Date: Sat, 18 Feb 2023 16:02:23 +0000 From: Tom Hukins <tom@freebsd.org> To: freebsd-ports@freebsd.org Subject: Security issues with www/minio Message-ID: <Y/D2j7BiuTYRK2/d@eborcom.com>
next in thread | raw e-mail | index | archive | help
Hi, The www/minio port provides an outdated, insecure version of MinIO. This issue was raised on 2022-12-30 in https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=268656 and five days ago I provided a VuXML patch at https://github.com/freebsd/freebsd-ports/pull/158 which I have updated several times as security/vuxml/vuln/2023.xml has changed. I note that the www/minio maintainer, swills@, has not committed to the ports tree since 2022-03-13 so someone else might need to update the port. However, it would help to apply the VuXML patch soon so that the port's users know of its security problems. Tom
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Y/D2j7BiuTYRK2/d>