Hello community,
here is the log from the commit of package mysql for openSUSE:Factory
checked in at Wed Dec 16 09:15:20 CET 2009.
--------
--- mysql/mysql.changes 2009-10-30 09:35:34.000000000 +0100
+++ /mounts/work_src_done/STABLE/mysql/mysql.changes 2009-12-14 01:11:15.000000000 +0100
@@ -1,0 +2,19 @@
+Tue Dec 1 17:52:18 CET 2009 - mhrusecky@suse.cz
+
+- removing compatibility symlink
+ - intended for 11.2 but never get there
+- fixing various security issues (bnc#557669)
+ - upstream #47320 - checking server certificates (CVE-2009-4028)
+ - upstream #48291 - error handling in subqueries (CVE-2009-4019)
+ - upstream #47780 - preserving null_value flag in GeomFromWKB()
+ (CVE-2009-4019)
+ - upstream #39277 - symlink behaviour fixed (CVE-2008-7247)
+ - upstream #32167 - symlink behaviour refixed (CVE-2009-4030)
+
+-------------------------------------------------------------------
+Wed Nov 11 14:23:43 CET 2009 - mhrusecky@suse.cz
+
+- making pid file readable by everybody
+- fixing 'rcmysql status' for non-root
+
+-------------------------------------------------------------------
calling whatdependson for head-i586
Old:
----
minmem
New:
----
mysql-5.1.36-CVE-2008-7247.patch
mysql-5.1.36-CVE-2009-4030.patch
mysql-5.1.36-gis.patch
mysql-5.1.36-no-ssl-verify-callback.patch
mysql-5.1.36-subqueries-errors.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ mysql.spec ++++++
--- /var/tmp/diff_new_pack.heLdmD/_old 2009-12-16 09:12:29.000000000 +0100
+++ /var/tmp/diff_new_pack.heLdmD/_new 2009-12-16 09:12:29.000000000 +0100
@@ -27,8 +27,8 @@
Name: mysql
Summary: A True Multiuser, Multithreaded SQL Database Server
Version: 5.1.36
-Release: 7
-License: GPL v2 only
+Release: 8
+License: GPLv2
Group: Productivity/Databases/Servers
Url: http://www.mysql.com
# http://dev.mysql.com/get/Downloads/MySQL-5.1/%{name}-%{version}.tar.gz/from/pick
@@ -94,8 +94,22 @@
Patch38: mysql-5.1.36-hotcopy.patch
# PATCH-FIX-UPSTREAM mysql_config.patch [ upstream#39175, bnc#420313 ] mhrusecky@suse.cz -- Fix linking options.
Patch39: mysql_config.patch
+# PATCH-FIX-UPSTREAM mysql-5.1.36-no-ssl-callback.patch [ upstream#47320, bnc#557669 ] mhrusecky@suse.cz -- Check server certificate (CVE-2009-4028)
+Patch40: mysql-5.1.36-no-ssl-verify-callback.patch
+# PATCH-FIX-UPSTREAM mysql-5.1.36-select-subqueries.patch [ upstream#48291, bnc#557669 ] mhrusecky@suse.cz -- Error handling for subqueries (CVE-2009-4019)
+Patch41: mysql-5.1.36-subqueries-errors.patch
+# PATCH-FIX-UPSTREAM mysql-5.1.36-gis.patch [ upstream#47780, bnc#557669 ] mhrusecky@suse.cz -- Preserving null_value flag in GeomFromWKB() (CVE-2009-4019)
+Patch42: mysql-5.1.36-gis.patch
+# PATCH-FIX-UPSTREAM mysql-5.1.36-CVE-2008-7247.patch [ upstream#39277, bnc#557669 ] mhrusecky@suse.cz -- Symlink behaviour fixed CVE-2008-7247
+Patch43: mysql-5.1.36-CVE-2008-7247.patch
+# PATCH-FIX-UPSTREAM mysql-5.1.36-CVE-2009-4030.patch [ upstream#32167, bnc#557669 ] mhrusecky@suse.cz -- Symlink behaviour refixed CVE-2009-4030
+Patch44: mysql-5.1.36-CVE-2009-4030.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
+%if 0%{?suse_version}
PreReq: pwdutils
+%else
+PreReq: /usr/sbin/useradd /usr/sbin/usermod /usr/sbin/groupadd
+%endif
PreReq: coreutils sed grep
%if 0%{?suse_version}
PreReq: %install_info_prereq %insserv_prereq
@@ -154,7 +168,7 @@
Obsoletes: mysql-devel < %version
Requires: libmysqlclient16 = %version libmysqlclient_r16 = %version glibc-devel zlib-devel openssl-devel
Summary: MySQL Development Header Files and Libraries
-License: GPL v2 only ; with additional permissions: EXCEPTIONS-CLIENT
+License: GPLv2 ; with additional permissions: EXCEPTIONS-CLIENT
Group: Development/Libraries/C and C++
%description -n libmysqlclient-devel
