странная бага или фича mysql55-server-5.5.44
Добавлено: 2015-07-17 15:16:04
Код: Выделить всё
===> Cleaning for mysql55-client-5.5.44
---> Cleaning out obsolete shared libraries
---> Upgrading 'mysql55-server-5.5.43' to 'mysql55-server-5.5.44' (databases/mysql55-server)
---> Building '/usr/ports/databases/mysql55-server'
===> Cleaning for mysql55-server-5.5.44
===> mysql55-server-5.5.44 has known vulnerabilities:
mysql55-server-5.5.44 is vulnerable:
mysql -- SSL Downgrade
CVE: CVE-2015-3152
WWW: https://vuxml.FreeBSD.org/freebsd/36bd352d-299b-11e5-86ff-14dae9d210b8.html
1 problem(s) in the installed packages found.
=> Please update your ports tree and try again.
=> Note: Vulnerable ports are marked as such even if there is no update available.
=> If you wish to ignore this vulnerability rebuild with 'make DISABLE_VULNERABILITIES=yes'
*** Error code 1
Stop.
make[1]: stopped in /usr/ports/databases/mysql55-server
*** Error code 1
Stop.
make: stopped in /usr/ports/databases/mysql55-server
** Command failed [exit code 1]: /usr/bin/script -qa /tmp/portupgrade20150717-18835-1l0ufq2 env UPGRADE_TOOL=portupgrade UPGRADE_PORT=mysql55-server-5.5.43 UPGRADE_PORT_VER=5.5.43 make
** Fix the problem and try again.
** Listing the failed packages (-:ignored / *:skipped / !:failed)
! databases/mysql55-server (mysql55-server-5.5.43) (security vulnerabilities)
Но вопрос в другом, почему эта бага всплыла только сейчас.
CVE: CVE-2015-3152 - эта бага/фича известна еще с памта нынешнего года, почему только сейчас фряха начала предупреждать об баге?