On Sun, Aug 25, 2024 at 02:46:32AM +0000, wen heping wrote: > Hi, > > Here is a patch for databases/p5-DBI to update to 1.644. > Upstream changelog say "Fix CVE-2014-10401 and CVE-2014-10402". > It build well and pass the test on amd64-current system. > > > Best Regards, > wen
I was a bit surprised to see such old CVEs only fixed now, then I looked them all, they're very specific, and if you're not using f_dir in incorrect ways, you're fine. They mostly fix broken config with f_dir. (of course this needs to be fixed anyhow)
