FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-12-31 16:42:47 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
22373c43-d728-11e6-a9a5-b499baebfeaf	MySQL -- multiple vulnerabilities The MySQL project reports: CVE-2016-3492: Remote security vulnerability in 'Server: Optimizer' sub component. CVE-2016-5616, CVE-2016-6663: Race condition allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table. CVE-2016-5617, CVE-2016-6664: mysqld_safe, when using file-based logging, allows local users with access to the mysql account to gain root privileges via a symlink attack on error logs and possibly other files. CVE-2016-5624: Remote security vulnerability in 'Server: DML' sub component. CVE-2016-5626: Remote security vulnerability in 'Server: GIS' sub component. CVE-2016-5629: Remote security vulnerability in 'Server: Federated' sub component. CVE-2016-8283: Remote security vulnerability in 'Server: Types' sub component. Discovery 2016-09-13 Entry 2017-01-14 mariadb55-client mariadb55-server < 5.5.52 mariadb100-client mariadb100-server < 10.0.28 mariadb101-client mariadb101-server < 10.1.18 mysql55-client mysql55-server < 5.5.52 mysql56-client mysql56-server < 5.6.33 mysql57-client mysql57-server < 5.7.15 percona55-client percona55-server < 5.5.51.38.2 percona56-client percona56-server < 5.6.32.78.1 http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixMSQL https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/ https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/ https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/ CVE-2016-3492 CVE-2016-5616 CVE-2016-5617 CVE-2016-5624 CVE-2016-5626 CVE-2016-5629 CVE-2016-6663 CVE-2016-6664 CVE-2016-8283
7c27192f-0bc3-11e7-9940-b499baebfeaf	mysql -- denial of service vulnerability Openwall reports: C client library for MySQL (libmysqlclient.so) has use-after-free defect which can cause crash of applications using that MySQL client. Discovery 2017-01-27 Entry 2017-03-18 mariadb55-client <= 5.5.54 mariadb100-client < 10.0.30 mariadb101-client < 10.1.22 mysql55-client <= 5.5.54 mysql56-client < 5.6.21 mysql57-client < 5.7.5 http://www.openwall.com/lists/oss-security/2017/02/11/11 CVE-2017-3302

VuXML ID

Description

22373c43-d728-11e6-a9a5-b499baebfeaf

MySQL -- multiple vulnerabilities

The MySQL project reports:

CVE-2016-3492: Remote security vulnerability in 'Server: Optimizer' sub component.

CVE-2016-5616, CVE-2016-6663: Race condition allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.

CVE-2016-5617, CVE-2016-6664: mysqld_safe, when using file-based logging, allows local users with access to the mysql account to gain root privileges via a symlink attack on error logs and possibly other files.

CVE-2016-5624: Remote security vulnerability in 'Server: DML' sub component.

CVE-2016-5626: Remote security vulnerability in 'Server: GIS' sub component.

CVE-2016-5629: Remote security vulnerability in 'Server: Federated' sub component.

CVE-2016-8283: Remote security vulnerability in 'Server: Types' sub component.

Discovery 2016-09-13
Entry 2017-01-14
mariadb55-client
mariadb55-server

< 5.5.52

mariadb100-client
mariadb100-server

< 10.0.28

mariadb101-client
mariadb101-server

< 10.1.18

mysql55-client
mysql55-server

< 5.5.52

mysql56-client
mysql56-server

< 5.6.33

mysql57-client
mysql57-server

< 5.7.15

percona55-client
percona55-server

< 5.5.51.38.2

percona56-client
percona56-server

< 5.6.32.78.1

http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixMSQL
https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/
https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/
https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/
CVE-2016-3492
CVE-2016-5616
CVE-2016-5617
CVE-2016-5624
CVE-2016-5626
CVE-2016-5629
CVE-2016-6663
CVE-2016-6664
CVE-2016-8283

7c27192f-0bc3-11e7-9940-b499baebfeaf

mysql -- denial of service vulnerability

Openwall reports:

C client library for MySQL (libmysqlclient.so) has use-after-free defect which can cause crash of applications using that MySQL client.

Discovery 2017-01-27
Entry 2017-03-18
mariadb55-client

<= 5.5.54

mariadb100-client

< 10.0.30

mariadb101-client

< 10.1.22

mysql55-client

<= 5.5.54

mysql56-client

< 5.6.21

mysql57-client

< 5.7.5

http://www.openwall.com/lists/oss-security/2017/02/11/11
CVE-2017-3302