Bump PORTREVISION of the client and add pkg-message to warn about

CVE-2015-3152 which will not get patched Security: CVE-2015-3152 Security: 36bd352d-299b-11e5-86ff-14dae9d210b8
svn path=/head/; revision=392456
2025-05-24 23:16:33 -04:00 · 2015-07-18 21:21:14 +00:00 · 2015-07-18 21:21:14 +00:00 · af4ddc5081 · 2021-03-31 03:12:20 +00:00
commit af4ddc5081
parent 3cc2374112
2 changed files with 17 additions and 2 deletions
--- a/databases/mysql56-client/Makefile
+++ b/databases/mysql56-client/Makefile
@ -2,14 +2,14 @@
 # $FreeBSD$

 PORTNAME=	mysql
-PORTREVISION=	1
+PORTREVISION=	2
 PKGNAMESUFFIX=	56-client

 COMMENT=	Multithreaded SQL database (client)

 MASTERDIR=	${.CURDIR}/../mysql56-server

-PKGMESSAGE=	mustnotexist
+PKGMESSAGE=	${.CURDIR}/pkg-message
 PATCHDIR=	${.CURDIR}/files
 PLIST=		${.CURDIR}/pkg-plist

--- a/databases/mysql56-client/pkg-message
+++ b/databases/mysql56-client/pkg-message
@ -0,0 +1,15 @@
+* * * * * * * * * * * * * * * * * * * * * * * *
+
+Please be aware the database client is vulnerable
+to CVE-2015-3152 - SSL Downgrade aka "BACKRONYM".
+You may find more information at the following URL:
+
+http://www.vuxml.org/freebsd/36bd352d-299b-11e5-86ff-14dae9d210b8.html
+
+Although this database client is not listed as
+"affected", it is vulnerable and will not be 
+receiving a patch. Please take note of this when
+deploying this software.
+
+* * * * * * * * * * * * * * * * * * * * * * * *
+