projects / feed / packages.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 9aeb5cf)
mariadb: security bump to 10.4.12
authorSebastian Kemper <sebastian_ml@gmx.net>
Thu, 30 Jan 2020 20:24:47 +0000 (21:24 +0100)
committerSebastian Kemper <sebastian_ml@gmx.net>
Thu, 30 Jan 2020 20:25:06 +0000 (21:25 +0100)
Fixes CVE-2020-2574.

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
utils/mariadb/Makefile patch | blob | history
utils/mariadb/patches/130-c11_atomics.patch patch | blob | history
utils/mariadb/patches/180-relax-mysql_install-db-wrt-pam-tool.patch patch | blob | history

diff --git a/utils/mariadb/Makefile b/utils/mariadb/Makefile
index eaef830ab21b55eb70bf8dfe2476862fef4f3db4..09a4f3870da195bfbe821fd390feeb926718a9c9 100644 (file)
--- a/utils/mariadb/Makefile
+++ b/utils/mariadb/Makefile
@@ -8,7 +8,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=mariadb
-PKG_VERSION:=10.4.10
+PKG_VERSION:=10.4.12
 PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
@@ -18,7 +18,7 @@ PKG_SOURCE_URL := \
        https://ftp.yz.yamagata-u.ac.jp/pub/dbms/mariadb/$(PKG_NAME)-$(PKG_VERSION)/source \
        https://downloads.mariadb.org/interstitial/$(PKG_NAME)-$(PKG_VERSION)/source
 
-PKG_HASH:=cd50fddf86c2a47405737e342f78ebd40d5716f0fb32b976245de713bed01421
+PKG_HASH:=fef1e1d38aa253dd8a51006bd15aad184912fce31c446bb69434fcde735aa208
 PKG_MAINTAINER:=Sebastian Kemper <sebastian_ml@gmx.net>
 PKG_LICENSE:=GPL-2.0
 PKG_LICENSE_FILES:=COPYING THIRDPARTY
diff --git a/utils/mariadb/patches/130-c11_atomics.patch b/utils/mariadb/patches/130-c11_atomics.patch
index 7c8f1e7cf9be8ddfb30b4b489e6406a562f0f11a..4c486af61951a610516c3f775a6059fc781e19f4 100644 (file)
--- a/utils/mariadb/patches/130-c11_atomics.patch
+++ b/utils/mariadb/patches/130-c11_atomics.patch
@@ -38,7 +38,7 @@ Date:   Fri Dec 21 19:14:04 2018 +0200
    SET(HAVE_valgrind 1)
 --- a/mysys/CMakeLists.txt
 +++ b/mysys/CMakeLists.txt
-@@ -72,6 +72,10 @@ TARGET_LINK_LIBRARIES(mysys dbug strings
+@@ -79,6 +79,10 @@ TARGET_LINK_LIBRARIES(mysys dbug strings
   ${LIBNSL} ${LIBM} ${LIBRT} ${LIBDL} ${LIBSOCKET} ${LIBEXECINFO} ${CRC32_LIBRARY})
  DTRACE_INSTRUMENT(mysys)
  
diff --git a/utils/mariadb/patches/180-relax-mysql_install-db-wrt-pam-tool.patch b/utils/mariadb/patches/180-relax-mysql_install-db-wrt-pam-tool.patch
index 37b331efa13379866196215c35a67eb4cf4c94a1..497630711e59a72b30857abe0bde5eb649540c11 100644 (file)
--- a/utils/mariadb/patches/180-relax-mysql_install-db-wrt-pam-tool.patch
+++ b/utils/mariadb/patches/180-relax-mysql_install-db-wrt-pam-tool.patch
@@ -24,8 +24,8 @@
 +# we can revisit.
 +if test -n ""
  then
-   chown $user "$pamtooldir/auth_pam_tool_dir" && \
-   chmod 0700 "$pamtooldir/auth_pam_tool_dir"
+   if test -z "$srcdir" -a "$in_rpm" -eq 0
+   then
 @@ -499,6 +509,10 @@ then
          echo
      fi
Mirror of packages feed