diff options
author | feld <feld@FreeBSD.org> | 2015-07-19 05:21:14 +0800 |
---|---|---|
committer | feld <feld@FreeBSD.org> | 2015-07-19 05:21:14 +0800 |
commit | 2d9e1ed99c38c0373e8724f33f6eeb0d2b4c6a3a (patch) | |
tree | 9c6ccbd59937b6cc946c2978701fc04f0f2f49dd /databases | |
parent | 440935e539620b1c34135c76927a61655bbaa075 (diff) | |
download | freebsd-ports-gnome-2d9e1ed99c38c0373e8724f33f6eeb0d2b4c6a3a.tar.gz freebsd-ports-gnome-2d9e1ed99c38c0373e8724f33f6eeb0d2b4c6a3a.tar.zst freebsd-ports-gnome-2d9e1ed99c38c0373e8724f33f6eeb0d2b4c6a3a.zip |
Bump PORTREVISION of the client and add pkg-message to warn about
CVE-2015-3152 which will not get patched
Security: CVE-2015-3152
Security: 36bd352d-299b-11e5-86ff-14dae9d210b8
Diffstat (limited to 'databases')
-rw-r--r-- | databases/mysql56-client/Makefile | 4 | ||||
-rw-r--r-- | databases/mysql56-client/pkg-message | 15 |
2 files changed, 17 insertions, 2 deletions
diff --git a/databases/mysql56-client/Makefile b/databases/mysql56-client/Makefile index 678baf9b43b6..9623b91c828c 100644 --- a/databases/mysql56-client/Makefile +++ b/databases/mysql56-client/Makefile @@ -2,14 +2,14 @@ # $FreeBSD$ PORTNAME= mysql -PORTREVISION= 1 +PORTREVISION= 2 PKGNAMESUFFIX= 56-client COMMENT= Multithreaded SQL database (client) MASTERDIR= ${.CURDIR}/../mysql56-server -PKGMESSAGE= mustnotexist +PKGMESSAGE= ${.CURDIR}/pkg-message PATCHDIR= ${.CURDIR}/files PLIST= ${.CURDIR}/pkg-plist diff --git a/databases/mysql56-client/pkg-message b/databases/mysql56-client/pkg-message new file mode 100644 index 000000000000..2cf54a1cf930 --- /dev/null +++ b/databases/mysql56-client/pkg-message @@ -0,0 +1,15 @@ +* * * * * * * * * * * * * * * * * * * * * * * * + +Please be aware the database client is vulnerable +to CVE-2015-3152 - SSL Downgrade aka "BACKRONYM". +You may find more information at the following URL: + +http://www.vuxml.org/freebsd/36bd352d-299b-11e5-86ff-14dae9d210b8.html + +Although this database client is not listed as +"affected", it is vulnerable and will not be +receiving a patch. Please take note of this when +deploying this software. + +* * * * * * * * * * * * * * * * * * * * * * * * + |