diff options
| author | xtraeme <xtraeme@pkgsrc.org> | 2005-01-20 13:37:48 +0000 |
|---|---|---|
| committer | xtraeme <xtraeme@pkgsrc.org> | 2005-01-20 13:37:48 +0000 |
| commit | 02501274e31b61d142678e92279e7ea15fe2d882 (patch) | |
| tree | b7fce63c271e967133712a245b8106e944ccb363 | |
| parent | d017193d8084ad7c4278fced1d928cf981b10f3d (diff) | |
| download | pkgsrc-02501274e31b61d142678e92279e7ea15fe2d882.tar.gz | |
Apply patch from MySQL BitKeeper repository to fix the symlink
vulnerability in the mysqlaccess script.
Bump PKGREVISION and BUILDLINK_RECOMMENDED.
| -rw-r--r-- | databases/mysql4-client/Makefile | 4 | ||||
| -rw-r--r-- | databases/mysql4-client/Makefile.common | 3 | ||||
| -rw-r--r-- | databases/mysql4-client/buildlink3.mk | 3 | ||||
| -rw-r--r-- | databases/mysql4-client/distinfo | 3 | ||||
| -rw-r--r-- | databases/mysql4-client/patches/patch-az | 95 |
5 files changed, 102 insertions, 6 deletions
diff --git a/databases/mysql4-client/Makefile b/databases/mysql4-client/Makefile index 1ad48edaf62..c292aaa3c41 100644 --- a/databases/mysql4-client/Makefile +++ b/databases/mysql4-client/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.19 2005/01/10 15:47:18 xtraeme Exp $ +# $NetBSD: Makefile,v 1.20 2005/01/20 13:37:48 xtraeme Exp $ PKGNAME= ${DISTNAME:S/-/-client-/} -#PKGREVISION= 1 +PKGREVISION= 1 SVR4_PKGNAME= mysqc COMMENT= MySQL 4, a free SQL database (client) diff --git a/databases/mysql4-client/Makefile.common b/databases/mysql4-client/Makefile.common index c3b85531cdd..a1ab3412a44 100644 --- a/databases/mysql4-client/Makefile.common +++ b/databases/mysql4-client/Makefile.common @@ -1,4 +1,4 @@ -# $NetBSD: Makefile.common,v 1.29 2005/01/17 14:42:35 xtraeme Exp $ +# $NetBSD: Makefile.common,v 1.30 2005/01/20 13:37:48 xtraeme Exp $ DISTNAME= mysql-4.1.9 CATEGORIES= databases @@ -51,7 +51,6 @@ CONFIGURE_ARGS+= --without-bench CONFIGURE_ARGS+= --with-low-memory CONFIGURE_ARGS+= --with-openssl=${BUILDLINK_PREFIX.openssl} CONFIGURE_ARGS+= --with-vio -CONFIGURE_ARGS+= --without-mysqlfs CONFIGURE_ARGS+= --with-charset=${MYSQL_CHARSET} CONFIGURE_ARGS+= --with-extra-charsets=${MYSQL_EXTRA_CHARSET} diff --git a/databases/mysql4-client/buildlink3.mk b/databases/mysql4-client/buildlink3.mk index a0dbf7f17ae..6562ef9c6ff 100644 --- a/databases/mysql4-client/buildlink3.mk +++ b/databases/mysql4-client/buildlink3.mk @@ -1,4 +1,4 @@ -# $NetBSD: buildlink3.mk,v 1.8 2004/11/16 21:48:38 tron Exp $ +# $NetBSD: buildlink3.mk,v 1.9 2005/01/20 13:37:48 xtraeme Exp $ BUILDLINK_DEPTH:= ${BUILDLINK_DEPTH}+ MYSQL_CLIENT_BUILDLINK3_MK:= ${MYSQL_CLIENT_BUILDLINK3_MK}+ @@ -12,6 +12,7 @@ BUILDLINK_PACKAGES+= mysql-client .if !empty(MYSQL_CLIENT_BUILDLINK3_MK:M+) BUILDLINK_DEPENDS.mysql-client+= mysql-client>=4.1.7 +BUILDLINK_RECOMMENDED.mysql-client+= mysql-client>=4.1.9nb1 BUILDLINK_PKGSRCDIR.mysql-client?= ../../databases/mysql4-client BUILDLINK_LIBDIRS.mysql-client?= lib/mysql .endif # MYSQL_CLIENT_BUILDLINK3_MK diff --git a/databases/mysql4-client/distinfo b/databases/mysql4-client/distinfo index e98f7e1cb81..bb5d6ec7fa6 100644 --- a/databases/mysql4-client/distinfo +++ b/databases/mysql4-client/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.13 2005/01/17 14:42:35 xtraeme Exp $ +$NetBSD: distinfo,v 1.14 2005/01/20 13:37:48 xtraeme Exp $ SHA1 (mysql-4.1.9.tar.gz) = e526f301704f8fca7c7e9f42d368ffa1fef2a152 Size (mysql-4.1.9.tar.gz) = 22308321 bytes @@ -8,3 +8,4 @@ SHA1 (patch-av) = 4f73104cd3b798103eb2c4f83073dbac02b4db90 SHA1 (patch-aw) = cd03eb6c81a932186370e9ed248d0c7886b7286d SHA1 (patch-ax) = 9e9176468d6d335617862a4d77a358931d7c8c49 