From 3cdcdbba5f942d3213f34d4ce4b196ac48b57b83 Mon Sep 17 00:00:00 2001
From: Anton Bobrov <antbob@users.noreply.github.com>
Date: Mon, 10 Jul 2023 14:35:55 +0200
Subject: [PATCH] Resolves: #2217001 #2081414 #2151429 #2169410 #2173009

Fixes: CVE-2022-47015, CVE-2018-25032, CVE-2022-32091, CVE-2022-32084

This 10.3.39 rebase requires patching some SSL/TLS related errors on
some unit tests, likely caused by mysqltest client async sessions
implementation (underlying ssl error is unknown). The blanket error
2026 condition/s is recoverable in all cases except the reap cases
which cannot not be restarted tho the underlying connection/session
was still valid and functioning for any subsequent operations. In
some of those existing test cases connection/session errors are
already expected, its just here they manifest themselves as SSL/TLS
errors it seems. The disks.disks test is a known issue, see
https://jira.mariadb.org/browse/MDEV-21587
---
 mariadb-10.3.39-tests.patch | 101 ++++++++++++++++++++++++++++++++++++
 mariadb.spec                |  11 +++-
 sources                     |   2 +-
 3 files changed, 111 insertions(+), 3 deletions(-)
 create mode 100644 mariadb-10.3.39-tests.patch

diff --git a/mariadb-10.3.39-tests.patch b/mariadb-10.3.39-tests.patch
new file mode 100644
index 0000000..54f5ff9
--- /dev/null
+++ b/mariadb-10.3.39-tests.patch
@@ -0,0 +1,101 @@
+--- mariadb-10.3.39/mysql-test/include/default_mysqld.cnf	2023-05-03 06:32:44.000000000 +0200
++++ ../../mariadb-10.3.39/mysql-test/include/default_mysqld.cnf	2023-07-07 13:58:40.255283041 +0200
+@@ -127,3 +127,8 @@ local-infile
+ # tables.  Let's enable it in the [server] group, because this group
+ # is read after [mysqld] and [embedded]
+ loose-aria
++
++[mysqltest]
++loose-ssl-ca=@ENV.MYSQL_TEST_DIR/std_data/cacert.pem
++loose-ssl-cert=@ENV.MYSQL_TEST_DIR/std_data/server-cert.pem
++loose-ssl-key=@ENV.MYSQL_TEST_DIR/std_data/server-key.pem
+
+--- mariadb-10.3.39/mysql-test/include/wait_until_connected_again.inc	2023-05-03 06:32:44.000000000 +0200
++++ ../../mariadb-10.3.39/mysql-test/include/wait_until_connected_again.inc	2023-07-07 13:55:30.424368106 +0200
+@@ -11,7 +11,7 @@ let $counter= 5000;
+ let $mysql_errno= 9999;
+ while ($mysql_errno)
+ {
+-  --error 0,ER_SERVER_SHUTDOWN,ER_CONNECTION_KILLED,ER_LOCK_WAIT_TIMEOUT,2002,2006,2013
++  --error 0,ER_SERVER_SHUTDOWN,ER_CONNECTION_KILLED,ER_LOCK_WAIT_TIMEOUT,2002,2006,2013,2026
+   show status;
+ 
+   dec $counter;
+
+--- mariadb-10.3.39/mysql-test/suite/rpl/t/rpl_err_ignoredtable.test	2023-05-03 06:32:45.000000000 +0200
++++ ../../mariadb-10.3.39/mysql-test/suite/rpl/t/rpl_err_ignoredtable.test	2023-07-07 13:54:31.152082427 +0200
+@@ -53,7 +53,7 @@ insert into t4 values (3),(4);
+ connection master;
+ # The get_lock function causes warning for unsafe statement.
+ --disable_warnings
+---error 0,1317,2013
++--error 0,1317,2013,2026
+ reap;
+ --enable_warnings
+ connection master1;
+
+--- mariadb-10.3.39/mysql-test/suite/innodb/t/innodb_bug51920.test	2023-05-03 06:32:44.000000000 +0200
++++ ../../mariadb-10.3.39/mysql-test/suite/innodb/t/innodb_bug51920.test	2023-07-07 15:11:39.000404508 +0200
+@@ -36,7 +36,7 @@ let $wait_condition =
+ # depending on platform.
+ #
+ connection con1;
+--- error 1317, 2006, 2013, ER_CONNECTION_KILLED
++-- error 1317, 2006, 2013, 2026, ER_CONNECTION_KILLED
+ reap;
+ connection default;
+ DROP TABLE bug51920;
+
+--- mariadb-10.3.39/mysql-test/main/lock_kill.test	2023-05-03 06:32:44.000000000 +0200
++++ ../../mariadb-10.3.39/mysql-test/main/lock_kill.test	2023-07-07 15:13:54.335086789 +0200
+@@ -17,7 +17,7 @@ LOCK TABLE t1 WRITE;
+ eval KILL $conid;
+ --enable_query_log
+ --connection con1
+---error 0,2006,2013,ER_CONNECTION_KILLED
++--error 0,2006,2013,2026,ER_CONNECTION_KILLED
+ reap;
+ --connection default
+ --disconnect con1
+@@ -35,7 +35,7 @@ LOCK TABLE t1 WRITE, t2 WRITE;
+ eval KILL $conid;
+ --enable_query_log
+ --connection con1
+---error 0,2006,2013,ER_CONNECTION_KILLED
++--error 0,2006,2013,2026,ER_CONNECTION_KILLED
+ reap;
+ --connection default
+ --disconnect con1
+
+--- mariadb-10.3.39/mysql-test/main/loadxml.test	2023-05-03 06:32:44.000000000 +0200
++++ ../../mariadb-10.3.39/mysql-test/main/loadxml.test	2023-07-07 15:15:14.862492763 +0200
+@@ -83,7 +83,7 @@ connection default;
+ connection addconroot;
+ # Read response from connection to avoid packets out-of-order when disconnecting
+ # Note, that connection can already be dead due to previously issued kill
+---error 0,2013
++--error 0,2013,2026
+ --reap
+ disconnect addconroot;
+ connection default;
+
+--- mariadb-10.3.39/plugin/disks/mysql-test/disks/disks.test	2023-05-03 06:32:45.000000000 +0200
++++ ../../mariadb-10.3.39/plugin/disks/mysql-test/disks/disks.test	2023-07-10 11:48:28.859497746 +0200
+@@ -1,3 +1,3 @@
+ --replace_regex /varchar\([0-9]+\)/varchar(pathlen)/
+ show create table information_schema.disks;
+-select sum(Total) > sum(Available), sum(Total)>sum(Used) from information_schema.disks;
++select sum(Total) >= sum(Available), sum(Total) >= sum(Used) from information_schema.disks;
+
+--- mariadb-10.3.39/plugin/disks/mysql-test/disks/disks.result	2023-05-03 06:32:45.000000000 +0200
++++ ../../mariadb-10.3.39/plugin/disks/mysql-test/disks/disks.result	2023-07-10 12:47:10.460233056 +0200
+@@ -7,6 +7,6 @@ DISKS	CREATE TEMPORARY TABLE `DISKS` (
+   `Used` bigint(32) NOT NULL,
+   `Available` bigint(32) NOT NULL
+ ) ENGINE=MEMORY DEFAULT CHARSET=utf8 COLLATE=utf8_general_ci
+-select sum(Total) > sum(Available), sum(Total)>sum(Used) from information_schema.disks;
+-sum(Total) > sum(Available)	sum(Total)>sum(Used)
++select sum(Total) >= sum(Available), sum(Total) >= sum(Used) from information_schema.disks;
++sum(Total) >= sum(Available)	sum(Total) >= sum(Used)
+ 1	1
+
diff --git a/mariadb.spec b/mariadb.spec
index f6ccf19..ffc561f 100644
--- a/mariadb.spec
+++ b/mariadb.spec
@@ -142,7 +142,7 @@
 %global sameevr   %{epoch}:%{version}-%{release}
 
