From owner-svn-ports-all@freebsd.org Wed Nov 11 20:39:15 2015 Return-Path: Delivered-To: svn-ports-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 192B1A2A6BF; Wed, 11 Nov 2015 20:39:15 +0000 (UTC) (envelope-from brnrd@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E1FA71C8C; Wed, 11 Nov 2015 20:39:14 +0000 (UTC) (envelope-from brnrd@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id tABKdDou037191; Wed, 11 Nov 2015 20:39:13 GMT (envelope-from brnrd@FreeBSD.org) Received: (from brnrd@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id tABKdDw9037189; Wed, 11 Nov 2015 20:39:13 GMT (envelope-from brnrd@FreeBSD.org) Message-Id: <201511112039.tABKdDw9037189@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: brnrd set sender to brnrd@FreeBSD.org using -f From: Bernard Spil Date: Wed, 11 Nov 2015 20:39:13 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r401295 - head/security/vuxml X-SVN-Group: ports-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 11 Nov 2015 20:39:15 -0000 Author: brnrd Date: Wed Nov 11 20:39:13 2015 New Revision: 401295 URL: https://svnweb.freebsd.org/changeset/ports/401295 Log: Document CVE's in MySQL/MariaDB/Percona PR: 204410 Submitted by: Sevan Janiyan Reviewed by: feld Approved by: feld Security: CVE-2015-4802 Security: CVE-2015-4807 Security: CVE-2015-4815 Security: CVE-2015-4826 Security: CVE-2015-4830 Security: CVE-2015-4836 Security: CVE-2015-4858 Security: CVE-2015-4861 Security: CVE-2015-4870 Security: CVE-2015-4913 Security: CVE-2015-4792 Modified: head/security/vuxml/vuln.xml Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Wed Nov 11 20:16:11 2015 (r401294) +++ head/security/vuxml/vuln.xml Wed Nov 11 20:39:13 2015 (r401295) @@ -58,6 +58,98 @@ Notes: --> + + MySQL - Multiple vulnerabilities + + + mariadb-client + 5.3.13 + + + mariadb-server + 5.3.13 + + + mariadb55-client + 5.5.46 + + + mariadb55-server + 5.5.46 + + + mariadb100-client + 10.0.22 + + + mariadb100-server + 10.0.22 + + + mysql55-client + 5.5.46 + + + mysql55-server + 5.5.46 + + + mysql56-client + 5.6.27 + + + mysql56-server + 5.6.27 + + + percona55-client + 5.5.46 + + + percona55-server + 5.5.46 + + + percona56-client + 5.6.27 + + + percona56-server + 5.6.27 + + + + +

Oracle reports:

+
Critical Patch Update: MySQL Server, version(s) 5.5.45 and prior, 5.6.26 and prior
+

+ + + + http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html + CVE-2015-4802 + CVE-2015-4807 + CVE-2015-4815 + CVE-2015-4826 + CVE-2015-4830 + CVE-2015-4836 + CVE-2015-4858 + CVE-2015-4861 + CVE-2015-4870 + CVE-2015-4913 + CVE-2015-4792 + https://mariadb.com/kb/en/mariadb/mariadb-5546-release-notes/ + https://mariadb.com/kb/en/mariadb/mariadb-10022-release-notes/ + https://www.percona.com/doc/percona-server/5.5/release-notes/Percona-Server-5.5.46-37.5.html + https://www.percona.com/doc/percona-server/5.6/release-notes/Percona-Server-5.6.27-75.0.html + + + 2015-11-10 + 2015-11-11 + + + jenkins -- remote code execution via unsafe deserialization