@@ -169,7 +183,7 @@
%package -n libmysqld-devel
#-------------------------------------------------------------------------------
-License: GPL v2 only ; with additional permissions: EXCEPTIONS-CLIENT
+License: GPLv2 ; with additional permissions: EXCEPTIONS-CLIENT
Summary: MySQL embedded server development files
# the headers files are the shared
Requires: libmysqlclient-devel = %version
@@ -181,7 +195,7 @@
%package client
#-------------------------------------------------------------------------------
-License: GPL v2 only ; with additional permissions: EXCEPTIONS-CLIENT
+License: GPLv2 ; with additional permissions: EXCEPTIONS-CLIENT
Summary: MySQL Client
Group: Productivity/Databases/Clients
@@ -197,7 +211,7 @@
%package bench
#-------------------------------------------------------------------------------
Requires: mysql-client perl-DBD-mysql
-License: LGPL v2.1 only
+License: LGPLv2.1
Summary: MySQL - Benchmarks
Group: Productivity/Databases/Tools
@@ -215,7 +229,7 @@
%package -n libmysqlclient16
#-------------------------------------------------------------------------------
Summary: MySQL Shared Libraries
-License: GPL v2 only ; with additional permissions: EXCEPTIONS-CLIENT
+License: GPLv2 ; with additional permissions: EXCEPTIONS-CLIENT
Group: Development/Libraries/Other
%description -n libmysqlclient16
@@ -230,7 +244,7 @@
%package -n libmysqlclient_r16
#-------------------------------------------------------------------------------
Summary: MySQL Shared Libraries
-License: GPL v2 only ; with additional permissions: EXCEPTIONS-CLIENT
+License: GPLv2 ; with additional permissions: EXCEPTIONS-CLIENT
Group: Development/Libraries/Other
%description -n libmysqlclient_r16
@@ -245,7 +259,7 @@
%package debug
#-------------------------------------------------------------------------------
-License: GPL v2 only ; with additional permissions: EXCEPTIONS-CLIENT
+License: GPLv2 ; with additional permissions: EXCEPTIONS-CLIENT
Summary: MySQL server with debug options turned on
Group: Productivity/Databases/Servers
Requires: mysql = %{version}
@@ -264,7 +278,7 @@
%package test
#-------------------------------------------------------------------------------
-License: GPL v2 only ; with additional permissions: EXCEPTIONS-CLIENT
+License: GPLv2 ; with additional permissions: EXCEPTIONS-CLIENT
Summary: MySQL testsuite
Group: Productivity/Databases/Servers
Requires: mysql = %{version} mysql-client = %{version} perl-DBD-mysql mysql-tools = %{version} mysql-bench = %{version}
@@ -284,7 +298,7 @@
%package tools
#-------------------------------------------------------------------------------
-License: GPL v2 only ; with additional permissions: EXCEPTIONS-CLIENT
+License: GPLv2 ; with additional permissions: EXCEPTIONS-CLIENT
Summary: MySQL tools
Group: Productivity/Databases/Servers
Requires: perl-DBD-mysql
@@ -303,7 +317,7 @@
%package ndb-storage
#-------------------------------------------------------------------------------
-License: GPL v2 only ; with additional permissions: EXCEPTIONS-CLIENT
+License: GPLv2 ; with additional permissions: EXCEPTIONS-CLIENT
Summary: MySQL - ndbcluster storage engine
Group: Productivity/Databases/Servers
@@ -314,7 +328,7 @@
%package ndb-management
#-------------------------------------------------------------------------------
-License: GPL v2 only ; with additional permissions: EXCEPTIONS-CLIENT
+License: GPLv2 ; with additional permissions: EXCEPTIONS-CLIENT
Summary: MySQL - ndbcluster storage engine management
Group: Productivity/Databases/Servers
#-------------------------------------------------------------------------------
@@ -326,7 +340,7 @@
%package ndb-tools
#-------------------------------------------------------------------------------
