Re: Security issues with www/minio

From: Fernando_ApesteguĂ­a <>
Date: Sat, 18 Feb 2023 17:43:13 UTC
On Sat, Feb 18, 2023 at 5:02 PM Tom Hukins <> wrote:

> Hi,
> The www/minio port provides an outdated, insecure version of MinIO.
> This issue was raised on 2022-12-30 in
> and five days
> ago I provided a VuXML patch at
> which I have updated
> several times as security/vuxml/vuln/2023.xml has changed.

Thanks for the vuxml entry. It landed in

About the port itself, I'm quite unfamiliar with it but I see it is more
than a year behind upstream in terms of releases.

> I note that the www/minio maintainer, swills@, has not committed to the
> ports tree since 2022-03-13 so someone else might need to update the
> port.  However, it would help to apply the VuXML patch soon so that the
> port's users know of its security problems.
> Tom