| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Most notably this version includes fixes for:
http://secunia.com/advisories/21259/
http://secunia.com/advisories/21506/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3469
* Packages changes:
the script mysqldumpslow had been moved from the mysql4-client to the
mysql4-server.
* Changes since last packaged version (4.1.20)
(see http://dev.mysql.com/doc/refman/4.1/en/news-4-1-21.html for more details):
This is a bugfix release for the recent production release family.
Functionality added or changed:
- For spatial data types, the server formerly returned these as
VARSTRING values with a binary collation. Now the server returns
spatial values as BLOB values. (Bug#10166)
- Added the --set-charset option to mysqlbinlog to allow the
character set to be specified for processing binary log files.
(Bug#18351)
- For a table with an AUTO_INCREMENT column, SHOW CREATE TABLE now
shows the next AUTO_INCREMENT value to be generated. (Bug#19025)
- A warning now is issued if the client attempts to set the
SQL_LOG_OFF variable without the SUPER privilege. (Bug#16180)
- The mysqldumpslow script has been moved from client RPM packages
to server RPM packages. This corrects a problem where mysqldumpslow
could not be used with a client-only RPM install, because it depends
on my_print_defaults which is in the server RPM. (Bug#20216)
Bugs fixed:
- Security fix: On Linux, and possibly other platforms using
case-sensitive filesystems, it was possible for a user granted
rights on a database to create or access a database whose name
differed only from that of the first by the case of one or more
letters. (Bug#17647)
- Security fix: If a user has access to MyISAM table t, that user
can create a MERGE table m that accesses t. However, if the user's
privileges on t are subsequently revoked, the user can continue to
access t by doing so through m. If this behavior is undesirable,
you can start the server with the new --skip-merge option to disable
the MERGE storage engine. (Bug#15195)
- Security fix: Invalid arguments to DATE_FORMAT() caused a server
crash. (CVE-2006-3469, Bug#20729) Thanks to Jean-David Maillefer
for discovering and reporting this problem to the Debian project
and to Christian Hammers from the Debian Team for notifying us of
it.
...
(see http://dev.mysql.com/doc/refman/4.1/en/news-4-1-21.html for
the complete
bug fix list)
|
|
and add a new helper target and script, "show-buildlink3", that outputs
a listing of the buildlink3.mk files included as well as the depth at
which they are included.
For example, "make show-buildlink3" in fonts/Xft2 displays:
zlib
fontconfig
iconv
zlib
freetype2
expat
freetype2
Xrender
renderproto
|
|
of the order in which buildlink3.mk files are (recursively) included
by a package Makefile.
|
|
Most notably this version includes fixes for
http://secunia.com/advisories/20365/
and
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-0903
The fix for the latter was provided in PR pkg/33616 by Cedric
Devillers, cedric dot devillers at script dottt univ-paris7 dot fr,
and is not part of the upstream version 4.1.20.
* Changes since last packaged version (4.1.19)
(see http://dev.mysql.com/doc/refman/4.1/en/news-4-1-20.html for me details):
This is a security fix release for the previous production release
family. This release includes the security fix described later in
this section and a few other changes to resolve build problems,
relative to the last official MySQL release (4.1.19).
Bugs fixed:
- Security fix: An SQL-injection security hole has been found in
multi-byte encoding processing. The bug was in the server, incorrectly
parsing the string escaped with the mysql_real_escape_string() C
API function. (CVE-2006-2753, Bug#8378)
This vulnerability was discovered and reported by Josh Berkus
<josh@postgresql.org> and Tom Lane <tgl@sss.pgh.pa.us> as part of
the inter-project security collaboration of the OSDB consortium.
- The patch for Bug#8303 broke the fix for Bug#8378 and was undone.
(In string literals with an escape character (\) followed by a
multi-byte character that has a second byte of (\), the literal
was not interpreted correctly. The next byte now is escaped, not
the entire multi-byte character. This means it a strict reverse of
the mysql_real_escape_string() function.)
