</p> + <blockquote cite="https://libvirt.org/news.html#v11-10-0-2025-12-01"> + <p>See <a href="https://libvirt.org/news.html#v11-10-0-2025-12-01"> + changelog</a> for details.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-12748</cvename> + <url>https://cveawg.mitre.org/api/cve/CVE-2025-12748</url> + <cvename>CVE-2025-13193</cvename> + <url>https://cveawg.mitre.org/api/cve/CVE-2025-13193</url> + </references> + <dates> + <discovery>2025-11-11</discovery> + <entry>2025-12-04</entry> + </dates> + </vuln> + + <vuln vid="6ebe4a30-d138-11f0-af8c-8447094a420f"> + <topic>Apache httpd -- Multiple vulnerabilities</topic> + <affects> + <package> + <name>apache24</name> + <range><lt>2.4.66</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>The Apache httpd project reports:</p> + <blockquote cite="https://downloads.apache.org/httpd/CHANGES_2.4.66"> + <p>See <a href="https://downloads.apache.org/httpd/CHANGES_2.4.66"> + changelog</a> or <a href="https://httpd.apache.org/security/vulnerabilities_24.html"> + 2.4 vulnerabilities</a> for details.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-66200</cvename> + <cvename>CVE-2025-65082</cvename> + <cvename>CVE-2025-59775</cvename> + <cvename>CVE-2025-58098</cvename> + <cvename>CVE-2025-55753</cvename> + <url>https://downloads.apache.org/httpd/CHANGES_2.4.66</url> + </references> + <dates> + <discovery>2025-12-04</discovery> + <entry>2025-12-04</entry> + </dates> + </vuln> + + <vuln vid="245bd19f-d035-11f0-84e9-c7a56e37e3f0"> + <topic>go -- excessive resource consumption</topic> + <affects> + <package> + <name>go124</name> + <range><lt>1.24.11</lt></range> + </package> + <package> + <name>go125</name> + <range><lt>1.25.5</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>The Go project reports:</p> + <blockquote cite="https://pkg.go.dev/vuln/GO-2025-4155"> + <p>Within HostnameError.Error(), when constructing an error + string, there is no limit to the number of hosts that will + be printed out.</p> + <p>Furthermore, the error string is constructed by repeated + string concatenation, leading to quadratic runtime. + Therefore, a certificate provided by a malicious actor can + result in excessive resource consumption.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2025-61729</cvename> + <url>https://pkg.go.dev/vuln/GO-2025-4155</url> + </references> + <dates> + <discovery>2025-12-02</discovery> + <entry>2025-12-03</entry> + </dates> + </vuln> + <vuln vid="eda92945-ced4-11f0-a958-b42e991fc52e"> <topic>MongoDB -- Missing Authorization</topic> <affects> |