From owner-freebsd-pkg@freebsd.org Mon Jul 29 07:27:06 2019 Return-Path: Delivered-To: freebsd-pkg@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id C0A47BFE5D for ; Mon, 29 Jul 2019 07:27:06 +0000 (UTC) (envelope-from bsdpkg@cloudzeeland.nl) Received: from mailman.nyi.freebsd.org (mailman.nyi.freebsd.org [IPv6:2610:1c1:1:606c::50:13]) by mx1.freebsd.org (Postfix) with ESMTP id 5650A6B93E for ; Mon, 29 Jul 2019 07:27:06 +0000 (UTC) (envelope-from bsdpkg@cloudzeeland.nl) Received: by mailman.nyi.freebsd.org (Postfix) id 55C03BFE5C; Mon, 29 Jul 2019 07:27:06 +0000 (UTC) Delivered-To: pkg@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 5567ABFE5A; Mon, 29 Jul 2019 07:27:06 +0000 (UTC) (envelope-from bsdpkg@cloudzeeland.nl) Received: from poseidon.cloudzeeland.nl (cloudzeeland.xs4all.nl [83.161.133.58]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits)) (Client CN "cloudzeeland.nl", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id B3F1D6B93C; Mon, 29 Jul 2019 07:27:05 +0000 (UTC) (envelope-from bsdpkg@cloudzeeland.nl) Received: from poseidon.cloudzeeland.nl (cloudzeeland.nl [10.10.10.36]) by poseidon.cloudzeeland.nl (Postfix) with ESMTP id 54E8011079B; Mon, 29 Jul 2019 09:27:02 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cloudzeeland.nl; s=cloud; t=1564385222; bh=1btWWRyMWHxVDw78rFAE5BoeJVvpT6pZfGXpY9AFDnw=; h=To:From:Subject:Date; b=TJJaHJlgECHNwY7T9P2gGIlEkn0Cyl0/0CCbmIfswb5XNlk4GDwl9oREu14nxwMjC P3pgic6yS8gBEf8rjBcEgIR3md3FR3oUAxbL4pG1BPrAT8kVa9DqJIHMMWgZ04H4Jv SblmI0YUWcCEVt6zNvo3t7iEtOCh85nDEhXxx3jg= Received: from [10.10.10.34] (pion1.rpicloud.nl [82.176.127.71]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) by poseidon.cloudzeeland.nl (Postfix) with ESMTPSA id D816F11079A; Mon, 29 Jul 2019 09:27:01 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cloudzeeland.nl; s=cloud; t=1564385222; bh=1btWWRyMWHxVDw78rFAE5BoeJVvpT6pZfGXpY9AFDnw=; h=To:From:Subject:Date; b=TJJaHJlgECHNwY7T9P2gGIlEkn0Cyl0/0CCbmIfswb5XNlk4GDwl9oREu14nxwMjC P3pgic6yS8gBEf8rjBcEgIR3md3FR3oUAxbL4pG1BPrAT8kVa9DqJIHMMWgZ04H4Jv SblmI0YUWcCEVt6zNvo3t7iEtOCh85nDEhXxx3jg= To: pkg-fallout@FreeBSD.org, pkg@FreeBSD.org From: Tilly Subject: mysql57-server-5.7.26_2 is vulnerable Message-ID: <2e1adf6e-92ed-cfe2-5a1f-def7fd3a6d24@cloudzeeland.nl> Date: Mon, 29 Jul 2019 09:27:04 +0200 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.8.0 MIME-Version: 1.0 Content-Type: text/plain; charset=windows-1252; format=flowed Content-Transfer-Encoding: 7bit Content-Language: en-GB X-Virus-Scanned: ClamAV using ClamSMTP on poseidon.cloudzeeland.nl X-Rspamd-Queue-Id: 5650A6B93E X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=cloudzeeland.nl header.s=cloud header.b=TJJaHJlg; dkim=pass header.d=cloudzeeland.nl header.s=cloud header.b=TJJaHJlg; spf=softfail (mx1.freebsd.org: 2610:1c1:1:606c::50:13 is neither permitted nor denied by domain of bsdpkg@cloudzeeland.nl) smtp.mailfrom=bsdpkg@cloudzeeland.nl X-Spamd-Result: default: False [-4.06 / 15.00]; ARC_NA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_DKIM_ALLOW(-0.20)[cloudzeeland.nl:s=cloud]; RCVD_COUNT_FIVE(0.00)[6]; FROM_HAS_DN(0.00)[]; NEURAL_HAM_MEDIUM(-0.99)[-0.989,0]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; DMARC_NA(0.00)[cloudzeeland.nl]; R_SPF_SOFTFAIL(0.00)[~all]; DKIM_TRACE(0.00)[cloudzeeland.nl:+]; RCPT_COUNT_TWO(0.00)[2]; MX_GOOD(-0.01)[cached: cloudzeeland.nl]; NEURAL_HAM_SHORT(-0.80)[-0.798,0]; RCVD_NO_TLS_LAST(0.10)[]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; IP_SCORE(-1.06)[ip: (1.03), ipnet: 2610:1c1:1::/48(-3.57), asn: 11403(-2.71), country: US(-0.05)]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US]; FORGED_RECIPIENTS(0.00)[pkg-fallout@FreeBSD.org ..,freebsd-pkg@freebsd.org]; MID_RHS_MATCH_FROM(0.00)[] X-BeenThere: freebsd-pkg@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Binary package management and package tools discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 29 Jul 2019 07:27:06 -0000 Dear package maintainer(s), I am not quit sure if this is the right procedure (sorry, nub online), but would like to report following: Checking for packages with security vulnerabilities: Database fetched: Sat Jul 27 02:00:10 CEST 2019 mysql57-server-5.7.26_2 is vulnerable: MySQL -- Multiple vulerabilities CVE: CVE-2019-3822 CVE: CVE-2019-2879 CVE: CVE-2019-2834 CVE: CVE-2019-2830 CVE: CVE-2019-2826 CVE: CVE-2019-2822 CVE: CVE-2019-2819 CVE: CVE-2019-2815 CVE: CVE-2019-2814 CVE: CVE-2019-2812 CVE: CVE-2019-2811 CVE: CVE-2019-2810 CVE: CVE-2019-2808 CVE: CVE-2019-2805 CVE: CVE-2019-2803 CVE: CVE-2019-2802 CVE: CVE-2019-2801 CVE: CVE-2019-2800 CVE: CVE-2019-2798 CVE: CVE-2019-2797 CVE: CVE-2019-2796 CVE: CVE-2019-2795 CVE: CVE-2019-2791 CVE: CVE-2019-2789 CVE: CVE-2019-2785 CVE: CVE-2019-2784 CVE: CVE-2019-2780 CVE: CVE-2019-2778 CVE: CVE-2019-2774 CVE: CVE-2019-2758 CVE: CVE-2019-2757 CVE: CVE-2019-2755 CVE: CVE-2019-2752 CVE: CVE-2019-2747 CVE: CVE-2019-2746 CVE: CVE-2019-2743 CVE: CVE-2019-2741 CVE: CVE-2019-2740 CVE: CVE-2019-2739 CVE: CVE-2019-2738 CVE: CVE-2019-2737 CVE: CVE-2019-2731 CVE: CVE-2019-2730 WWW:https://vuxml.FreeBSD.org/freebsd/198e6220-ac8b-11e9-a1c7-b499baebfeaf.html Kind regards, Jos Chrispijn