- The client libraries had not been compiled for position-indpendent
code on Solaris-SPARC and AMD x86_64 platforms. (Bug#13159, Bug#14202,
Bug#18091)
- Running myisampack followed by myisamchk with the --unpack option
would corrupt the auto_increment key. (Bug#12633)
|
|
Lots of changes since last packaged version (4.1.15), please see:
http://dev.mysql.com/doc/refman/4.1/en/news-4-1-19.html
http://dev.mysql.com/doc/refman/4.1/en/news-4-1-18.html
http://dev.mysql.com/doc/refman/4.1/en/news-4-1-17.html
http://dev.mysql.com/doc/refman/4.1/en/news-4-1-16.html
Most notably this version includes a fix for
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1517
While here install more man pages and merge mysql4-client/patches/patch-ad
into mysql4-client/patches/patch-af.
|
|
need them, for example RESTRICTED and SUBST_MESSAGE.*.
|
|
that they look nicer.
|
|
RECOMMENDED is removed. It becomes ABI_DEPENDS.
BUILDLINK_RECOMMENDED.foo becomes BUILDLINK_ABI_DEPENDS.foo.
BUILDLINK_DEPENDS.foo becomes BUILDLINK_API_DEPENDS.foo.
BUILDLINK_DEPENDS does not change.
IGNORE_RECOMMENDED (which defaulted to "no") becomes USE_ABI_DEPENDS
which defaults to "yes".
Added to obsolete.mk checking for IGNORE_RECOMMENDED.
I did not manually go through and fix any aesthetic tab/spacing issues.
I have tested the above patch on DragonFly building and packaging
subversion and pkglint and their many dependencies.
I have also tested USE_ABI_DEPENDS=no on my NetBSD workstation (where I
have used IGNORE_RECOMMENDED for a long time). I have been an active user
of IGNORE_RECOMMENDED since it was available.
As suggested, I removed the documentation sentences suggesting bumping for
"security" issues.
As discussed on tech-pkg.
I will commit to revbump, pkglint, pkg_install, createbuildlink separately.
Note that if you use wip, it will fail! I will commit to pkgsrc-wip
later (within day).
|
|
* List the info files directly in the PLIST.
|
|
only with GNU as(1).
XXX this condition should probably be reversed to the positive case,
XXX not the negative case so that it works on more platforms.
|
|
|
|
it in the mysql packages.
|
|
CONFIGURE_ARGS.
|
|
example MAKE_ENV+=FOO=${BAR} is changed to MAKE_ENV+=FOO=${BAR:Q}. Some
other changes are outlined in
http://mail-index.netbsd.org/tech-pkg/2005/12/02/0034.html
|
|
the symbol naming is wrong, so no --enable-assembler will get it built.)
|
|
Please see http://dev.mysql.com/doc/refman/4.1/en/news-4-1-15.html
for more information about bugfixes/changes.
|
|
|
|
|
|
Lots of changes, please see
http://dev.mysql.com/doc/mysql/en/news-4-1-14.html
for more information.
|
|
PR#30678 and PR#30364.
|
|
Lots of changes, see http://dev.mysql.com/doc/mysql/en/news-4-1-13.html
for a detailed description.
|
|
around at either build-time or at run-time is:
USE_TOOLS+= perl # build-time
USE_TOOLS+= perl:run # run-time
Also remove some places where perl5/buildlink3.mk was being included
by a package Makefile, but all that the package wanted was the Perl
executable.
|
|
include dir is automatically available in ${CPPFLAGS}, following
the example of postgres74-lib.
|
|
Lots of changes and bugs fixed, see
http://dev.mysql.com/doc/mysql/en/news-4-1-12.html
for more information.
|
|
USE_GNU_TOOLS -> USE_TOOLS
awk -> gawk
m4 -> gm4
make -> gmake
sed -> gsed
yacc -> bison
|
|
portable shell constructs.
|
|
which can take multiple values -- "pax" or "gtar". The default value
of EXTRACT_USING is "pax", which more closely matches reality since
before, we were using bootstrap "tar" for ${GTAR} and it was actually
pax-as-tar. Also, stop pretending pax-as-tar from the bootstrap kit
or on NetBSD is GNU tar. Lastly, in bsd.pkg.extract.mk, note whether
we need "pax" or "gtar" depending on what we need to extract the
distfiles.
|
|
|
|
Lots of bugfixes and new functionality was added, more info:
http://dev.mysql.com/doc/mysql/en/news-4-1-11.html
|
|
- Fix potential security vulnerabilities in the creation of temporary
table file names and the handling of User Defined Functions (UDFs).
