Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 05 Aug 2024 12:08:18 +0000
From:      bugzilla-noreply@freebsd.org
To:        ports-bugs@FreeBSD.org
Subject:   [Bug 280627] security/vuxml - incorrect line in commit d87a0c incorrectly marks current mysql80-server as vulnerable
Message-ID:  <bug-280627-7788@https.bugs.freebsd.org/bugzilla/>

next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D280627

            Bug ID: 280627
           Summary: security/vuxml - incorrect line in commit d87a0c
                    incorrectly marks current mysql80-server as vulnerable
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Many People
          Priority: ---
         Component: Individual Port(s)
          Assignee: ports-secteam@FreeBSD.org
          Reporter: robbak@gmail.com
          Assignee: ports-secteam@FreeBSD.org
             Flags: maintainer-feedback?(ports-secteam@FreeBSD.org)

Created attachment 252513
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D252513&action=
=3Dedit
Patch to fix 2024.xml

There is a mistake in commit f073a58b1ff96a86b1a4385745f094e4cd87a0ca that
marks all versions of mysql80-server, past, current and future, as vulnerab=
le.
It also means that vulnerable versions of mysql81-server are not marked.

The entry that should be mysql81-server was mistakenly typed as mysql80-ser=
ver,
leading to the latest mysql80-server marked as vulnerable, as it will never
have a version number of 8.1.1. It also means that there are multiple entri=
es
for mysql80-server, which could break some tools.

The attached patch should be applied to fix this error.

--=20
You are receiving this mail because:
You are the assignee for the bug.=



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-280627-7788>