Date: Mon, 05 Aug 2024 12:08:18 +0000 From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 280627] security/vuxml - incorrect line in commit d87a0c incorrectly marks current mysql80-server as vulnerable Message-ID: <bug-280627-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D280627 Bug ID: 280627 Summary: security/vuxml - incorrect line in commit d87a0c incorrectly marks current mysql80-server as vulnerable Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Many People Priority: --- Component: Individual Port(s) Assignee: ports-secteam@FreeBSD.org Reporter: robbak@gmail.com Assignee: ports-secteam@FreeBSD.org Flags: maintainer-feedback?(ports-secteam@FreeBSD.org) Created attachment 252513 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D252513&action= =3Dedit Patch to fix 2024.xml There is a mistake in commit f073a58b1ff96a86b1a4385745f094e4cd87a0ca that marks all versions of mysql80-server, past, current and future, as vulnerab= le. It also means that vulnerable versions of mysql81-server are not marked. The entry that should be mysql81-server was mistakenly typed as mysql80-ser= ver, leading to the latest mysql80-server marked as vulnerable, as it will never have a version number of 8.1.1. It also means that there are multiple entri= es for mysql80-server, which could break some tools. The attached patch should be applied to fix this error. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-280627-7788>