svn commit: r392459 - in branches/2015Q3/databases: mariadb-client mariadb-server
Mark Felder
feld at FreeBSD.org
Sat Jul 18 21:34:05 UTC 2015
Author: feld
Date: Sat Jul 18 21:34:03 2015
New Revision: 392459
URL: https://svnweb.freebsd.org/changeset/ports/392459
Log:
MFH: r392451
Bump PORTREVISION of the client and add pkg-message to warn about
CVE-2015-3152 which will not get patched
Security: CVE-2015-3152
Security: 36bd352d-299b-11e5-86ff-14dae9d210b8
Approved by: ports-secteam (with hat)
Added:
branches/2015Q3/databases/mariadb-client/pkg-message
- copied unchanged from r392451, head/databases/mariadb-client/pkg-message
Modified:
branches/2015Q3/databases/mariadb-client/Makefile
branches/2015Q3/databases/mariadb-server/Makefile
Directory Properties:
branches/2015Q3/ (props changed)
Modified: branches/2015Q3/databases/mariadb-client/Makefile
==============================================================================
--- branches/2015Q3/databases/mariadb-client/Makefile Sat Jul 18 21:27:10 2015 (r392458)
+++ branches/2015Q3/databases/mariadb-client/Makefile Sat Jul 18 21:34:03 2015 (r392459)
@@ -2,6 +2,7 @@
PORTNAME= mariadb
PKGNAMESUFFIX= 53-client
+PORTREVISION= 7
UNIQUENAME= ${PORTNAME}${PKGNAMESUFFIX}
@@ -24,6 +25,7 @@ CONFLICTS= mariadb5[4-9]-client-* \
PATCHDIR= ${.CURDIR}/files
PLIST= ${.CURDIR}/pkg-plist
+PKGMESSAGE= ${.CURDIR}/pkg-message
MANS= mysql_config.1 mysql_upgrade.1 mysql.1 mysqladmin.1 \
mysqlbinlog.1 mysqlbug.1 mysqlcheck.1 \
Copied: branches/2015Q3/databases/mariadb-client/pkg-message (from r392451, head/databases/mariadb-client/pkg-message)
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ branches/2015Q3/databases/mariadb-client/pkg-message Sat Jul 18 21:34:03 2015 (r392459, copy of r392451, head/databases/mariadb-client/pkg-message)
@@ -0,0 +1,15 @@
+* * * * * * * * * * * * * * * * * * * * * * * *
+
+Please be aware the database client is vulnerable
+to CVE-2015-3152 - SSL Downgrade aka "BACKRONYM".
+You may find more information at the following URL:
+
+http://www.vuxml.org/freebsd/36bd352d-299b-11e5-86ff-14dae9d210b8.html
+
+Although this database client is not listed as
+"affected", it is vulnerable and will not be
+receiving a patch. Please take note of this when
+deploying this software.
+
+* * * * * * * * * * * * * * * * * * * * * * * *
+
Modified: branches/2015Q3/databases/mariadb-server/Makefile
==============================================================================
--- branches/2015Q3/databases/mariadb-server/Makefile Sat Jul 18 21:27:10 2015 (r392458)
+++ branches/2015Q3/databases/mariadb-server/Makefile Sat Jul 18 21:34:03 2015 (r392459)
@@ -2,7 +2,7 @@
PORTNAME= mariadb
PORTVERSION= 5.3.12
-PORTREVISION= 6
+PORTREVISION?= 6
CATEGORIES= databases ipv6
MASTER_SITES= http://ftp.osuosl.org/pub/mariadb/${PORTNAME}-${PORTVERSION}/kvm-tarbake-jaunty-x86/ \
http://mirrors.supportex.net/mariadb/${PORTNAME}-${PORTVERSION}/kvm-tarbake-jaunty-x86/ \
More information about the svn-ports-branches
mailing list