Bug 215901 - databases/mariadb100-server outdated port. CVEs missing in vuln.xml
Summary: databases/mariadb100-server outdated port. CVEs missing in vuln.xml
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: amd64 Any
: --- Affects Some People
Assignee: Bernard Spil
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-01-09 08:58 UTC by Alexander
Modified: 2017-01-15 20:26 UTC (History)
0 users

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Alexander 2017-01-09 08:58:45 UTC
Presently databases/mariadb100-server port version is 1.0.27_2.
New stable release 10.0.28 was announces on October 28, 2016 (https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/).
According to release notes version 10.0.28 includes fixes for the following security vulnerabilities: 
CVE-2016-5616 / CVE-2016-6663 This vulnerability was discovered by Dawid Golunski. 
CVE-2016-5624 
CVE-2016-5626 
CVE-2016-3492 
CVE-2016-5629 
CVE-2016-8283 
CVE-2016-7440 
CVE-2016-5584 

Can somebody update port to the latest stable version?
Comment 1 Bernard Spil freebsd_committer freebsd_triage 2017-01-14 18:26:04 UTC
Vulns added to vuxml with ports r431476
Comment 2 commit-hook freebsd_committer freebsd_triage 2017-01-14 21:57:58 UTC
A commit references this bug:

Author: brnrd
Date: Sat Jan 14 21:57:34 UTC 2017
New revision: 431497
URL: https://svnweb.freebsd.org/changeset/ports/431497

Log:
  databases/mariadb100-server: Update to 10.0.29

   - Update to 10.0.29
   - Update mariadb100-client
   - Update patches
   - Regen patches with makepatch
   - Pet portlint
   - Add MROONGA liblz4 dependency
   - Fix MROONGA liblz4 linking
   - rm erroneously installed files

  PR:             197232, 204014, 215901
  MFH:            2017Q1
  Security:       22373c43-d728-11e6-a9a5-b499baebfeaf

Changes:
  head/databases/mariadb100-client/Makefile
  head/databases/mariadb100-client/files/patch-CMakeLists.txt
  head/databases/mariadb100-client/files/patch-client_CMakeLists.txt
  head/databases/mariadb100-client/files/patch-extra_CMakeLists.txt
  head/databases/mariadb100-client/files/patch-include_CMakeLists.txt
  head/databases/mariadb100-client/files/patch-include_my__compare.h
  head/databases/mariadb100-client/files/patch-include_my_compare.h
  head/databases/mariadb100-client/files/patch-libmysql_CMakeLists.txt
  head/databases/mariadb100-client/files/patch-libservices_CMakeLists.txt
  head/databases/mariadb100-client/files/patch-man_CMakeLists.txt
  head/databases/mariadb100-client/files/patch-mysys_my__default.c
  head/databases/mariadb100-client/files/patch-mysys_my_default.c
  head/databases/mariadb100-client/files/patch-pcre_CMakeLists.txt
  head/databases/mariadb100-client/files/patch-scripts_CMakeLists.txt
  head/databases/mariadb100-client/files/patch-scripts_mysql__config.sh
  head/databases/mariadb100-client/files/patch-scripts_mysql_config.sh
  head/databases/mariadb100-client/files/patch-sql_CMakeLists.txt
  head/databases/mariadb100-client/files/patch-support-files_CMakeLists.txt
  head/databases/mariadb100-server/Makefile
  head/databases/mariadb100-server/distinfo
  head/databases/mariadb100-server/files/patch-extra_CMakeLists.txt
  head/databases/mariadb100-server/files/patch-mysys_my__default.c
  head/databases/mariadb100-server/files/patch-scripts_mysqld__safe.sh
  head/databases/mariadb100-server/files/patch-storage_tokudb_PerconaFT_ft_CMakeLists.txt
  head/databases/mariadb100-server/files/patch-support-files_CMakeLists.txt
  head/databases/mariadb100-server/pkg-plist
Comment 3 commit-hook freebsd_committer freebsd_triage 2017-01-15 20:26:27 UTC
A commit references this bug:

Author: brnrd
Date: Sun Jan 15 20:25:31 UTC 2017
New revision: 431598
URL: https://svnweb.freebsd.org/changeset/ports/431598

Log:
  MFH: r431497

  databases/mariadb100-server: Update to 10.0.29

   - Update to 10.0.29
   - Update mariadb100-client
   - Update patches
   - Regen patches with makepatch
   - Pet portlint
   - Add MROONGA liblz4 dependency
   - Fix MROONGA liblz4 linking
   - rm erroneously installed files

  PR:             197232, 204014, 215901
  Security:       22373c43-d728-11e6-a9a5-b499baebfeaf

  Approved by:	ports-secteam (junovitch)

Changes:
_U  branches/2017Q1/
  branches/2017Q1/databases/mariadb100-client/Makefile
  branches/2017Q1/databases/mariadb100-client/files/patch-CMakeLists.txt
  branches/2017Q1/databases/mariadb100-client/files/patch-client_CMakeLists.txt
  branches/2017Q1/databases/mariadb100-client/files/patch-extra_CMakeLists.txt
  branches/2017Q1/databases/mariadb100-client/files/patch-include_CMakeLists.txt
  branches/2017Q1/databases/mariadb100-client/files/patch-include_my__compare.h
  branches/2017Q1/databases/mariadb100-client/files/patch-include_my_compare.h
  branches/2017Q1/databases/mariadb100-client/files/patch-libmysql_CMakeLists.txt
  branches/2017Q1/databases/mariadb100-client/files/patch-libservices_CMakeLists.txt
  branches/2017Q1/databases/mariadb100-client/files/patch-man_CMakeLists.txt
  branches/2017Q1/databases/mariadb100-client/files/patch-mysys_my__default.c
  branches/2017Q1/databases/mariadb100-client/files/patch-mysys_my_default.c
  branches/2017Q1/databases/mariadb100-client/files/patch-pcre_CMakeLists.txt
  branches/2017Q1/databases/mariadb100-client/files/patch-scripts_CMakeLists.txt
  branches/2017Q1/databases/mariadb100-client/files/patch-scripts_mysql__config.sh
  branches/2017Q1/databases/mariadb100-client/files/patch-scripts_mysql_config.sh
  branches/2017Q1/databases/mariadb100-client/files/patch-sql_CMakeLists.txt
  branches/2017Q1/databases/mariadb100-client/files/patch-support-files_CMakeLists.txt
  branches/2017Q1/databases/mariadb100-server/Makefile
  branches/2017Q1/databases/mariadb100-server/distinfo
  branches/2017Q1/databases/mariadb100-server/files/patch-extra_CMakeLists.txt
  branches/2017Q1/databases/mariadb100-server/files/patch-mysys_my__default.c
  branches/2017Q1/databases/mariadb100-server/files/patch-scripts_mysqld__safe.sh
  branches/2017Q1/databases/mariadb100-server/files/patch-storage_tokudb_PerconaFT_ft_CMakeLists.txt
  branches/2017Q1/databases/mariadb100-server/files/patch-support-files_CMakeLists.txt
  branches/2017Q1/databases/mariadb100-server/pkg-plist