Security issues with www/minio
- Reply: Fernando_ApesteguĂa : "Re: Security issues with www/minio"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sat, 18 Feb 2023 16:02:23 UTC
Hi, The www/minio port provides an outdated, insecure version of MinIO. This issue was raised on 2022-12-30 in https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=268656 and five days ago I provided a VuXML patch at https://github.com/freebsd/freebsd-ports/pull/158 which I have updated several times as security/vuxml/vuln/2023.xml has changed. I note that the www/minio maintainer, swills@, has not committed to the ports tree since 2022-03-13 so someone else might need to update the port. However, it would help to apply the VuXML patch soon so that the port's users know of its security problems. Tom