rpms/mariadb
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Downstream script mariadb-prepare-db-dir fixed for CVE-2017-3265

Browse Source 
Related: #1458940

Changes based on MySQL changes:
76e9d7e5b3
7a5145e445
This commit is contained in:
Honza Horak 2017-06-06 07:35:28 +02:00
parent 61840ee570
commit b23629497b
2 changed files with 18 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
mariadb.spec
View File

@ -122,7 +122,7 @@
Name: mariadb Name: mariadb
Version: %{compatver}.%{bugfixver} Version: %{compatver}.%{bugfixver}
Release: 2%{?with_debug:.debug}%{?dist} Release: 3%{?with_debug:.debug}%{?dist}
Epoch: 3 Epoch: 3
Summary: A community developed branch of MySQL Summary: A community developed branch of MySQL
@ -1402,6 +1402,10 @@ fi
%endif %endif
%changelog %changelog
* Fri Jun 09 2017 Honza Horak <hhorak@redhat.com> - 3:10.1.24-3
Downstream script mariadb-prepare-db-dir fixed for CVE-2017-3265
Resolves: #1458940
* Wed Jun 07 2017 Michal Schorm <mschorm@redhat.com> - 3:10.1.24-2 * Wed Jun 07 2017 Michal Schorm <mschorm@redhat.com> - 3:10.1.24-2
- Fixed incorrect Jemalloc initialization; #1459671 - Fixed incorrect Jemalloc initialization; #1459671

29
mysql-prepare-db-dir.sh
View File

@ -56,24 +56,23 @@ else
fi fi
# Set up the errlogfile with appropriate permissions # Set up the errlogfile with appropriate permissions
touch "$errlogfile" if [ ! -e "$errlogfile" -a ! -h "$errlogfile" -a x$(dirname "$errlogfile") = "x/var/log" ]; then
ret=$? case $(basename "$errlogfile") in
# Provide some advice if the log file cannot be touched mysql*.log|mariadb*.log) install /dev/null -m0640 -o$myuser -g$mygroup "$errlogfile" ;;
if [ $ret -ne 0 ] ; then *) ;;
errlogdir=$(dirname $errlogfile) esac
else
# Provide some advice if the log file cannot be created by this script
errlogdir=$(dirname "$errlogfile")
if ! [ -d "$errlogdir" ] ; then if ! [ -d "$errlogdir" ] ; then
echo "The directory $errlogdir does not exist." echo "The directory $errlogdir does not exist."
elif [ -f "$errlogfile" ] ; then exit 1
echo "The log file $errlogfile cannot be touched, please, fix its permissions." elif [ -e "$errlogfile" -a ! -w "$errlogfile" ] ; then
else echo "The log file $errlogfile cannot be written, please, fix its permissions."
echo "The log file $errlogfile could not be created." echo "The daemon will be run under $myuser:$mygroup"
exit 1
fi fi
echo "The daemon will be run under $myuser:$mygroup"
exit 1
fi fi
chown "$myuser:$mygroup" "$errlogfile"
chmod 0640 "$errlogfile"
[ -x /sbin/restorecon ] && /sbin/restorecon "$errlogfile"
# Make the data directory if doesn't exist or empty # Make the data directory if doesn't exist or empty
if should_initialize "$datadir" ; then if should_initialize "$datadir" ; then
@ -118,8 +117,6 @@ if should_initialize "$datadir" ; then
fi fi
# upgrade does not need to be run on a fresh datadir # upgrade does not need to be run on a fresh datadir
echo "@VERSION@-MariaDB" >"$datadir/mysql_upgrade_info" echo "@VERSION@-MariaDB" >"$datadir/mysql_upgrade_info"
# In case we're running as root, make sure files are owned properly
chown -R "$myuser:$mygroup" "$datadir"
else else
if [ -d "$datadir/mysql/" ] ; then if [ -d "$datadir/mysql/" ] ; then
# mysql dir exists, it seems data are initialized properly # mysql dir exists, it seems data are initialized properly