summaryrefslogtreecommitdiff
path: root/databases/mysql5-client
AgeCommit message (Collapse)AuthorFilesLines
2012-03-09Only include the OpenSSL BL3 if mysql-client was built with the 'ssl' option.fhajny1-2/+8
2011-02-26Update mysql5-{client,server} pacakge to 5.0.92.taca4-17/+17
Functionality added or changed: * The time zone tables available at http://dev.mysql.com/downloads/timezones.html have been updated. These tables can be used on systems such as Windows or HP-UX that do not include zoneinfo files. (Bug#40230) Bugs fixed: * Security Fix: During evaluation of arguments to extreme-value functions (such as LEAST() and GREATEST()), type errors did not propagate properly, causing the server to crash. (Bug#55826, CVE-2010-3833) * Security Fix: The server could crash after materializing a derived table that required a temporary table for grouping. (Bug#55568, CVE-2010-3834) * Security Fix: A user-variable assignment expression that is evaluated in a logical expression context can be precalculated in a temporary table for GROUP BY. However, when the expression value is used after creation of the temporary table, it was re-evaluated, not read from the table and a server crash resulted. (Bug#55564, CVE-2010-3835) * Security Fix: Joins involving a table with a unique SET column could cause a server crash. (Bug#54575, CVE-2010-3677) * Security Fix: Pre-evaluation of LIKE predicates during view preparation could cause a server crash. (Bug#54568, CVE-2010-3836) * Security Fix: GROUP_CONCAT() and WITH ROLLUP together could cause a server crash. (Bug#54476, CVE-2010-3837) * Security Fix: Queries could cause a server crash if the GREATEST() or LEAST() function had a mixed list of numeric and LONGBLOB arguments, and the result of such a function was processed using an intermediate temporary table. (Bug#54461, CVE-2010-3838) * Security Fix: Using EXPLAIN with queries of the form SELECT ... UNION ... ORDER BY (SELECT ... WHERE ...) could cause a server crash. (Bug#52711, CVE-2010-3682) * InnoDB Storage Engine: Creating or dropping a table with 1023 transactions active caused an assertion failure. (Bug#49238) * The make_binary_distribution target to make could fail on some platforms because the lines generated were too long for the shell. (Bug#54590) * A client could supply data in chunks to a prepared statement parameter other than of type TEXT or BLOB using the mysql_stmt_send_long_data() C API function (or COM_STMT_SEND_LONG_DATA command). This led to a crash because other data types are not valid for long data. (Bug#54041) * Builds of the embedded mysqld would fail due to a missing element of the struct NET. (Bug#53908, Bug#53912) * The definition of the MY_INIT macro in my_sys.h included an extraneous semicolon, which could cause compilation failure. (Bug#53906) * If the remote server for a FEDERATED table could not be accessed, queries for the INFORMATION_SCHEMA.TABLES table failed. (Bug#35333) * mysqld could fail during execution when using SSL. (Bug#34236) * Threads that were calculating the estimated number of records for a range scan did not respond to the KILL statement. That is, if a range join type is possible (even if not selected by the optimizer as a join type of choice and thus not shown by EXPLAIN), the query in the statistics state (shown by the SHOW PROCESSLIST) did not respond to the KILL statement. (Bug#25421)
2010-11-15Drop maintainer, ENOTIME.sketch1-2/+2
2010-09-23Restrict dependency to the intended 5.0 client.joerg1-2/+2
2010-06-02Update mysql5-{client,server} package to 5.0.91.taca3-9/+10
For full changes, refer http://dev.mysql.com/doc/refman/5.0/en/news-5-0-91.html. Here is security related changes. * Security Fix: The server failed to check the table name argument of a COM_FIELD_LIST command packet for validity and compliance to acceptable table name standards. This could be exploited to bypass almost all forms of checks for privileges and table-level grants by providing a specially crafted table name argument to COM_FIELD_LIST. In MySQL 5.0 and above, this allowed an authenticated user with SELECT privileges on one table to obtain the field definitions of any table in all other databases and potentially of other MySQL instances accessible from the server's file system. Additionally, for MySQL version 5.1 and above, an authenticated user with DELETE or SELECT privileges on one table could delete or read content from any other table in all databases on this server, and potentially of other MySQL instances accessible from the server's file system. (Bug#53371, CVE-2010-1848) * Security Fix: The server was susceptible to a buffer-overflow attack due to a failure to perform bounds checking on the table name argument of a COM_FIELD_LIST command packet. By sending long data for the table name, a buffer is overflown, which could be exploited by an authenticated user to inject malicious code. (Bug#53237, CVE-2010-1850) * Security Fix: The server could be tricked into reading packets indefinitely if it received a packet larger than the maximum size of one packet. (Bug#50974, CVE-2010-1849)
2010-02-18Update mysql5-client and mysql5-server package to version 5.0.90.taca11-63/+101
This release many bug fixes and DoS security problem (CVE-2009-4484). Plese refer these URL in detail. http://dev.mysql.com/doc/refman/5.0/en/news-5-0-89.html http://dev.mysql.com/doc/refman/5.0/en/news-5-0-90.html There some minor pkgsrc change to prevent compile time warnings.
