[Bug 290365] databases/adminer: update to 5.4.1
- In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 290365] databases/adminer: update to 5.4.1"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Fri, 14 Nov 2025 11:59:40 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=290365
--- Comment #7 from commit-hook@FreeBSD.org ---
A commit in branch main references this bug:
URL:
https://cgit.FreeBSD.org/ports/commit/?id=ecd5b3f3237d3cb36694edb8f870ef25c4e50cd6
commit ecd5b3f3237d3cb36694edb8f870ef25c4e50cd6
Author: Paavo-Einari Kaipila <pkaipila@gmail.com>
AuthorDate: 2025-11-14 11:45:34 +0000
Commit: Vladimir Druzenko <vvd@FreeBSD.org>
CommitDate: 2025-11-14 11:45:34 +0000
databases/adminer: Update 5.3.0 => 5.4.1, deprecate
Changelogs:
https://github.com/vrana/adminer/releases/tag/v5.4.0
https://github.com/vrana/adminer/releases/tag/v5.4.1
- Patch crypto keys to be generated using OS-provided PRNG rather than
a timestamp.
- Patch passwords to be encrypted with aes256-gcm rather than xxtea.
- Add 5 additonal plugins.
- Also mark this expired due to an obvious reason, these issues that
patched here will likely never be fixed upstream.
- And there are 3 CVEs (not affected code in port however, because
related parts isn't included), which have been unfixed for an extended
period:
https://nvd.nist.gov/vuln/detail/CVE-2023-45195
https://nvd.nist.gov/vuln/detail/CVE-2023-45196
https://nvd.nist.gov/vuln/detail/CVE-2023-45197
PR: 290365
databases/adminer/Makefile | 26 +++++---
databases/adminer/distinfo | 10 ++--
databases/adminer/files/makephar.php | 11 ++--
.../patch-adminer_include_functions.inc.php (new) | 11 ++++
.../patch-adminer_include_xxtea.inc.php (new) | 70 ++++++++++++++++++++++
5 files changed, 111 insertions(+), 17 deletions(-)
--
You are receiving this mail because:
You are the assignee for the bug.