diff options
author | sbd <sbd> | 2011-03-01 08:28:32 +0000 |
---|---|---|
committer | sbd <sbd> | 2011-03-01 08:28:32 +0000 |
commit | 12276decbb01407353934586469005ced557375f (patch) | |
tree | cecec9c02bac8763c0d54110c331490f28d2afc1 /databases/mysql5-server/patches | |
parent | 10408f9212c4e41810a963ae475d5d10d76c9c48 (diff) | |
download | pkgsrc-12276decbb01407353934586469005ced557375f.tar.gz |
Pullup ticket #3366 - requested by taca
databases/mysql5-{client,server} security fixes.
Revisions pulled up:
- databases/mysql5-client/Makefile.common 1.41
- databases/mysql5-client/distinfo 1.30
- databases/mysql5-client/patches/patch-ad 1.8
- databases/mysql5-client/patches/patch-af 1.9
- databases/mysql5-server/PLIST 1.17
- databases/mysql5-server/distinfo 1.26
- databases/mysql5-server/patches/patch-aa 1.7
- databases/mysql5-server/patches/patch-ag 1.9
- databases/mysql5-server/patches/patch-ah 1.8
---
Module Name: pkgsrc
Module Name: pkgsrc
Committed By: taca
Date: Sat Feb 26 02:58:56 UTC 2011
Modified Files:
pkgsrc/databases/mysql5-client: Makefile.common distinfo
pkgsrc/databases/mysql5-client/patches: patch-ad patch-af
pkgsrc/databases/mysql5-server: PLIST distinfo
pkgsrc/databases/mysql5-server/patches: patch-aa patch-ag patch-ah
Log Message:
Update mysql5-{client,server} pacakge to 5.0.92.
Functionality added or changed:
* The time zone tables available at
http://dev.mysql.com/downloads/timezones.html have been
updated. These tables can be used on systems such as Windows or
HP-UX that do not include zoneinfo files. (Bug#40230)
Bugs fixed:
* Security Fix: During evaluation of arguments to extreme-value
functions (such as LEAST() and GREATEST()), type errors did not
propagate properly, causing the server to crash. (Bug#55826,
CVE-2010-3833)
* Security Fix: The server could crash after materializing a derived
table that required a temporary table for grouping. (Bug#55568,
CVE-2010-3834)
* Security Fix: A user-variable assignment expression that is
evaluated in a logical expression context can be precalculated in a
temporary table for GROUP BY. However, when the expression value is
used after creation of the temporary table, it was re-evaluated, not
read from the table and a server crash resulted. (Bug#55564,
CVE-2010-3835)
* Security Fix: Joins involving a table with a unique SET column could
cause a server crash. (Bug#54575, CVE-2010-3677)
* Security Fix: Pre-evaluation of LIKE predicates during view
preparation could cause a server crash. (Bug#54568, CVE-2010-3836)
* Security Fix: GROUP_CONCAT() and WITH ROLLUP together could cause a
server crash. (Bug#54476, CVE-2010-3837)
* Security Fix: Queries could cause a server crash if the GREATEST()
or LEAST() function had a mixed list of numeric and LONGBLOB
arguments, and the result of such a function was processed using an
intermediate temporary table. (Bug#54461, CVE-2010-3838)
* Security Fix: Using EXPLAIN with queries of the form SELECT
... UNION ... ORDER BY (SELECT ... WHERE ...) could cause a server
crash. (Bug#52711, CVE-2010-3682)
* InnoDB Storage Engine: Creating or dropping a table with 1023
transactions active caused an assertion failure. (Bug#49238)
* The make_binary_distribution target to make could fail on some
platforms because the lines generated were too long for the
shell. (Bug#54590)
* A client could supply data in chunks to a prepared statement
parameter other than of type TEXT or BLOB using the
mysql_stmt_send_long_data() C API function (or
COM_STMT_SEND_LONG_DATA command). This led to a crash because other
data types are not valid for long data. (Bug#54041)
* Builds of the embedded mysqld would fail due to a missing element of
