pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/databases/mysql4-client Apply patch from MySQL BitKeep...
details: https://anonhg.NetBSD.org/pkgsrc/rev/e56191264fbf
branches: trunk
changeset: 487796:e56191264fbf
user: xtraeme <xtraeme%pkgsrc.org@localhost>
date: Thu Jan 20 13:37:48 2005 +0000
description:
Apply patch from MySQL BitKeeper repository to fix the symlink
vulnerability in the mysqlaccess script.
Bump PKGREVISION and BUILDLINK_RECOMMENDED.
diffstat:
databases/mysql4-client/Makefile | 4 +-
databases/mysql4-client/Makefile.common | 3 +-
databases/mysql4-client/buildlink3.mk | 3 +-
databases/mysql4-client/distinfo | 3 +-
databases/mysql4-client/patches/patch-az | 95 ++++++++++++++++++++++++++++++++
5 files changed, 102 insertions(+), 6 deletions(-)
diffs (160 lines):
diff -r 76346ec0b88c -r e56191264fbf databases/mysql4-client/Makefile
--- a/databases/mysql4-client/Makefile Thu Jan 20 12:59:11 2005 +0000
+++ b/databases/mysql4-client/Makefile Thu Jan 20 13:37:48 2005 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.19 2005/01/10 15:47:18 xtraeme Exp $
+# $NetBSD: Makefile,v 1.20 2005/01/20 13:37:48 xtraeme Exp $
PKGNAME= ${DISTNAME:S/-/-client-/}
-#PKGREVISION= 1
+PKGREVISION= 1
SVR4_PKGNAME= mysqc
COMMENT= MySQL 4, a free SQL database (client)
diff -r 76346ec0b88c -r e56191264fbf databases/mysql4-client/Makefile.common
--- a/databases/mysql4-client/Makefile.common Thu Jan 20 12:59:11 2005 +0000
+++ b/databases/mysql4-client/Makefile.common Thu Jan 20 13:37:48 2005 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile.common,v 1.29 2005/01/17 14:42:35 xtraeme Exp $
+# $NetBSD: Makefile.common,v 1.30 2005/01/20 13:37:48 xtraeme Exp $
DISTNAME= mysql-4.1.9
CATEGORIES= databases
@@ -51,7 +51,6 @@
CONFIGURE_ARGS+= --with-low-memory
CONFIGURE_ARGS+= --with-openssl=${BUILDLINK_PREFIX.openssl}
CONFIGURE_ARGS+= --with-vio
-CONFIGURE_ARGS+= --without-mysqlfs
CONFIGURE_ARGS+= --with-charset=${MYSQL_CHARSET}
CONFIGURE_ARGS+= --with-extra-charsets=${MYSQL_EXTRA_CHARSET}
diff -r 76346ec0b88c -r e56191264fbf databases/mysql4-client/buildlink3.mk
--- a/databases/mysql4-client/buildlink3.mk Thu Jan 20 12:59:11 2005 +0000
+++ b/databases/mysql4-client/buildlink3.mk Thu Jan 20 13:37:48 2005 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: buildlink3.mk,v 1.8 2004/11/16 21:48:38 tron Exp $
+# $NetBSD: buildlink3.mk,v 1.9 2005/01/20 13:37:48 xtraeme Exp $
BUILDLINK_DEPTH:= ${BUILDLINK_DEPTH}+
MYSQL_CLIENT_BUILDLINK3_MK:= ${MYSQL_CLIENT_BUILDLINK3_MK}+
@@ -12,6 +12,7 @@
.if !empty(MYSQL_CLIENT_BUILDLINK3_MK:M+)
BUILDLINK_DEPENDS.mysql-client+= mysql-client>=4.1.7
+BUILDLINK_RECOMMENDED.mysql-client+= mysql-client>=4.1.9nb1
BUILDLINK_PKGSRCDIR.mysql-client?= ../../databases/mysql4-client
BUILDLINK_LIBDIRS.mysql-client?= lib/mysql
.endif # MYSQL_CLIENT_BUILDLINK3_MK
diff -r 76346ec0b88c -r e56191264fbf databases/mysql4-client/distinfo
--- a/databases/mysql4-client/distinfo Thu Jan 20 12:59:11 2005 +0000
+++ b/databases/mysql4-client/distinfo Thu Jan 20 13:37:48 2005 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.13 2005/01/17 14:42:35 xtraeme Exp $
+$NetBSD: distinfo,v 1.14 2005/01/20 13:37:48 xtraeme Exp $
SHA1 (mysql-4.1.9.tar.gz) = e526f301704f8fca7c7e9f42d368ffa1fef2a152
Size (mysql-4.1.9.tar.gz) = 22308321 bytes
@@ -8,3 +8,4 @@
SHA1 (patch-aw) = cd03eb6c81a932186370e9ed248d0c7886b7286d
SHA1 (patch-ax) = 9e9176468d6d335617862a4d77a358931d7c8c49
SHA1 (patch-ay) = 9b1dfa213491d8daf82ff8d5ee293d1279c64ce8
+SHA1 (patch-az) = b4e2059514e479e27675d68af973386ad9ee5f6d
