FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
36bd352d-299b-11e5-86ff-14dae9d210b8mysql -- SSL Downgrade

Duo Security reports:

Researchers have identified a serious vulnerability in some versions of Oracle’s MySQL database product that allows an attacker to strip SSL/TLS connections of their security wrapping transparently.


Discovery 2015-03-20
Entry 2015-07-13
Modified 2015-07-18
php56-mysql
php56-mysqli
< 5.6.11

php55-mysql
php55-mysqli
< 5.5.27

php5-mysql
php5-mysqli
< 5.4.43

mariadb55-client
< 5.5.44

mariadb100-client
< 10.0.20

https://bugs.php.net/bug.php?id=69669
https://www.duosecurity.com/blog/backronym-mysql-vulnerability
http://www.ocert.org/advisories/ocert-2015-003.html
https://mariadb.atlassian.net/browse/MDEV-7937
https://mariadb.com/kb/en/mariadb/mariadb-10020-changelog/
https://mariadb.com/kb/en/mariadb/mariadb-5544-changelog/
CVE-2015-3152
cb0183bb-45f6-11ea-a1c7-b499baebfeafMariaDB -- Vulnerability in C API

MariaDB reports:

Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Client.


Discovery 2020-01-28
Entry 2020-02-02
mariadb55-client
< 5.5.67

mariadb55-server
< 5.5.67

mariadb101-client
< 10.1.44

mariadb101-server
< 10.1.44

mariadb102-client
< 10.2.31

mariadb102-server
< 10.2.31

mariadb103-client
< 10.3.22

mariadb103-server
< 10.3.22

mariadb104-client
< 10.4.12

mariadb104-server
< 10.4.12

mariadb-connector-c
< 3.1.7

https://mariadb.com/kb/en/security/
https://mariadb.com/kb/en/mdb-5567-rn/
https://mariadb.com/kb/en/mdb-10412-rn/
https://mariadb.com/kb/en/mdb-10322-rn/
https://mariadb.com/kb/en/mdb-10231-rn/
https://mariadb.com/kb/en/mdb-10144-rn/
https://mariadb.com/kb/en/mariadb-connector-c-317-release-notes/
CVE-2020-2574
22373c43-d728-11e6-a9a5-b499baebfeafMySQL -- multiple vulnerabilities

The MySQL project reports:

  • CVE-2016-3492: Remote security vulnerability in 'Server: Optimizer' sub component.
  • CVE-2016-5616, CVE-2016-6663: Race condition allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.
  • CVE-2016-5617, CVE-2016-6664: mysqld_safe, when using file-based logging, allows local users with access to the mysql account to gain root privileges via a symlink attack on error logs and possibly other files.
  • CVE-2016-5624: Remote security vulnerability in 'Server: DML' sub component.
  • CVE-2016-5626: Remote security vulnerability in 'Server: GIS' sub component.
  • CVE-2016-5629: Remote security vulnerability in 'Server: Federated' sub component.
  • CVE-2016-8283: Remote security vulnerability in 'Server: Types' sub component.

Discovery 2016-09-13
Entry 2017-01-14
mariadb55-client
mariadb55-server
< 5.5.52

mariadb100-client
mariadb100-server
< 10.0.28

mariadb101-client
mariadb101-server
< 10.1.18

mysql55-client
mysql55-server
< 5.5.52

mysql56-client
mysql56-server
< 5.6.33

mysql57-client
mysql57-server
< 5.7.15

percona55-client
percona55-server
< 5.5.51.38.2

percona56-client
percona56-server
< 5.6.32.78.1

http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixMSQL
https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/
https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/
https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/
CVE-2016-3492
CVE-2016-5616
CVE-2016-5617
CVE-2016-5624
CVE-2016-5626
CVE-2016-5629
CVE-2016-6663
CVE-2016-6664
CVE-2016-8283
7c27192f-0bc3-11e7-9940-b499baebfeafmysql -- denial of service vulnerability

Openwall reports:

C client library for MySQL (libmysqlclient.so) has use-after-free defect which can cause crash of applications using that MySQL client.


Discovery 2017-01-27
Entry 2017-03-18
mariadb55-client
le 5.5.54

mariadb100-client
< 10.0.30

mariadb101-client
< 10.1.22

mysql55-client
le 5.5.54

mysql56-client
< 5.6.21

mysql57-client
< 5.7.5

http://www.openwall.com/lists/oss-security/2017/02/11/11
CVE-2017-3302
851a0eea-88aa-11e5-90e7-b499baebfeafMySQL - Multiple vulnerabilities

Oracle reports:

Critical Patch Update: MySQL Server, version(s) 5.5.45 and prior, 5.6.26 and prior


Discovery 2015-11-10
Entry 2015-11-11
mariadb-client
< 5.3.13

mariadb-server
< 5.3.13

mariadb55-client
< 5.5.46

mariadb55-server
< 5.5.46

mariadb100-client
< 10.0.22

mariadb100-server
< 10.0.22

mysql55-client
< 5.5.46

mysql55-server
< 5.5.46

mysql56-client
< 5.6.27

mysql56-server
< 5.6.27

percona55-client
< 5.5.46

percona55-server
< 5.5.46

percona56-client
< 5.6.27

percona56-server
< 5.6.27

http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
CVE-2015-4802
CVE-2015-4807
CVE-2015-4815
CVE-2015-4826
CVE-2015-4830
CVE-2015-4836
CVE-2015-4858
CVE-2015-4861
CVE-2015-4870
CVE-2015-4913
CVE-2015-4792
https://mariadb.com/kb/en/mariadb/mariadb-5546-release-notes/
https://mariadb.com/kb/en/mariadb/mariadb-10022-release-notes/
https://www.percona.com/doc/percona-server/5.5/release-notes/Percona-Server-5.5.46-37.5.html
https://www.percona.com/doc/percona-server/5.6/release-notes/Percona-Server-5.6.27-75.0.html