From owner-freebsd-ports@freebsd.org Mon Jan 22 22:50:39 2018 Return-Path: Delivered-To: freebsd-ports@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id EF48FEB5065 for ; Mon, 22 Jan 2018 22:50:39 +0000 (UTC) (envelope-from kremels@kreme.com) Received: from mail.covisp.net (mail.covisp.net [65.121.55.42]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D997B72C55 for ; Mon, 22 Jan 2018 22:50:39 +0000 (UTC) (envelope-from kremels@kreme.com) Received: from mail.covisp.net (localhost [127.0.0.1]) by mail.covisp.net (Postfix) with ESMTP id 3zQRV02tkzzxbCV; Mon, 22 Jan 2018 15:50:32 -0700 (MST) X-Virus-Scanned: amavisd-new at covisp.net Received: from mail.covisp.net ([127.0.0.1]) by mail.covisp.net (mail.covisp.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hSa7QCZeDVGf; Mon, 22 Jan 2018 15:50:28 -0700 (MST) Content-Type: text/plain; charset=utf-8 Subject: MariaDB 10.0 is vulnerable From: "@lbutlr" Date: Mon, 22 Jan 2018 15:50:21 -0700 X-Random-Signature: Apple Broke Applescrip[t access to signatures, random sigs now powered by Keyboard Maestro Pro X-Face: )^b5"R:T7U>9~:PEn3YkzMfW*[b1qKeU.fP9C8~8HpU9}lA&6`bH1 Content-Transfer-Encoding: quoted-printable Message-Id: <3F28783C-B8A6-42D4-9BB0-1FA089E40567@kreme.com> To: freebsd ports X-Mailer: Apple Mail (2.3445.5.20) X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 22 Jan 2018 22:50:40 -0000 I have a new server I am setting up and I am trying to make it identical = to the server I am retiring. Both are running FreeBSD 11.1 Today I updated mariadb100-server to 10.0.33_1 on the original server, = but when I try to do that on the new server I get: =3D=3D=3D> Cleaning for mariadb100-server-10.0.33_1 =3D=3D=3D> mariadb100-server-10.0.33_1 has known vulnerabilities: mariadb100-server-10.0.33_1 is vulnerable: MySQL -- multiple vulnerabilities CVE: CVE-2018-2703 CVE: CVE-2018-2696 CVE: CVE-2018-2668 CVE: CVE-2018-2667 CVE: CVE-2018-2665 CVE: CVE-2018-2647 CVE: CVE-2018-2646 CVE: CVE-2018-2645 CVE: CVE-2018-2640 CVE: CVE-2018-2622 CVE: CVE-2018-2612 CVE: CVE-2018-2600 CVE: CVE-2018-2591 CVE: CVE-2018-2590 CVE: CVE-2018-2586 CVE: CVE-2018-2583 CVE: CVE-2018-2576 CVE: CVE-2018-2573 CVE: CVE-2018-2565 CVE: CVE-2018-2562 WWW: = https://vuxml.FreeBSD.org/freebsd/e3445736-fd01-11e7-ac58-b499baebfeaf.htm= l 1 problem(s) in the installed packages found. =3D> Please update your ports tree and try again. =3D> Note: Vulnerable ports are marked as such even if there is no = update available. =3D> If you wish to ignore this vulnerability rebuild with 'make = DISABLE_VULNERABILITIES=3Dyes=E2=80=99