2010-01-17Recursive PKGREVISION bump for jpeg update to 8.wiz1-2/+2
2010-01-16Remove workaround for compiler bug in gcc2 on sparc64.wiz1-3/+1
2009-11-26Update "mysql5-client" and "mysql5-server" package to version 5.0.88.tron7-103/+15
This release fixes a large number of bugs and security vulnerabilities including SA37372. For detailed list of all the changes since 5.0.67 have a look here, please: http://dev.mysql.com/doc/refman/5.0/en/news-5-0-x.html
2009-07-19Set license to gnu-gpl-v2.tron1-1/+2
2009-06-14Remove @dirrm entries from PLISTsjoerg1-6/+1
2009-05-20Recursive ABI depends update and PKGREVISION bump for readline-6.0 shlibwiz1-2/+2
major change. Reported by Robert Elz in PR 41345.
2009-03-20Simply and speed up buildlink3.mk files and processing.joerg1-13/+6
This changes the buildlink3.mk files to use an include guard for the recursive include. The use of BUILDLINK_DEPTH, BUILDLINK_DEPENDS, BUILDLINK_PACKAGES and BUILDLINK_ORDER is handled by a single new variable BUILDLINK_TREE. Each buildlink3.mk file adds a pair of enter/exit marker, which can be used to reconstruct the tree and to determine first level includes. Avoiding := for large variables (BUILDLINK_ORDER) speeds up parse time as += has linear complexity. The include guard reduces system time by avoiding reading files over and over again. For complex packages this reduces both %user and %sys time to half of the former time.
2009-02-11Fix for ssl support on OpenSolarisadrianp1-1/+12
2009-01-28Update from version 5.0.67nb1 to 5.0.67nb2.he1-4/+4
Pkgsrc changes: o Add patch from http://bugs.mysql.com/file.php?id=9232, referenced on http://bugs.mysql.com/bug.php?id=27884, to fix the vulnerability recorded in http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4456. o Bump PKGREVISION (The regenerated patch checksums was overlooked initially - sorry!)
2009-01-28Update from version 5.0.67nb1 to 5.0.67nb2.he5-8/+81
Pkgsrc changes: o Add patch from http://bugs.mysql.com/file.php?id=9232, referenced on http://bugs.mysql.com/bug.php?id=27884, to fix the vulnerability recorded in http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4456. o Bump PKGREVISION
2008-09-20I'll take maintainership.sketch1-2/+2
2008-09-18Fix path to Perl interpreter in the installed scripts. Bump packagetron1-1/+8
revision because of this fix.
2008-09-18Update mysql5-client pacakge to 5.0.67.taca10-49/+58
For complete changes, please refer http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-67.html. Here is a part of it. Functionality added or changed: Security Enhancement: To enable stricter control over the location from which user-defined functions can be loaded, the plugin_dir system variable has been backported from MySQL 5.1. If the value is non-empty, user-defined function object files can be loaded only from the directory named by this variable. If the value is empty, the behavior that is used before 5.0.67 applies: The UDF object files must be located in a directory that is searched by your system's dynamic linker. (Bug#37428) Important Change: Incompatible Change: The FEDERATED storage engine is now disabled by default in the .cnf files shipped with MySQL distributions (my-huge.cnf, my-medium.cnf, and so forth). This affects server behavior only if you install one of these files. (Bug#37069) Cluster API: Important Change: Because NDB_LE_MemoryUsage.page_size_kb shows memory page sizes in bytes rather than kilobytes, it has been renamed to page_size_bytes. The name page_size_kb is now deprecated and thus subject to removal in a future release, although it currently remains supported for reasons of backward compatibility. See The Ndb_logevent_type Type, for more information about NDB_LE_MemoryUsage. (Bug#30271) Important Change: Some changes were made to CHECK TABLE ... FOR UPGRADE and REPAIR TABLE with respect to detection and handling of tables with incompatible .frm files (files created with a different version of the MySQL server). These changes also affect mysqlcheck because that program uses CHECK TABLE and REPAIR table, and thus also mysql_upgrade because that program invokes mysqlcheck.