-License: GPL v2 only ; with additional permissions: EXCEPTIONS-CLIENT
+License: GPLv2 ; with additional permissions: EXCEPTIONS-CLIENT
Summary: MySQL - ndbcluster storage engine basic tools
Group: Productivity/Databases/Servers
@@ -335,7 +349,7 @@
%package ndb-extra
#-------------------------------------------------------------------------------
-License: GPL v2 only ; with additional permissions: EXCEPTIONS-CLIENT
+License: GPLv2 ; with additional permissions: EXCEPTIONS-CLIENT
Summary: MySQL - ndbcluster storage engine extra tools
Group: Productivity/Databases/Servers
@@ -372,6 +386,11 @@
%patch37
%patch38
%patch39
+%patch40
+%patch41
+%patch42
+%patch43 -p1
+%patch44
# remove unneeded manpages ('make install' basically installs everything under
# man/*)
rm -f man/mysqlman.1 # dummy fallback manpage
++++++ mysql-5.1.36-CVE-2008-7247.patch ++++++
--- a/sql/sql_table.cc 2008-11-13 13:13:27 +0000
+++ b/sql/sql_table.cc 2008-11-24 19:01:54 +0000
@@ -3607,15 +3607,43 @@ bool mysql_create_table_no_lock(THD *thd
create_info->table_existed= 0; // Mark that table is created
#ifdef HAVE_READLINK
- if (test_if_data_home_dir(create_info->data_file_name))
{
- my_error(ER_WRONG_ARGUMENTS, MYF(0), "DATA DIRECTORY");
- goto unlock_and_end;
- }
- if (test_if_data_home_dir(create_info->index_file_name))
- {
- my_error(ER_WRONG_ARGUMENTS, MYF(0), "INDEX DIRECTORY");
- goto unlock_and_end;
+ size_t dirlen;
+ char dirpath[FN_REFLEN];
+
+ /*
+ data_file_name and index_file_name include the table name without
+ extension. Mostly this does not refer to an existing file. When
+ comparing data_file_name or index_file_name against the data
+ directory, we try to resolve all symbolic links. On some systems,
+ we use realpath(3) for the resolution. This returns ENOENT if the
+ resolved path does not refer to an existing file. my_realpath()
+ does then copy the requested path verbatim, without symlink
+ resolution. Thereafter the comparison can fail even if the
+ requested path is within the data directory. E.g. if symlinks to
+ another file system are used. To make realpath(3) return the
+ resolved path, we strip the table name and compare the directory
+ path only. If the directory doesn't exist either, table creation
+ will fail anyway.
+ */
+ if (create_info->data_file_name)
+ {
+ dirname_part(dirpath, create_info->data_file_name, &dirlen);
+ if (test_if_data_home_dir(dirpath))
+ {
+ my_error(ER_WRONG_ARGUMENTS, MYF(0), "DATA DIRECTORY");
+ goto unlock_and_end;
+ }
+ }
+ if (create_info->index_file_name)
+ {
+ dirname_part(dirpath, create_info->index_file_name, &dirlen);
+ if (test_if_data_home_dir(dirpath))
+ {
+ my_error(ER_WRONG_ARGUMENTS, MYF(0), "INDEX DIRECTORY");
+ goto unlock_and_end;
+ }
+ }
}
#ifdef WITH_PARTITION_STORAGE_ENGINE
++++++ mysql-5.1.36-CVE-2009-4030.patch ++++++
Index: sql/mysqld.cc
===================================================================
--- sql/mysqld.cc.orig
+++ sql/mysqld.cc
@@ -8553,14 +8553,9 @@ static int fix_paths(void)
pos[0]= FN_LIBCHAR;
pos[1]= 0;
}
- convert_dirname(mysql_real_data_home,mysql_real_data_home,NullS);
- my_realpath(mysql_unpacked_real_data_home, mysql_real_data_home, MYF(0));
- mysql_unpacked_real_data_home_len= strlen(mysql_unpacked_real_data_home);
- if (mysql_unpacked_real_data_home[mysql_unpacked_real_data_home_len-1] == FN_LIBCHAR)
- --mysql_unpacked_real_data_home_len;
-
convert_dirname(language,language,NullS);
+ convert_dirname(mysql_real_data_home,mysql_real_data_home,NullS);
(void) my_load_path(mysql_home,mysql_home,""); // Resolve current dir
(void) my_load_path(mysql_real_data_home,mysql_real_data_home,mysql_home);
(void) my_load_path(pidfile_name,pidfile_name,mysql_real_data_home);
