summaryrefslogtreecommitdiff
path: root/databases/mysql57-client/patches/patch-cmake_build__configurations_mysql__release.cmake
blob: 12500626bf360b28297bad3425a49609a181f45c (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
$NetBSD: patch-cmake_build__configurations_mysql__release.cmake,v 1.1 2019/01/20 18:22:10 maya Exp $

Backport of https://github.com/mysql/mysql-server/commit/98ed3d8bc8ad724686d26c7bf98dced3bd1777be
Avoid disclosure of files from a client to a malicious server, described here:
https://gwillem.gitlab.io/2019/01/17/adminer-4.6.2-file-disclosure-vulnerability/

--- cmake/build_configurations/mysql_release.cmake.orig	2018-10-04 05:48:22.000000000 +0000
+++ cmake/build_configurations/mysql_release.cmake
@@ -19,7 +19,7 @@ INCLUDE(CheckIncludeFiles)
 INCLUDE(CheckLibraryExists)
 
 OPTION(DEBUG_EXTNAME "" ON)
-OPTION(ENABLED_LOCAL_INFILE "" ON)
+OPTION(ENABLED_LOCAL_INFILE "" OFF)
 
 IF(NOT COMPILATION_COMMENT)
   SET(COMPILATION_COMMENT "MySQL Community Server (GPL)")