237398 – databases/mysql56-server: Update to 5.6.44 (Fixes multiple CVE)

Bug 237398 - databases/mysql56-server: Update to 5.6.44 (Fixes multiple CVE)

Summary: databases/mysql56-server: Update to 5.6.44 (Fixes multiple CVE)

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	Normal Affects Many People
Assignee:	Mahdi Mokhtari

URL:	https://www.oracle.com/technetwork/se...
Keywords:	needs-patch, security

Depends on:
Blocks:

Reported:	2019-04-19 23:18 UTC by Brent Busby
Modified:	2019-05-13 19:36 UTC (History)
CC List:	1 user (show)

See Also:

Flags:	mmokhi: maintainer-feedback+ mmokhi: merge-quarterly+

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Brent Busby 2019-04-19 23:18:56 UTC

Oracle released 5.6.44, closes multiple vulnerabilities including four which are remotely exploitable without a valid login.

See:
https://vuxml.freebsd.org/freebsd/4e1997e8-5de0-11e9-b95c-b499baebfeaf.html
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixMSQL

Comment 1 Brent Busby 2019-04-19 23:33:38 UTC

This version is still pending release from Oracle.

Comment 2 Mahdi Mokhtari freebsd_committer

2019-05-13 19:17:01 UTC

issue is fixed in a commit on PR 237399 by commit ports r500373.