diff -r 76346ec0b88c -r e56191264fbf databases/mysql4-client/patches/patch-az
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/databases/mysql4-client/patches/patch-az Thu Jan 20 13:37:48 2005 +0000
@@ -0,0 +1,95 @@
+$NetBSD: patch-az,v 1.1 2005/01/20 13:37:48 xtraeme Exp $
+
+mysqlaccess symlink vulnerability
+
+--- scripts/mysqlaccess.sh.orig 2005-01-16 14:28:38 -08:00
++++ scripts/mysqlaccess.sh 2005-01-16 14:28:38 -08:00
+@@ -2,7 +2,7 @@
+ # ****************************
+ package MySQLaccess;
+ #use strict;
+-use POSIX qw(tmpnam);
++use File::Temp qw(tempfile tmpnam);
+ use Fcntl;
+
+ BEGIN {
+@@ -32,7 +32,6 @@
+ $ACCESS_U_BCK = 'user_backup';
+ $ACCESS_D_BCK = 'db_backup';
+ $DIFF = '/usr/bin/diff';
+- $TMP_PATH = '/tmp'; #path to writable tmp-directory
+ $MYSQLDUMP = '@bindir@/mysqldump';
+ #path to mysqldump executable
+
+@@ -432,7 +431,7 @@
+ # no caching on STDOUT
+ $|=1;
+
+- $MYSQL_CNF = POSIX::tmpnam();
++ $MYSQL_CNF = tmpnam();
+ %MYSQL_CNF = (client => { },
+ mysql => { },
+ mysqldump => { },
+@@ -577,8 +576,6 @@
+ push(@MySQLaccess::Grant::Error,'not_found_mysql') if !(-x $MYSQL);
+ push(@MySQLaccess::Grant::Error,'not_found_diff') if !(-x $DIFF);
+ push(@MySQLaccess::Grant::Error,'not_found_mysqldump') if !(-x $MYSQLDUMP);
+-push(@MySQLaccess::Grant::Error,'not_found_tmp') if !(-d $TMP_PATH);
+-push(@MySQLaccess::Grant::Error,'write_err_tmp') if !(-w $TMP_PATH);
+ if (@MySQLaccess::Grant::Error) {
+ MySQLaccess::Report::Print_Error_Messages() ;
+ exit 0;
+@@ -1777,17 +1774,15 @@
+ @before = sort(@before);
+ @after = sort(@after);
+
+- $before = "$MySQLaccess::TMP_PATH/$MySQLaccess::script.before.$$";
+- $after = "$MySQLaccess::TMP_PATH/$MySQLaccess::script.after.$$";
+- #$after = "/tmp/t0";
+- open(BEFORE,"> $before") ||
+- push(@MySQLaccess::Report::Errors,"Can't open temporary file $before for writing");
+- open(AFTER,"> $after") ||
+- push(@MySQLaccess::Report::Errors,"Can't open temporary file $after for writing");
+- print BEFORE join("\n",@before);
+- print AFTER join("\n",@after);
+- close(BEFORE);
+- close(AFTER);
++ ($hb, $before) = tempfile("$MySQLaccess::script.XXXXXX") or
++ push(@MySQLaccess::Report::Errors,"Can't create temporary file: $!");
++ ($ha, $after) = tempfile("$MySQLaccess::script.XXXXXX") or
++ push(@MySQLaccess::Report::Errors,"Can't create temporary file: $!");
++
++ print $hb join("\n",@before);
++ print $ha join("\n",@after);
++ close $hb;
++ close $ha;
+
+ # ----------------------------------
+ # compute difference
+@@ -1800,8 +1795,8 @@
+
+ # ----------------------------------
+ # cleanup temp. files
+- unlink(BEFORE);
+- unlink(AFTER);
++ unlink($before);
++ unlink($after);
+
+ return \@diffs;
+ }
+@@ -2316,14 +2311,6 @@
+ => "The diff program <$MySQLaccess::DIFF> could not be found.\n"
+ ."+ Check your path, or\n"
+ ."+ edit the source of this script to point \$DIFF to the diff program.\n"
+- ,'not_found_tmp'
+- => "The temporary directory <$MySQLaccess::TMP_PATH> could not be found.\n"
+- ."+ create this directory (writeable!), or\n"
+- ."+ edit the source of this script to point \$TMP_PATH to the right directory.\n"
+- ,'write_err_tmp'
+- => "The temporary directory <$MySQLaccess::TMP_PATH> is not writable.\n"
+- ."+ make this directory writeable!, or\n"
+- ."+ edit the source of this script to point \$TMP_PATH to another directory.\n"
+ ,'Unrecognized_option'
+ => "Sorry,\n"
+ ."You are using an old version of the mysql-program,\n"
+
Home |
Main Index |
Thread Index |
Old Index