the struct NET. (Bug#53908, Bug#53912)
* The definition of the MY_INIT macro in my_sys.h included an
extraneous semicolon, which could cause compilation
failure. (Bug#53906)
* If the remote server for a FEDERATED table could not be accessed,
queries for the INFORMATION_SCHEMA.TABLES table failed. (Bug#35333)
* mysqld could fail during execution when using SSL. (Bug#34236)
* Threads that were calculating the estimated number of records for a
range scan did not respond to the KILL statement. That is, if a
range join type is possible (even if not selected by the optimizer
as a join type of choice and thus not shown by EXPLAIN), the query
in the statistics state (shown by the SHOW PROCESSLIST) did not
respond to the KILL statement. (Bug#25421)
Diffstat (limited to 'databases/mysql5-server/patches')
-rw-r--r-- | databases/mysql5-server/patches/patch-aa | 8 | ||||
-rw-r--r-- | databases/mysql5-server/patches/patch-ag | 8 | ||||
-rw-r--r-- | databases/mysql5-server/patches/patch-ah | 8 |
3 files changed, 12 insertions, 12 deletions
diff --git a/databases/mysql5-server/patches/patch-aa b/databases/mysql5-server/patches/patch-aa index 58e00239cfa..02a54739282 100644 --- a/databases/mysql5-server/patches/patch-aa +++ b/databases/mysql5-server/patches/patch-aa @@ -1,10 +1,10 @@ -$NetBSD: patch-aa,v 1.6 2010/02/18 15:46:10 taca Exp $ +$NetBSD: patch-aa,v 1.6.8.1 2011/03/01 08:28:33 sbd Exp $ ---- Makefile.in.orig 2010-01-15 09:54:05.000000000 +0000 +--- Makefile.in.orig 2011-01-25 11:32:06.000000000 +0000 +++ Makefile.in -@@ -375,12 +375,8 @@ AUTOMAKE_OPTIONS = foreign +@@ -376,12 +376,8 @@ AUTOMAKE_OPTIONS = foreign EXTRA_DIST = INSTALL-SOURCE INSTALL-WIN-SOURCE \ - README COPYING EXCEPTIONS-CLIENT CMakeLists.txt + README COPYING CMakeLists.txt -SUBDIRS = . include @docs_dirs@ @zlib_dir@ @yassl_dir@ \ - @readline_topdir@ sql-common scripts \ diff --git a/databases/mysql5-server/patches/patch-ag b/databases/mysql5-server/patches/patch-ag index 71495e50a9a..54ad0625530 100644 --- a/databases/mysql5-server/patches/patch-ag +++ b/databases/mysql5-server/patches/patch-ag @@ -1,10 +1,10 @@ -$NetBSD: patch-ag,v 1.8 2010/02/18 15:46:10 taca Exp $ +$NetBSD: patch-ag,v 1.8.8.1 2011/03/01 08:28:33 sbd Exp $ ---- man/Makefile.in.orig 2010-01-15 09:53:44.000000000 +0000 +--- man/Makefile.in.orig 2011-01-25 11:31:45.000000000 +0000 +++ man/Makefile.in -@@ -349,7 +349,7 @@ yassl_h_ln_cmd = @yassl_h_ln_cmd@ - yassl_libs = @yassl_libs@ +@@ -350,7 +350,7 @@ yassl_libs = @yassl_libs@ yassl_taocrypt_extra_cxxflags = @yassl_taocrypt_extra_cxxflags@ + yassl_thread_cxxflags = @yassl_thread_cxxflags@ zlib_dir = @zlib_dir@ -man1_MANS = @man1_files@ +man1_MANS = mysqld_multi.1 diff --git a/databases/mysql5-server/patches/patch-ah b/databases/mysql5-server/patches/patch-ah index 0b48b874770..ba199616fed 100644 --- a/databases/mysql5-server/patches/patch-ah +++ b/databases/mysql5-server/patches/patch-ah @@ -1,8 +1,8 @@ -$NetBSD: patch-ah,v 1.7 2010/02/18 15:46:10 taca Exp $ +$NetBSD: patch-ah,v 1.7.8.1 2011/03/01 08:28:33 sbd Exp $ ---- include/Makefile.in.orig 2010-01-15 09:53:42.000000000 +0000 +--- include/Makefile.in.orig 2011-01-25 11:31:43.000000000 +0000 +++ include/Makefile.in -@@ -363,13 +363,7 @@ HEADERS_GEN = mysql_version.h my_config. +@@ -364,13 +364,7 @@ HEADERS_GEN = mysql_version.h my_config. HEADERS_ABI = mysql.h mysql_com.h mysql_time.h \ my_list.h my_alloc.h typelib.h @@ -15,5 +15,5 @@ $NetBSD: patch-ah,v 1.7 2010/02/18 15:46:10 taca Exp $ - m_ctype.h my_attribute.h $(HEADERS_GEN) +pkginclude_HEADERS = - noinst_HEADERS = config-win.h config-os2.h config-netware.h \ + noinst_HEADERS = config-win.h config-netware.h \ heap.h my_bitmap.h\ |