More info: http://www.k-otik.com/english/advisories/2005/0252
Increased BUILDLINK_RECOMMENDED to 4.1.10a.
|
|
o Explain how to start mysqld correctly, PKG_RCD_SCRIPTS {dis,en}abled;
closes PR pkg/29579.
|
|
|
|
|
|
A lot of bugfixes and functionality was added... please see:
http://dev.mysql.com/doc/mysql/en/news-4-1-10.html
|
|
vulnerability in the mysqlaccess script.
Bump PKGREVISION and BUILDLINK_RECOMMENDED.
|
|
Functionality added or changed:
* The Mac OS X 10.3 installation disk images now include a MySQL
Preference Pane for the Mac OS X Control Panel that enables the user
to start and stop the MySQL server via the GUI and activate and
deactivate the automatic MySQL server startup on bootup.
* Seconds_Behind_Master will be NULL (which means ``unknown'')
if the slave SQL thread is not running, or if the slave I/O thread
is not running or not connected to master. It will be zero if the
SQL thread has caught up with the I/O thread. It no longer grows
indefinitely if the master is idle.
* InnoDB: Do not acquire an internal InnoDB table lock in LOCK
TABLES if AUTOCOMMIT=1. This helps in porting old MyISAM applications
to InnoDB. InnoDB table locks in that case caused deadlocks very easily.
* InnoDB: Print a more descriptive error and refuse to start InnoDB
if the size of `ibdata' files is smaller than what is stored in the
tablespace header; innodb_force_recovery overrides this.
* The MySQL server aborts immediately instead of simply issuing a
warning if it is started with the --log-bin option but cannot
initialize the binary log at startup (that is, an error occurs when
writing to the binary log file or binary log index file).
* The binary log file and binary log index file now behave like
MyISAM when there is a "disk full" or "quota exceeded" error. See
section A.4.3 How MySQL Handles a Full Disk.
Many bugfixes were fixed... see
http://dev.mysql.com/doc/mysql/en/News-4.1.9.html
|
|
by mysql-client. This should fix problem reported by Stoned Elipot.
|
|
Please check http://dev.mysql.com/doc/mysql/en/News-4.1.8.html to
see the list of changes, new features added and a bunch of bugs were
fixed.
|
|
to the perl executable.
|
|
|
|
mysql*-client! explain which are the required packages to run the script.
|
|
script.
Bump PKGREVISION to each package respectively.
|
|
that use pthreads already implement their own probes for pthreads, so
we don't need to auto-add the compiler/linker flags.
|
|
* Use PTHREAD_AUTO_VARS=no to disable linking to libpthread all programs
and libraries, which is wrong.
* Set USE_LIBTOOL and GNU_CONFIGURE before including bsd.prefs.mk, so
the test for _OPSYS_MAX_CMDLEN is not skipped.
Bump PKGREVISION to each package respectively
(mysql-client and mysql4-client), closes PR pkg/28162 and PR pkg/28222.
|
|
not Apache modules) use Posix Threads.
|
|
|
|
minutes ago, but using subst.mk.
|
|
packages that depend on mysql-client, using buildlink3, and using
GNU PTH, the pthread library never gets pulled in by buildlink. This
caused the p5-DBD-mysql build to fail, which in turn caused the mytop
build to fail. The fix is to include mk/pthread.buildlink3.mk in
mysql4-client/buildlink3.mk.
This addresses PR#28162.
|
|
|
|
mysql_drop_db(), mysql_create_db() and mysql_connect(), required
to build some applications using the MySQL 3.23.x API.
|
