svn commit: r392454 - head/databases/mysql55-client
Mark Felder
feld at FreeBSD.org
Sat Jul 18 21:16:32 UTC 2015
Author: feld
Date: Sat Jul 18 21:16:31 2015
New Revision: 392454
URL: https://svnweb.freebsd.org/changeset/ports/392454
Log:
Bump PORTREVISION of the client and add pkg-message to warn about
CVE-2015-3152 which will not get patched
Security: CVE-2015-3152
Security: 36bd352d-299b-11e5-86ff-14dae9d210b8
Added:
head/databases/mysql55-client/pkg-message (contents, props changed)
Modified:
head/databases/mysql55-client/Makefile
Modified: head/databases/mysql55-client/Makefile
==============================================================================
--- head/databases/mysql55-client/Makefile Sat Jul 18 21:14:35 2015 (r392453)
+++ head/databases/mysql55-client/Makefile Sat Jul 18 21:16:31 2015 (r392454)
@@ -2,6 +2,7 @@
# $FreeBSD$
PORTNAME= mysql
+PORTREVISION= 1
PKGNAMESUFFIX= 55-client
COMMENT= Multithreaded SQL database (client)
Added: head/databases/mysql55-client/pkg-message
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/databases/mysql55-client/pkg-message Sat Jul 18 21:16:31 2015 (r392454)
@@ -0,0 +1,15 @@
+* * * * * * * * * * * * * * * * * * * * * * * *
+
+Please be aware the database client is vulnerable
+to CVE-2015-3152 - SSL Downgrade aka "BACKRONYM".
+You may find more information at the following URL:
+
+http://www.vuxml.org/freebsd/36bd352d-299b-11e5-86ff-14dae9d210b8.html
+
+Although this database client is not listed as
+"affected", it is vulnerable and will not be
+receiving a patch. Please take note of this when
+deploying this software.
+
+* * * * * * * * * * * * * * * * * * * * * * * *
+
More information about the svn-ports-all
mailing list