SHA1 (patch-ay) = 9b1dfa213491d8daf82ff8d5ee293d1279c64ce8 +SHA1 (patch-az) = b4e2059514e479e27675d68af973386ad9ee5f6d diff --git a/databases/mysql4-client/patches/patch-az b/databases/mysql4-client/patches/patch-az new file mode 100644 index 00000000000..4a1d02f55ab --- /dev/null +++ b/databases/mysql4-client/patches/patch-az @@ -0,0 +1,95 @@ +$NetBSD: patch-az,v 1.1 2005/01/20 13:37:48 xtraeme Exp $ + +mysqlaccess symlink vulnerability + +--- scripts/mysqlaccess.sh.orig 2005-01-16 14:28:38 -08:00 ++++ scripts/mysqlaccess.sh 2005-01-16 14:28:38 -08:00 +@@ -2,7 +2,7 @@ + # **************************** + package MySQLaccess; + #use strict; +-use POSIX qw(tmpnam); ++use File::Temp qw(tempfile tmpnam); + use Fcntl; + + BEGIN { +@@ -32,7 +32,6 @@ + $ACCESS_U_BCK = 'user_backup'; + $ACCESS_D_BCK = 'db_backup'; + $DIFF = '/usr/bin/diff'; +- $TMP_PATH = '/tmp'; #path to writable tmp-directory + $MYSQLDUMP = '@bindir@/mysqldump'; + #path to mysqldump executable + +@@ -432,7 +431,7 @@ + # no caching on STDOUT + $|=1; + +- $MYSQL_CNF = POSIX::tmpnam(); ++ $MYSQL_CNF = tmpnam(); + %MYSQL_CNF = (client => { }, + mysql => { }, + mysqldump => { }, +@@ -577,8 +576,6 @@ + push(@MySQLaccess::Grant::Error,'not_found_mysql') if !(-x $MYSQL); + push(@MySQLaccess::Grant::Error,'not_found_diff') if !(-x $DIFF); + push(@MySQLaccess::Grant::Error,'not_found_mysqldump') if !(-x $MYSQLDUMP); +-push(@MySQLaccess::Grant::Error,'not_found_tmp') if !(-d $TMP_PATH); +-push(@MySQLaccess::Grant::Error,'write_err_tmp') if !(-w $TMP_PATH); + if (@MySQLaccess::Grant::Error) { + MySQLaccess::Report::Print_Error_Messages() ; + exit 0; +@@ -1777,17 +1774,15 @@ + @before = sort(@before); + @after = sort(@after); + +- $before = "$MySQLaccess::TMP_PATH/$MySQLaccess::script.before.$$"; +- $after = "$MySQLaccess::TMP_PATH/$MySQLaccess::script.after.$$"; +- #$after = "/tmp/t0"; +- open(BEFORE,"> $before") || +- push(@MySQLaccess::Report::Errors,"Can't open temporary file $before for writing"); +- open(AFTER,"> $after") || +- push(@MySQLaccess::Report::Errors,"Can't open temporary file $after for writing"); +- print BEFORE join("\n",@before); +- print AFTER join("\n",@after); +- close(BEFORE); +- close(AFTER); ++ ($hb, $before) = tempfile("$MySQLaccess::script.XXXXXX") or ++ push(@MySQLaccess::Report::Errors,"Can't create temporary file: $!"); ++ ($ha, $after) = tempfile("$MySQLaccess::script.XXXXXX") or ++ push(@MySQLaccess::Report::Errors,"Can't create temporary file: $!"); ++ ++ print $hb join("\n",@before); ++ print $ha join("\n",@after); ++ close $hb; ++ close $ha; + + # ---------------------------------- + # compute difference +@@ -1800,8 +1795,8 @@ + + # ---------------------------------- + # cleanup temp. files +- unlink(BEFORE); +- unlink(AFTER); ++ unlink($before); ++ unlink($after); + + return \@diffs; + } +@@ -2316,14 +2311,6 @@ + => "The diff program <$MySQLaccess::DIFF> could not be found.\n" + ."+ Check your path, or\n" + ."+ edit the source of this script to point \$DIFF to the diff program.\n" +- ,'not_found_tmp' +- => "The temporary directory <$MySQLaccess::TMP_PATH> could not be found.\n" +- ."+ create this directory (writeable!), or\n" +- ."+ edit the source of this script to point \$TMP_PATH to the right directory.\n" +- ,'write_err_tmp' +- => "The temporary directory <$MySQLaccess::TMP_PATH> is not writable.\n" +- ."+ make this directory writeable!, or\n" +- ."+ edit the source of this script to point \$TMP_PATH to another directory.\n" + ,'Unrecognized_option' + => "Sorry,\n" + ."You are using an old version of the mysql-program,\n" + |