2008-07-02GNU readline was removed from DragonFly base now and it needs the same treatmentobache2-4/+4
as NetBSD - both use libedit emulation of the libreadline now. Patch provided by Hasso Tepper in PR 39059.
2008-06-30Updated mysql to 5.0.51bmartti4-12/+11
* Security fixes * Other bug fixes See also: http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51a.html http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51b.html
2008-05-25Explicitly add pax dependency in those Makefiles that use it (or havejoerg1-2/+2
patches to add it). Drop pax from the default USE_TOOLS list. Make bsdtar the default for those places that wanted gtar to extract long links etc, as bsdtar can be built of the tree.
2008-03-06+ Remove explicit naming of "-lncurses -ltermcap" as the way to getjlam2-9/+14
the termcap libraries. Including termcap.buildlink3.mk (indirectly through including readline/buildlink3.mk) will do the right thing. + Remove readline dependency from Makefile.common and add it into mysql5-client/Makefile. Only the -client package needs and uses readline. The -server package only "needs" it to placate the configure script, but none of its installed binaries are linked against it. + Add full DESTDIR support to the -client and -server packages. Bump the PKGREVISION of mysql5-client to 3. The PKGREVISION of mysql5-server remains unchanged since there are no user-visible changes to the binary package.
2008-01-22Added some patches to fix the use of the sigsend() function, which isrillig1-3/+3
not available on NetBSD.
2008-01-18Per the process outlined in revbump(1), perform a recursive revbumptnn2-4/+4
on packages that are affected by the switch from the openssl 0.9.7 branch to the 0.9.8 branch. ok jlam@
2007-12-17Remove directory "share/doc/mysql" during deinstallation. Problem notedtron2-2/+4
by Geert Hendrickx in private e-mail. Bump package revision.
2007-12-14Update "mysql5-client" and "mysql5-server" packages to version 5.0.51.tron3-8/+7
This version fixes a lot of bugs including the security vulnerability reported in CVE-2007-5969. A complete list of the changes can be found here: http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-51.html
2007-12-08AUTO_MKDIRS from Rumko on pkgsrc-users@jnemeth1-2/+2
2007-10-16Fix abusers of LOWER_OPSYS to check OPSYS or MACHINE_PLATFORM instead.tnn1-2/+2
2007-10-14The file manual.chm is installed additionally, since it is much morerillig2-4/+6
comfortable to browse than the GNU info file. PKGREVISION++
2007-10-12The mysql.info file is not rebuilt anymore, so it is safe to install therillig5-10/+9
documentation. PKGREVISION++
2007-07-15Update "mysql5-client" and "mysql5-server" packages to version 5.0.45.tron7-62/+25
Change since version 5.0.41: - Functionality added or changed: - A new status variable, Com_call_procedure, indicates the number of calls to stored procedures. (Bug#27994) - NDB Cluster: The server source tree now includes scripts to simplify building MySQL with SCI support. For more information about SCI interconnects and these build scripts, see Section 15.9.1, Configuring MySQL Cluster to use SCI Sockets. (Bug#25470) - Prior to this release, when DATE values were compared with DATETIME values the time portion of the DATETIME value was ignored. Now a DATE value is coerced to the DATETIME type by adding the time portion as 00:00:00. To mimic the old behavior use the CAST() function in the following way: SELECT date_field = CAST(NOW() as DATE);. (Bug#28929) - A large number of bugs including these security problems have been fixed: - A malformed password packet in the connection protocol could cause the server to crash. Thanks for Dormando for reporting this bug and providing details and a proof of concept. (Bug#28984) - CREATE TABLE LIKE did not require any privileges on the source table. Now it requires the SELECT privilege. (Bug#25578) - In addition, CREATE TABLE LIKE was not isolated from alteration by other connections, which resulted in various errors and incorrect binary log order when trying to execute concurrently a CREATE TABLE LIKE statement and either DDL statements on the source table or DML or DDL statements on the target table. (Bug#23667)
2007-07-09Add an options.mk for SSL supportadrianp2-3/+20
Suggested by pancake@ in PR #28573
2007-07-09Drop maintainership.xtraeme1-2/+2
2007-07-04Make it easier to build and install packages "unprivileged", wherejlam1-1/+4
the owner of all installed files is a non-root user. This change affects most packages that require special users or groups by making them use the specified unprivileged user and group instead. (1) Add two new variables PKG_GROUPS_VARS and PKG_USERS_VARS to unprivileged.mk. These two variables are lists of other bmake variables that define package-specific users and groups. Packages that have user-settable variables for users and groups, e.g. apache and APACHE_{USER,GROUP}, courier-mta and COURIER_{USER,GROUP}, etc., should list these variables in PKG_USERS_VARS and PKG_GROUPS_VARS so that unprivileged.mk can know to set them to ${UNPRIVILEGED_USER} and ${UNPRIVILEGED_GROUP}. (2) Modify packages to use PKG_GROUPS_VARS and PKG_USERS_VARS.
