FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  541079
Date:      2020-07-03
Time:      07:04:06Z
Committer: lwhsu

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
dc596a17-7a9e-11e6-b034-f0def167eeeaRemote-Code-Execution vulnerability in mysql and its variants CVE 2016-6662

LegalHackers' reports:

RCE Bugs discovered in MySQL and its variants like MariaDB. It works by manipulating my.cnf files and using --malloc-lib. The bug seems fixed in MySQL 5.7.15 by Oracle


Discovery 2016-09-12
Entry 2016-11-24
Modified 2016-11-24
mysql57-client
mysql57-server
lt 5.7.15

mysql56-client
mysql56-server
lt 5.6.33

mysql55-client
mysql55-server
lt 5.5.52

http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html
https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-15.html
851a0eea-88aa-11e5-90e7-b499baebfeafMySQL - Multiple vulnerabilities

Oracle reports:

Critical Patch Update: MySQL Server, version(s) 5.5.45 and prior, 5.6.26 and prior


Discovery 2015-11-10
Entry 2015-11-11
mariadb-client
lt 5.3.13

mariadb-server
lt 5.3.13

mariadb55-client
lt 5.5.46

mariadb55-server
lt 5.5.46

mariadb100-client
lt 10.0.22

mariadb100-server
lt 10.0.22

mysql55-client
lt 5.5.46

mysql55-server
lt 5.5.46

mysql56-client
lt 5.6.27

mysql56-server
lt 5.6.27

percona55-client
lt 5.5.46

percona55-server
lt 5.5.46

percona56-client
lt 5.6.27

percona56-server
lt 5.6.27

http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
CVE-2015-4802
CVE-2015-4807
CVE-2015-4815
CVE-2015-4826
CVE-2015-4830
CVE-2015-4836
CVE-2015-4858
CVE-2015-4861
CVE-2015-4870
CVE-2015-4913
CVE-2015-4792
https://mariadb.com/kb/en/mariadb/mariadb-5546-release-notes/
https://mariadb.com/kb/en/mariadb/mariadb-10022-release-notes/
https://www.percona.com/doc/percona-server/5.5/release-notes/Percona-Server-5.5.46-37.5.html
https://www.percona.com/doc/percona-server/5.6/release-notes/Percona-Server-5.6.27-75.0.html
22373c43-d728-11e6-a9a5-b499baebfeafMySQL -- multiple vulnerabilities

The MySQL project reports:

  • CVE-2016-3492: Remote security vulnerability in 'Server: Optimizer' sub component.
  • CVE-2016-5616, CVE-2016-6663: Race condition allows local users with certain permissions to gain privileges by leveraging use of my_copystat by REPAIR TABLE to repair a MyISAM table.
  • CVE-2016-5617, CVE-2016-6664: mysqld_safe, when using file-based logging, allows local users with access to the mysql account to gain root privileges via a symlink attack on error logs and possibly other files.
  • CVE-2016-5624: Remote security vulnerability in 'Server: DML' sub component.
  • CVE-2016-5626: Remote security vulnerability in 'Server: GIS' sub component.
  • CVE-2016-5629: Remote security vulnerability in 'Server: Federated' sub component.
  • CVE-2016-8283: Remote security vulnerability in 'Server: Types' sub component.

Discovery 2016-09-13
Entry 2017-01-14
mariadb55-client
mariadb55-server
lt 5.5.52

mariadb100-client
mariadb100-server
lt 10.0.28

mariadb101-client
mariadb101-server
lt 10.1.18

mysql55-client
mysql55-server
lt 5.5.52

mysql56-client
mysql56-server
lt 5.6.33

mysql57-client
mysql57-server
lt 5.7.15

percona55-client
percona55-server
lt 5.5.51.38.2

percona56-client
percona56-server
lt 5.6.32.78.1

http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixMSQL
https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/
https://mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/
https://mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/
CVE-2016-3492
CVE-2016-5616
CVE-2016-5617
CVE-2016-5624
CVE-2016-5626
CVE-2016-5629
CVE-2016-6663
CVE-2016-6664
CVE-2016-8283
7c27192f-0bc3-11e7-9940-b499baebfeafmysql -- denial of service vulnerability

Openwall reports:

C client library for MySQL (libmysqlclient.so) has use-after-free defect which can cause crash of applications using that MySQL client.


Discovery 2017-01-27
Entry 2017-03-18
mariadb55-client
le 5.5.54

mariadb100-client
lt 10.0.30

mariadb101-client
lt 10.1.22

mysql55-client
le 5.5.54

mysql56-client
lt 5.6.21

mysql57-client
lt 5.7.5

http://www.openwall.com/lists/oss-security/2017/02/11/11
CVE-2017-3302