pkg_admin audit said..
Package sqlite3-3.49.2 has a memory-corruption vulnerability, see https://nvd.nist.gov/vuln/detail/CVE-2025-6965
Package libxml2-2.14.4 has a use-after-free vulnerability, see https://nvd.nist.gov/vuln/detail/CVE-2025-49794
Package libxml2-2.14.4 has a denial-of-service vulnerability, see https://nvd.nist.gov/vuln/detail/CVE-2025-49795
Package libxml2-2.14.4 has a denial-of-service vulnerability, see https://nvd.nist.gov/vuln/detail/CVE-2025-49796
Package libxml2-2.14.4 has a integer-overflow vulnerability, see https://nvd.nist.gov/vuln/detail/CVE-2025-6021
Package libxml2-2.14.4 has a buffer-overflow vulnerability, see https://nvd.nist.gov/vuln/detail/CVE-2025-6170
I usually go to netbsd site, check errata and follow instruction but..
https://www.netbsd.org/support/security/patches-10.1.html
The page result empty.
How to fix/patch those vulnerabilities?
I have also run
sysupgrade auto
and reboot, but messages still appear.
Asked by elbarna
(13690 rep)
Jul 29, 2025, 08:44 PM
Last activity: Aug 1, 2025, 05:03 PM
Last activity: Aug 1, 2025, 05:03 PM