2007-05-21Update to 5.0.41. Amongst many fixes these vulnerabilities werextraeme9-107/+72
fixed: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2583 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2692 And another patch adapted from a mailing list to fix: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2691 See http://dev.mysql.com/doc/refman/5.0/en/releasenotes-cs-5-0-41.html To see all changes.
2007-03-12Fix build problem under NetBSD (-i386 3.1).tron2-7/+19
2007-03-11Changes 5.0.37:adam24-130/+125
* Added the SHOW PROFILES and SHOW PROFILE statements to display statement profile data, and the accompanying INFORMATION_SCHEMA.PROFILING table. * Added the Uptime_since_flush_status status variable, which indicates the number of seconds since the most recent FLUSH STATUS statement. * Incompatible change in DATE_FORMAT(). * NDB Cluster: The LockPagesInMainMemory configuration parameter has changed its type and possible values. * The bundled yaSSL library was upgraded to version 1.5.8. * The --skip-thread-priority option now is enabled by default for binary Mac OS X distributions. Use of thread priorities degrades performance on Mac OS X. * Added the --disable-grant-options option to configure. * Bug fixes.
2007-02-22pkglint USE_LANGUAGES cleanup. Patch from Sergey Svishchev.wiz1-2/+2
2006-12-10Update to 5.0.27:xtraeme3-8/+8
This is a bugfix release for the current production release family. MySQL 5.0.26 introduced an ABI incompatibility, which this release reverts. Programs compiled against 5.0.26 are not compatible with any other version and must be recompiled.
2006-10-28added patches for IRIX 5schwarz11-1/+190
2006-10-15regen.salo1-2/+2
2006-10-15missing rcsid. (hi xtraeme!)salo1-0/+2
2006-10-14regen with right checksums.xtraeme1-3/+3
2006-10-14Update to the long awaited 5.0.26 release, codenamed "houston we havextraeme8-132/+61
a problem with vulnerabilities". Please see the following URLs for changes: http://dev.mysql.com/doc/refman/5.0/en/news-5-0-26.html http://dev.mysql.com/doc/refman/5.0/en/news-5-0-25.html Two patches were sent upstream, I hope to get them in the next version.
2006-10-08Fixed "test ==".rillig2-1/+15
2006-09-02Bump BUILDLINK_ABI_DEPENDS to 5.0.24a to make sure all dependentxtraeme1-2/+2
packages are linked to this version.
2006-09-02Update mysql5-* to 5.0.24a.xtraeme2-6/+6
This is a bugfix release for the current production release family. It replaces MySQL 5.0.24. Changes from 5.0.24 to 5.0.24a: MySQL 5.0.24 introduced an ABI incompatibility, which this release reverts. Programs compiled against 5.0.24 are not compatible with any other version and must be recompiled. Closing of temporary tables failed if binary logging was not enabled. For statements that have a DEFINER clause such as CREATE TRIGGER or CREATE VIEW, long usernames or hostnames could cause a buffer overflow. Pathname separator and device characters were not correctly parameterized for NetWare, causing mysqld startup errors. mysqld could crash when closing temporary tables.
2006-08-06Update "mysql5-client" and "mysql5-server" packages to version 5.0.24.tron6-24/+61
Changes since version 5.0.22: - Security fix: If a user has access to MyISAM table t, that user can create a MERGE table m that accesses t. However, if the user's privileges on t are subsequently revoked, the user can continue to access t by doing so through m. If this behavior is undesirable, you can start the server with the new --skip-merge option to disable the MERGE storage engine. (Bug#15195) - In the INFORMATION_SCHEMA.ROUTINES table the ROUTINE_DEFINITION column now is defined as NULL rather than NOT NULL. Also, NULL rather than the empty string is returned as the column value if the user does not have sufficient privileges to see the routine definition. (Bug#20230) - Several other bug fixes
2006-07-08Change the format of BUILDLINK_ORDER to contain depth information as well,jlam1-2/+2
and add a new helper target and script, "show-buildlink3", that outputs a listing of the buildlink3.mk files included as well as the depth at which they are included. For example, "make show-buildlink3" in fonts/Xft2 displays: zlib fontconfig iconv zlib freetype2 expat freetype2 Xrender renderproto