pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/databases/mysql5-server Add a patch for CVE-2009-2446 ...
details: https://anonhg.NetBSD.org/pkgsrc/rev/178bd10fb30c
branches: trunk
changeset: 562031:178bd10fb30c
user: tron <tron%pkgsrc.org@localhost>
date: Sun Jul 19 13:50:20 2009 +0000
description:
Add a patch for CVE-2009-2446 based on the description in the report.
diffstat:
databases/mysql5-server/Makefile | 4 ++--
databases/mysql5-server/distinfo | 3 ++-
databases/mysql5-server/patches/patch-ac | 24 ++++++++++++++++++++++++
3 files changed, 28 insertions(+), 3 deletions(-)
diffs (57 lines):
diff -r 888a8c14a628 -r 178bd10fb30c databases/mysql5-server/Makefile
--- a/databases/mysql5-server/Makefile Sun Jul 19 13:17:56 2009 +0000
+++ b/databases/mysql5-server/Makefile Sun Jul 19 13:50:20 2009 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.27 2009/05/20 00:58:11 wiz Exp $
+# $NetBSD: Makefile,v 1.28 2009/07/19 13:50:20 tron Exp $
PKGNAME= ${DISTNAME:S/-/-server-/}
-PKGREVISION= 2
+PKGREVISION= 3
SVR4_PKGNAME= mysqs
COMMENT= MySQL 5, a free SQL database (server)
diff -r 888a8c14a628 -r 178bd10fb30c databases/mysql5-server/distinfo
--- a/databases/mysql5-server/distinfo Sun Jul 19 13:17:56 2009 +0000
+++ b/databases/mysql5-server/distinfo Sun Jul 19 13:50:20 2009 +0000
@@ -1,10 +1,11 @@
-$NetBSD: distinfo,v 1.21 2008/09/18 11:51:37 taca Exp $
+$NetBSD: distinfo,v 1.22 2009/07/19 13:50:20 tron Exp $
SHA1 (mysql-5.0.67.tar.gz) = 168090a4698a3a5efa2f2c9380a4352d4433d377
RMD160 (mysql-5.0.67.tar.gz) = 05d38a5f8d91cb4dac1ee446af96b28163bd3722
Size (mysql-5.0.67.tar.gz) = 28370810 bytes
SHA1 (patch-aa) = 913ffbbd5ce8496f412d30515fb5ecef23854023
SHA1 (patch-ab) = 7d3ff56e929f93b4843d62014a3f5f37cc1e84bc
+SHA1 (patch-ac) = e35a56fd1cae5c471d51b52b2949406be891580c
SHA1 (patch-ad) = b3246e3b2a666dffb72830c3ca30050a1e1263ca
SHA1 (patch-ae) = dc67ad03f9ea370b17a45f73e974013e0ac48d71
SHA1 (patch-af) = 256de04aefd067ac7bdf8a6d1d817723efa6c6ec
diff -r 888a8c14a628 -r 178bd10fb30c databases/mysql5-server/patches/patch-ac
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/databases/mysql5-server/patches/patch-ac Sun Jul 19 13:50:20 2009 +0000
@@ -0,0 +1,24 @@
+$NetBSD: patch-ac,v 1.8 2009/07/19 13:50:20 tron Exp $
+
+Patch for CVE-2009-2446.
+
+--- libmysqld/sql_parse.cc.orig 2008-08-04 13:20:10.000000000 +0100
++++ libmysqld/sql_parse.cc 2009-07-19 14:07:08.000000000 +0100
+@@ -2028,7 +2028,7 @@
+ }
+ if (check_access(thd,CREATE_ACL,db,0,1,0,is_schema_db(db)))
+ break;
+- mysql_log.write(thd,command,packet);
++ mysql_log.write(thd,command,"%s",packet);
+ bzero(&create_info, sizeof(create_info));
+ mysql_create_db(thd, (lower_case_table_names == 2 ? alias : db),
+ &create_info, 0);
+@@ -2053,7 +2053,7 @@
+ ER(ER_LOCK_OR_ACTIVE_TRANSACTION), MYF(0));
+ break;
+ }
+- mysql_log.write(thd,command,db);
++ mysql_log.write(thd,command,"%s",db);
+ mysql_rm_db(thd, db, 0, 0);
+ break;
+ }
Home |
Main Index |
Thread Index |
Old Index