parent
f2e31ad95f
commit
b2325d2583
17
community-mysql-rhbz1059545.patch
Normal file
17
community-mysql-rhbz1059545.patch
Normal file
@ -0,0 +1,17 @@
|
||||
Unsifficient limit check aims to security issue.
|
||||
|
||||
MariaDB upstream fix: http://bazaar.launchpad.net/~maria-captains/maria/5.5/revision/2502.565.64
|
||||
RHBZ#1059545
|
||||
|
||||
diff -up mysql-5.6.15/client/mysql.cc.bz1059545 mysql-5.6.15/client/mysql.cc
|
||||
--- mysql-5.6.15/client/mysql.cc.bz1059545 2014-01-30 18:09:47.209588217 +0100
|
||||
+++ mysql-5.6.15/client/mysql.cc 2014-01-30 18:09:59.016581192 +0100
|
||||
@@ -1315,7 +1315,7 @@ int main(int argc,char *argv[])
|
||||
|
||||
put_info("Welcome to the MySQL monitor. Commands end with ; or \\g.",
|
||||
INFO_INFO);
|
||||
- sprintf((char*) glob_buffer.ptr(),
|
||||
+ my_snprintf((char*) glob_buffer.ptr(), glob_buffer.alloced_length(),
|
||||
"Your MySQL connection id is %lu\nServer version: %s\n",
|
||||
mysql_thread_id(&mysql), server_version_string(&mysql));
|
||||
put_info((char*) glob_buffer.ptr(),INFO_INFO);
|
@ -14,7 +14,7 @@
|
||||
|
||||
Name: community-mysql
|
||||
Version: 5.6.15
|
||||
Release: 3%{?dist}
|
||||
Release: 4%{?dist}
|
||||
Summary: MySQL client programs and shared libraries
|
||||
Group: Applications/Databases
|
||||
URL: http://www.mysql.com
|
||||
@ -61,6 +61,7 @@ Patch31: community-mysql-innodbwarn.patch
|
||||
Patch32: community-mysql-covscan-signexpr.patch
|
||||
Patch33: community-mysql-covscan-stroverflow.patch
|
||||
Patch34: community-mysql-pluginerrmsg.patch
|
||||
Patch35: community-mysql-rhbz1059545.patch
|
||||
|
||||
BuildRequires: cmake
|
||||
BuildRequires: dos2unix
|
||||
@ -258,6 +259,7 @@ the MySQL sources.
|
||||
%patch32 -p1
|
||||
%patch33 -p1
|
||||
%patch34 -p1
|
||||
%patch35 -p1
|
||||
|
||||
# Workaround for upstream bug #http://bugs.mysql.com/56342
|
||||
rm -f mysql-test/t/ssl_8k_key-master.opt
|
||||
@ -748,6 +750,10 @@ fi
|
||||
%{_mandir}/man1/mysql_client_test.1*
|
||||
|
||||
%changelog
|
||||
* Thu Jan 30 2014 Honza Horak <hhorak@redhat.com> 5.6.15-4
|
||||
Fix for CVE-2014-0001
|
||||
Resolves: #1059545
|
||||
|
||||
* Fri Jan 24 2014 Honza Horak <hhorak@redhat.com> 5.6.15-3
|
||||
- Disable tests for ppc(64) and s390(x):
|
||||
innodb.innodb_ctype_ldml main.ctype_ldml main.ps_ddl main.ps_ddl1
|
||||
|
Loading…
Reference in New Issue
Block a user