 Name:             mariadb
-Version:          10.3.35
+Version:          10.3.39
 Release:          1%{?with_debug:.debug}%{?dist}
 Epoch:            3
 
@@ -190,7 +190,8 @@ Patch9:           %{pkgnamepatch}-ownsetup.patch
 Patch10:          %{pkgnamepatch}-annocheck.patch
 #   Patch12: Downstream fix for a correct pkgconfig file location
 Patch12:          %{pkgnamepatch}-pcdir.patch
-
+#   Patch13: Fix failing 10.3.39 ssl and disks tests
+Patch13:          %{pkgnamepatch}-10.3.39-tests.patch
 
 BuildRequires:    cmake gcc-c++
 BuildRequires:    multilib-rpm-config
@@ -695,6 +696,7 @@ find . -name "*.jar" -type f -exec rm --verbose -f {} \;
 %patch9 -p1
 %patch10 -p1
 %patch12 -p1
+%patch13 -p1
 
 # workaround for upstream bug #56342
 #rm mysql-test/t/ssl_8k_key-master.opt
@@ -1584,6 +1586,11 @@ fi
 %endif
 
 %changelog
+* Thu Jun 22 2023 Anton Bobrov <abobrov@redhat.com> - 3:10.3.39-1
+- Rebase to 10.3.39
+- CVEs fixed:
+  CVE-2022-47015, CVE-2018-25032, CVE-2022-32091, CVE-2022-32084
+
 * Thu Jun 30 2022 Zuzana Miklankova <zmiklank@redhat.com> - 3:10.3.35-1
 - Rebase to 10.3.35
 
diff --git a/sources b/sources
index 0e3c864..a6c6d31 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (mariadb-10.3.35.tar.gz) = 9355de944eccef4e0bc01b19ffc3c0c72cf88befae7385c6f0ee1ea47dbd98d23f6bb46af9c140acc48d9d9613552870684bc0b7ca1f3cff1dc09c1a2c801573
+SHA512 (mariadb-10.3.39.tar.gz) = 77c6ee49b0c1a5a5d1f5b5c86fe3dbca4be2da265048dbac1ad27c36972a64a267efebdc7ccc81952d81c2f3b1e1ed45e2c0db8107a69529d3d9a3066b015563