svn commit: r392456 - head/databases/mysql56-client

[Mark Felder]

Author: feld
Date: Sat Jul 18 21:21:14 2015
New Revision: 392456
URL: https://svnweb.freebsd.org/changeset/ports/392456

Log:
  Bump PORTREVISION of the client and add pkg-message to warn about
  CVE-2015-3152 which will not get patched
  
  Security:	CVE-2015-3152
  Security:	36bd352d-299b-11e5-86ff-14dae9d210b8

Added:
  head/databases/mysql56-client/pkg-message   (contents, props changed)
Modified:
  head/databases/mysql56-client/Makefile

Modified: head/databases/mysql56-client/Makefile
==============================================================================
--- head/databases/mysql56-client/Makefile	Sat Jul 18 21:18:36 2015	(r392455)
+++ head/databases/mysql56-client/Makefile	Sat Jul 18 21:21:14 2015	(r392456)
@@ -2,14 +2,14 @@
 # $FreeBSD$
 
 PORTNAME=	mysql
-PORTREVISION=	1
+PORTREVISION=	2
 PKGNAMESUFFIX=	56-client
 
 COMMENT=	Multithreaded SQL database (client)
 
 MASTERDIR=	${.CURDIR}/../mysql56-server
 
-PKGMESSAGE=	mustnotexist
+PKGMESSAGE=	${.CURDIR}/pkg-message
 PATCHDIR=	${.CURDIR}/files
 PLIST=		${.CURDIR}/pkg-plist
 

Added: head/databases/mysql56-client/pkg-message
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/databases/mysql56-client/pkg-message	Sat Jul 18 21:21:14 2015	(r392456)
@@ -0,0 +1,15 @@
+* * * * * * * * * * * * * * * * * * * * * * * *
+
+Please be aware the database client is vulnerable
+to CVE-2015-3152 - SSL Downgrade aka "BACKRONYM".
+You may find more information at the following URL:
+
+http://www.vuxml.org/freebsd/36bd352d-299b-11e5-86ff-14dae9d210b8.html
+
+Although this database client is not listed as
+"affected", it is vulnerable and will not be 
+receiving a patch. Please take note of this when
+deploying this software.
+
+* * * * * * * * * * * * * * * * * * * * * * * *
+