git: ebf298637d17 - main - security/vuxml: Update latest MySQL vuln entry
Bernard Spil
brnrd at FreeBSD.org
Tue May 4 14:26:36 UTC 2021
The branch main has been updated by brnrd:
URL: https://cgit.FreeBSD.org/ports/commit/?id=ebf298637d17a99676d2bf535fd5ebfa41ae152b
commit ebf298637d17a99676d2bf535fd5ebfa41ae152b
Author: Bernard Spil <brnrd at FreeBSD.org>
AuthorDate: 2021-05-04 14:25:18 +0000
Commit: Bernard Spil <brnrd at FreeBSD.org>
CommitDate: 2021-05-04 14:26:23 +0000
security/vuxml: Update latest MySQL vuln entry
* Adds CVE numbers
* Mark MariaDB partially affected
---
security/vuxml/vuln.xml | 64 +++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 64 insertions(+)
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index b1c8db06631f..1fcad1d5d7cb 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -549,6 +549,7 @@ Notes:
</description>
<references>
<url>https://www.jenkins.io/security/advisory/2021-04-20/</url>
+ <cvename>CVE-2021-28165</cvename>
</references>
<dates>
<discovery>2021-04-20</discovery>
@@ -559,6 +560,22 @@ Notes:
<vuln vid="56ba4513-a1be-11eb-9072-d4c9ef517024">
<topic>MySQL -- Multiple vulnerabilities</topic>
<affects>
+ <package>
+ <name>mariadb103-server</name>
+ <range><lt>10.3.29</lt></range>
+ </package>
+ <package>
+ <name>mariadb104-server</name>
+ <range><lt>10.4.19</lt></range>
+ </package>
+ <package>
+ <name>mariadb105-server</name>
+ <range><lt>10.5.10</lt></range>
+ </package>
+ <package>
+ <name>mysql56-server</name>
+ <range><lt>5.6.52</lt></range>
+ </package>
<package>
<name>mysql57-server</name>
<range><lt>5.7.34</lt></range>
@@ -578,15 +595,62 @@ Notes:
requiring user credentials.<br/>
The highest CVSS v3.1 Base Score of vulnerabilities affecting Oracle
MySQL is 9.8.</p>
+ <p>MariaDB is affected by CVE-2021-2166 and CVE-2021-2154 only</p>
</blockquote>
</body>
</description>
<references>
<url>https://www.oracle.com/security-alerts/cpuapr2021.html</url>
+ <url>https://mariadb.com/kb/en/mariadb-10510-release-notes/</url>
+ <cvename>CVE-2020-8277</cvename>
+ <cvename>CVE-2020-1971</cvename>
+ <cvename>CVE-2021-3449</cvename>
+ <cvename>CVE-2020-28196</cvename>
+ <cvename>CVE-2021-23841</cvename>
+ <cvename>CVE-2021-2144</cvename>
+ <cvename>CVE-2021-2172</cvename>
+ <cvename>CVE-2021-2298</cvename>
+ <cvename>CVE-2021-2178</cvename>
+ <cvename>CVE-2021-2202</cvename>
+ <cvename>CVE-2021-2307</cvename>
+ <cvename>CVE-2021-2304</cvename>
+ <cvename>CVE-2021-2180</cvename>
+ <cvename>CVE-2021-2194</cvename>
+ <cvename>CVE-2021-2154</cvename>
+ <cvename>CVE-2021-2166</cvename>
+ <cvename>CVE-2021-2196</cvename>
+ <cvename>CVE-2021-2300</cvename>
+ <cvename>CVE-2021-2305</cvename>
+ <cvename>CVE-2021-2179</cvename>
+ <cvename>CVE-2021-2226</cvename>
+ <cvename>CVE-2021-2160</cvename>
+ <cvename>CVE-2021-2164</cvename>
+ <cvename>CVE-2021-2169</cvename>
+ <cvename>CVE-2021-2170</cvename>
+ <cvename>CVE-2021-2193</cvename>
+ <cvename>CVE-2021-2203</cvename>
+ <cvename>CVE-2021-2212</cvename>
+ <cvename>CVE-2021-2213</cvename>
+ <cvename>CVE-2021-2278</cvename>
+ <cvename>CVE-2021-2299</cvename>
+ <cvename>CVE-2021-2230</cvename>
+ <cvename>CVE-2021-2146</cvename>
+ <cvename>CVE-2021-2201</cvename>
+ <cvename>CVE-2021-2208</cvename>
+ <cvename>CVE-2021-2215</cvename>
+ <cvename>CVE-2021-2217</cvename>
+ <cvename>CVE-2021-2293</cvename>
+ <cvename>CVE-2021-2174</cvename>
+ <cvename>CVE-2021-2171</cvename>
+ <cvename>CVE-2021-2162</cvename>
+ <cvename>CVE-2021-2301</cvename>
+ <cvename>CVE-2021-2308</cvename>
+ <cvename>CVE-2021-2232</cvename>
</references>
<dates>
<discovery>2021-04-20</discovery>
<entry>2021-04-20</entry>
+ <modified>2021-05-04</modified>
</dates>
</vuln>
More information about the dev-commits-ports-all
mailing list