@@ -8568,6 +8563,12 @@ static int fix_paths(void)
get_relative_path(PLUGINDIR), mysql_home);
opt_plugin_dir_ptr= opt_plugin_dir;
+ my_realpath(mysql_unpacked_real_data_home, mysql_real_data_home, MYF(0));
+ mysql_unpacked_real_data_home_len=
+ (int) strlen(mysql_unpacked_real_data_home);
+ if (mysql_unpacked_real_data_home[mysql_unpacked_real_data_home_len-1] == FN_LIBCHAR)
+ --mysql_unpacked_real_data_home_len;
+
char *sharedir=get_relative_path(SHAREDIR);
if (test_if_hard_path(sharedir))
strmake(buff,sharedir,sizeof(buff)-1); /* purecov: tested */
++++++ mysql-5.1.36-gis.patch ++++++
Index: mysql-test/r/gis.result
===================================================================
--- mysql-test/r/gis.result.orig
+++ mysql-test/r/gis.result
@@ -972,6 +972,18 @@ select min(`col002`) from t1 union selec
min(`col002`)
NULL
drop table t1;
+#
+# Bug #47780: crash when comparing GIS items from subquery
+#
+CREATE TABLE t1(a INT, b MULTIPOLYGON);
+INSERT INTO t1 VALUES
+(0,
+GEOMFROMTEXT(
+'multipolygon(((1 2,3 4,5 6,7 8,9 8),(7 6,5 4,3 2,1 2,3 4)))'));
+# must not crash
+SELECT 1 FROM t1 WHERE a <> (SELECT GEOMETRYCOLLECTIONFROMWKB(b) FROM t1);
+1
+DROP TABLE t1;
End of 5.0 tests
create table t1 (f1 tinyint(1), f2 char(1), f3 varchar(1), f4 geometry, f5 datetime);
create view v1 as select * from t1;
Index: mysql-test/t/gis.test
===================================================================
--- mysql-test/t/gis.test.orig
+++ mysql-test/t/gis.test
@@ -655,6 +655,22 @@ insert into t1 values (),(),();
select min(`col002`) from t1 union select `col002` from t1;
drop table t1;
+--echo #
+--echo # Bug #47780: crash when comparing GIS items from subquery
+--echo #
+
+CREATE TABLE t1(a INT, b MULTIPOLYGON);
+INSERT INTO t1 VALUES
+ (0,
+ GEOMFROMTEXT(
+ 'multipolygon(((1 2,3 4,5 6,7 8,9 8),(7 6,5 4,3 2,1 2,3 4)))'));
+
+--echo # must not crash
+SELECT 1 FROM t1 WHERE a <> (SELECT GEOMETRYCOLLECTIONFROMWKB(b) FROM t1);
+
+DROP TABLE t1;
+
+
--echo End of 5.0 tests
Index: sql/item_geofunc.cc
===================================================================
--- sql/item_geofunc.cc.orig
+++ sql/item_geofunc.cc
@@ -84,7 +84,9 @@ String *Item_func_geometry_from_wkb::val
if (args[0]->field_type() == MYSQL_TYPE_GEOMETRY)
{
- return args[0]->val_str(str);
+ String *str_ret= args[0]->val_str(str);
+ null_value= args[0]->null_value;
+ return str_ret;
}
wkb= args[0]->val_str(&arg_val);
@@ -94,7 +96,10 @@ String *Item_func_geometry_from_wkb::val
str->set_charset(&my_charset_bin);
if (str->reserve(SRID_SIZE, 512))
- return 0;
+ {
+ null_value= TRUE; /* purecov: inspected */
+ return 0; /* purecov: inspected */
+ }
str->length(0);
str->q_append(srid);
if ((null_value=
++++++ mysql-5.1.36-no-ssl-verify-callback.patch ++++++
Index: vio/viosslfactories.c
===================================================================
--- vio/viosslfactories.c.orig
+++ vio/viosslfactories.c
@@ -124,56 +124,6 @@ vio_set_cert_stuff(SSL_CTX *ctx, const c
DBUG_RETURN(0);
}
-
-static int
-vio_verify_callback(int ok, X509_STORE_CTX *ctx)
-{
- char buf[256];
- X509 *err_cert;
-
- DBUG_ENTER("vio_verify_callback");
- DBUG_PRINT("enter", ("ok: %d ctx: 0x%lx", ok, (long) ctx));
-
- err_cert= X509_STORE_CTX_get_current_cert(ctx);
- X509_NAME_oneline(X509_get_subject_name(err_cert), buf, sizeof(buf));
- DBUG_PRINT("info", ("cert: %s", buf));
- if (!ok)
- {
- int err, depth;
- err= X509_STORE_CTX_get_error(ctx);
- depth= X509_STORE_CTX_get_error_depth(ctx);
-
- DBUG_PRINT("error",("verify error: %d '%s'",err,
- X509_verify_cert_error_string(err)));
- /*
- Approve cert if depth is greater then "verify_depth", currently
- verify_depth is always 0 and there is no way to increase it.
