From owner-freebsd-ports-bugs@freebsd.org  Wed May  3 15:07:43 2017
Return-Path: <owner-freebsd-ports-bugs@freebsd.org>
Delivered-To: freebsd-ports-bugs@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 30141D5ADBF
 for <freebsd-ports-bugs@mailman.ysv.freebsd.org>;
 Wed,  3 May 2017 15:07:43 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org (kenobi.freebsd.org
 [IPv6:2001:1900:2254:206a::16:76])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 03046387
 for <freebsd-ports-bugs@FreeBSD.org>; Wed,  3 May 2017 15:07:43 +0000 (UTC)
 (envelope-from bugzilla-noreply@freebsd.org)
Received: from bugs.freebsd.org ([127.0.1.118])
 by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id v43F7gcl082293
 for <freebsd-ports-bugs@FreeBSD.org>; Wed, 3 May 2017 15:07:42 GMT
 (envelope-from bugzilla-noreply@freebsd.org)
From: bugzilla-noreply@freebsd.org
To: freebsd-ports-bugs@FreeBSD.org
Subject: [Bug 219045] databases/mariadb101-server: Upgrade to latest
 version(v10.1.23) - current(v10.1.22) has critical vulnerabilities
Date: Wed, 03 May 2017 15:07:42 +0000
X-Bugzilla-Reason: AssignedTo
X-Bugzilla-Type: new
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Ports & Packages
X-Bugzilla-Component: Individual Port(s)
X-Bugzilla-Version: Latest
X-Bugzilla-Keywords: 
X-Bugzilla-Severity: Affects Many People
X-Bugzilla-Who: i.dani@outlook.com
X-Bugzilla-Status: New
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: ---
X-Bugzilla-Assigned-To: brnrd@freebsd.org
X-Bugzilla-Flags: maintainer-feedback?
X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform
 op_sys bug_status bug_severity priority component assigned_to reporter
 flagtypes.name
Message-ID: <bug-219045-13@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
MIME-Version: 1.0
X-BeenThere: freebsd-ports-bugs@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: Ports bug reports <freebsd-ports-bugs.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-ports-bugs>, 
 <mailto:freebsd-ports-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports-bugs/>
List-Post: <mailto:freebsd-ports-bugs@freebsd.org>
List-Help: <mailto:freebsd-ports-bugs-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-ports-bugs>, 
 <mailto:freebsd-ports-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 03 May 2017 15:07:43 -0000

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D219045

            Bug ID: 219045
           Summary: databases/mariadb101-server: Upgrade to latest
                    version(v10.1.23) - current(v10.1.22) has critical
                    vulnerabilities
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Many People
          Priority: ---
         Component: Individual Port(s)
          Assignee: brnrd@freebsd.org
          Reporter: i.dani@outlook.com
          Assignee: brnrd@freebsd.org
             Flags: maintainer-feedback?(brnrd@freebsd.org)

The current version avilable for FreeBSD is vulnerable since 19.04.2017 and=
 has
now been patched upstream. There are very critical vulnerabilities in it.

See here: https://mariadb.com/kb/en/mariadb/mariadb-10123-release-notes/

Available port version: 10.1.22
Patched version: 10.1.23

Important Changes

Fixes for the following security vulnerabilities:
    CVE-2017-3302
    CVE-2017-3313
    CVE-2017-3308
    CVE-2017-3309
    CVE-2017-3453
    CVE-2017-3456
    CVE-2017-3464=20

Fixes:
    MDEV-12602: Fixed some race conditions in InnoDB encryption
    MariaDB Backup alpha introduced
    Galera wsrep library updated to 25.3.20
    Packages for Ubuntu 17.04 "zesty" added
    As per the MariaDB Deprecation Policy, this will be the last release of
MariaDB 10.1 for Ubuntu 12.04 LTS "Precise" and Mint 13 LTS "Maya"=20

-> Full Changelog: https://mariadb.com/kb/en/mariadb-10123-changelog/

--=20
You are receiving this mail because:
You are the assignee for the bug.=