MySQL - http://www.oracle.com/technetwork/security-advisory/
cpuoct2016-2881722.html#AppendixMSQL
VirtualBox - http://www.oracle.com/technetwork/security-advisory/
cpuoct2016-2881722.html#AppendixOVIR
I don't use My SQL, but the list does not include any CVEs that are
applicable to the versions currently in ports. Ot at least MySQL 5.5. and
VirtualBox. (Packages lag a bit and I imagine that 5.5.53 (MySQL) and 5.1.8
(VB) may not be available in all repos for a couple of days.)
Many of us see this as a major weakness in the FreeBSD security model.
The fact that a port or package was deprecated after being installed is
simply not a good reason for not listing it in the vulnxml. I say this
from experience have had to inform more than one FreeBSD site that they
were hosting known insecure software when they had previously trusted
'pkg audit'.
Roger Marquis
_______________________________________________
freebsd-ports@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"