- */
- if (verify_depth >= depth)
- ok= 1;
- }
- switch (ctx->error)
- {
- case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
- X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert), buf, 256);
- DBUG_PRINT("info",("issuer= %s\n", buf));
- break;
- case X509_V_ERR_CERT_NOT_YET_VALID:
- case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
- DBUG_PRINT("error", ("notBefore"));
- /*ASN1_TIME_print_fp(stderr,X509_get_notBefore(ctx->current_cert));*/
- break;
- case X509_V_ERR_CERT_HAS_EXPIRED:
- case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
- DBUG_PRINT("error", ("notAfter error"));
- /*ASN1_TIME_print_fp(stderr,X509_get_notAfter(ctx->current_cert));*/
- break;
- }
- DBUG_PRINT("exit", ("%d", ok));
- DBUG_RETURN(ok);
-}
-
-
#ifdef __NETWARE__
/* NetWare SSL cleanup */
@@ -334,7 +284,7 @@ new_VioSSLConnectorFd(const char *key_fi
The verify_callback function is used to control the behaviour
when the SSL_VERIFY_PEER flag is set.
*/
- SSL_CTX_set_verify(ssl_fd->ssl_context, verify, vio_verify_callback);
+ SSL_CTX_set_verify(ssl_fd->ssl_context, verify, NULL);
return ssl_fd;
}
@@ -362,7 +312,7 @@ new_VioSSLAcceptorFd(const char *key_fil
The verify_callback function is used to control the behaviour
when the SSL_VERIFY_PEER flag is set.
*/
- SSL_CTX_set_verify(ssl_fd->ssl_context, verify, vio_verify_callback);
+ SSL_CTX_set_verify(ssl_fd->ssl_context, verify, NULL);
/*
Set session_id - an identifier for this server session
++++++ mysql-5.1.36-subqueries-errors.patch ++++++
Index: mysql-test/r/select.result
===================================================================
--- mysql-test/r/select.result.orig
+++ mysql-test/r/select.result
@@ -4386,6 +4386,18 @@ id select_type table type possible_keys
Warnings:
Note 1003 select `test`.`t1`.`a` AS `a`,`test`.`t1`.`b` AS `b` from `test`.`t1` where ((`test`.`t1`.`a` = `test`.`t1`.`b`) and (`test`.`t1`.`a` > 1)) limit 2
DROP TABLE t1;
+#
+# Bug #48291 : crash with row() operator,select into @var, and
+# subquery returning multiple rows
+#
+CREATE TABLE t1(a INT);
+INSERT INTO t1 VALUES (2),(3);
+# Should not crash
+SELECT 1 FROM t1 WHERE a <> 1 AND NOT
+ROW(a,a) <=> ROW((SELECT 1 FROM t1 WHERE 1=2),(SELECT 1 FROM t1))
+INTO @var0;
+ERROR 21000: Subquery returns more than 1 row
+DROP TABLE t1;
End of 5.0 tests
create table t1(a INT, KEY (a));
INSERT INTO t1 VALUES (1),(2),(3),(4),(5);
Index: mysql-test/t/select.test
===================================================================
--- mysql-test/t/select.test.orig
+++ mysql-test/t/select.test
@@ -3739,6 +3739,22 @@ EXPLAIN EXTENDED SELECT a, b FROM t1 WHE
EXPLAIN EXTENDED SELECT a, b FROM t1 WHERE a > 1 AND b = a LIMIT 2;
DROP TABLE t1;
+
+--echo #
+--echo # Bug #48291 : crash with row() operator,select into @var, and
+--echo # subquery returning multiple rows
+--echo #
+
+CREATE TABLE t1(a INT);
+INSERT INTO t1 VALUES (2),(3);
+
+--echo # Should not crash
+--error ER_SUBQUERY_NO_1_ROW
+SELECT 1 FROM t1 WHERE a <> 1 AND NOT
+ROW(a,a) <=> ROW((SELECT 1 FROM t1 WHERE 1=2),(SELECT 1 FROM t1))
+INTO @var0;
+
+DROP TABLE t1;
--echo End of 5.0 tests
Index: sql/sql_class.cc
===================================================================
--- sql/sql_class.cc.orig
+++ sql/sql_class.cc
@@ -2607,9 +2607,11 @@ bool select_dumpvar::send_data(List