mirror of
https://github.com/ryantm/nixpkgs-update.git
synced 2024-09-20 02:07:32 +03:00
1.2 KiB
1.2 KiB
uzbl: 0.9.0 -> 0.9.1
- [CVE-2010-0011](https://nvd.nist.gov/vuln/detail/CVE-2010-0011)
- [CVE-2010-2809](https://nvd.nist.gov/vuln/detail/CVE-2010-2809)
Both CVEs refer to matchers that are date based releases, but the author of the library switched to normal version numbering after that, so these CVEs are reported as relevant even though they are not.
terraform: 0.12.7 -> 0.12.9
- [CVE-2018-9057](https://nvd.nist.gov/vuln/detail/CVE-2018-9057)
CVE only applies to terraform-providers-aws, but you can only tell that by looking at the "Target Software" part.
tor: 0.4.1.5 -> 0.4.1.6
https://nvd.nist.gov/vuln/detail/CVE-2017-16541
the CPE mistakenly uses tor for the product id when the product id should be torbrowser
arena: 1.1 -> 1.06
- [CVE-2018-8843](https://nvd.nist.gov/vuln/detail/CVE-2018-8843)
- [CVE-2019-15567](https://nvd.nist.gov/vuln/detail/CVE-2019-15567)
Not rockwellautomation:arena Not openforis:arena
thrift:
Apache Thrift vs Facebook Thrift