Update to mysql version 5.0.51a
This commit is contained in:
parent
1986462cd1
commit
20564e52c0
@ -1 +1 @@
|
||||
mysql-5.0.45.tar.gz
|
||||
mysql-5.0.51a.tar.gz
|
||||
|
@ -1,75 +0,0 @@
|
||||
Back-port upstream fix for CVE-2007-5969.
|
||||
|
||||
diff -Naur mysql-5.0.45.orig/mysql-test/r/symlink.result mysql-5.0.45/mysql-test/r/symlink.result
|
||||
--- mysql-5.0.45.orig/mysql-test/r/symlink.result 2007-07-04 09:49:09.000000000 -0400
|
||||
+++ mysql-5.0.45/mysql-test/r/symlink.result 2007-12-13 12:28:59.000000000 -0500
|
||||
@@ -99,6 +99,12 @@
|
||||
`b` int(11) default NULL
|
||||
) ENGINE=MyISAM DEFAULT CHARSET=latin1
|
||||
drop table t1;
|
||||
+CREATE TABLE t1(a INT)
|
||||
+DATA DIRECTORY='TEST_DIR/master-data/mysql'
|
||||
+INDEX DIRECTORY='TEST_DIR/master-data/mysql';
|
||||
+RENAME TABLE t1 TO user;
|
||||
+ERROR HY000: Can't create/write to file 'TEST_DIR/master-data/mysql/user.MYI' (Errcode: 17)
|
||||
+DROP TABLE t1;
|
||||
show create table t1;
|
||||
Table Create Table
|
||||
t1 CREATE TABLE `t1` (
|
||||
diff -Naur mysql-5.0.45.orig/mysql-test/t/symlink.test mysql-5.0.45/mysql-test/t/symlink.test
|
||||
--- mysql-5.0.45.orig/mysql-test/t/symlink.test 2007-07-04 09:49:09.000000000 -0400
|
||||
+++ mysql-5.0.45/mysql-test/t/symlink.test 2007-12-13 12:28:59.000000000 -0500
|
||||
@@ -125,6 +125,18 @@
|
||||
drop table t1;
|
||||
|
||||
#
|
||||
+# BUG#32111 <http://bugs.mysql.com/32111> - Security Breach via DATA/INDEX DIRECORY and RENAME TABLE
|
||||
+#
|
||||
+--replace_result $MYSQLTEST_VARDIR TEST_DIR
|
||||
+eval CREATE TABLE t1(a INT)
|
||||
+DATA DIRECTORY='$MYSQLTEST_VARDIR/master-data/mysql'
|
||||
+INDEX DIRECTORY='$MYSQLTEST_VARDIR/master-data/mysql';
|
||||
+--replace_result $MYSQLTEST_VARDIR TEST_DIR
|
||||
+--error 1
|
||||
+RENAME TABLE t1 TO user;
|
||||
+DROP TABLE t1;
|
||||
+
|
||||
+#
|
||||
# Test specifying DATA DIRECTORY that is the same as what would normally
|
||||
# have been chosen. (Bug #8707)
|
||||
#
|
||||
diff -Naur mysql-5.0.45.orig/mysys/my_symlink2.c mysql-5.0.45/mysys/my_symlink2.c
|
||||
--- mysql-5.0.45.orig/mysys/my_symlink2.c 2007-07-04 09:06:25.000000000 -0400
|
||||
+++ mysql-5.0.45/mysys/my_symlink2.c 2007-12-13 12:28:59.000000000 -0500
|
||||
@@ -124,6 +124,7 @@
|
||||
int was_symlink= (!my_disable_symlinks &&
|
||||
!my_readlink(link_name, from, MYF(0)));
|
||||
int result=0;
|
||||
+ int name_is_different;
|
||||
DBUG_ENTER("my_rename_with_symlink");
|
||||
|
||||
if (!was_symlink)
|
||||
@@ -132,6 +133,14 @@
|
||||
/* Change filename that symlink pointed to */
|
||||
strmov(tmp_name, to);
|
||||
fn_same(tmp_name,link_name,1); /* Copy dir */
|
||||
+ name_is_different= strcmp(link_name, tmp_name);
|
||||
+ if (name_is_different && !access(tmp_name, F_OK))
|
||||
+ {
|
||||
+ my_errno= EEXIST;
|
||||
+ if (MyFlags & MY_WME)
|
||||
+ my_error(EE_CANTCREATEFILE, MYF(0), tmp_name, EEXIST);
|
||||
+ DBUG_RETURN(1);
|
||||
+ }
|
||||
|
||||
/* Create new symlink */
|
||||
if (my_symlink(tmp_name, to, MyFlags))
|
||||
@@ -143,7 +152,7 @@
|
||||
the same basename and different directories.
|
||||
*/
|
||||
|
||||
- if (strcmp(link_name, tmp_name) && my_rename(link_name, tmp_name, MyFlags))
|
||||
+ if (name_is_different && my_rename(link_name, tmp_name, MyFlags))
|
||||
{
|
||||
int save_errno=my_errno;
|
||||
my_delete(to, MyFlags); /* Remove created symlink */
|
75
mysql-ssl.patch
Normal file
75
mysql-ssl.patch
Normal file
@ -0,0 +1,75 @@
|
||||
Repair 5.0.50 SSL breakage, per upstream bug
|
||||
http://bugs.mysql.com/bug.php?id=33050
|
||||
|
||||
|
||||
diff -Naur mysql-5.0.54a.orig/vio/viossl.c mysql-5.0.54a/vio/viossl.c
|
||||
--- mysql-5.0.54a.orig/vio/viossl.c 2008-01-11 09:08:38.000000000 -0500
|
||||
+++ mysql-5.0.54a/vio/viossl.c 2008-02-12 15:30:42.000000000 -0500
|
||||
@@ -172,20 +172,15 @@
|
||||
vio_delete(vio);
|
||||
}
|
||||
|
||||
-int sslaccept(struct st_VioSSLFd *ptr, Vio *vio, long timeout)
|
||||
-{
|
||||
- DBUG_ENTER("sslaccept");
|
||||
- DBUG_RETURN(sslconnect(ptr, vio, timeout));
|
||||
-}
|
||||
-
|
||||
|
||||
-int sslconnect(struct st_VioSSLFd *ptr, Vio *vio, long timeout)
|
||||
+static int ssl_do(struct st_VioSSLFd *ptr, Vio *vio, long timeout,
|
||||
+ int (*connect_accept_func)(SSL*))
|
||||
{
|
||||
SSL *ssl;
|
||||
my_bool unused;
|
||||
my_bool was_blocking;
|
||||
|
||||
- DBUG_ENTER("sslconnect");
|
||||
+ DBUG_ENTER("ssl_do");
|
||||
DBUG_PRINT("enter", ("ptr: 0x%lx, sd: %d ctx: 0x%lx",
|
||||
(long) ptr, vio->sd, (long) ptr->ssl_context));
|
||||
|
||||
@@ -204,13 +199,9 @@
|
||||
SSL_SESSION_set_timeout(SSL_get_session(ssl), timeout);
|
||||
SSL_set_fd(ssl, vio->sd);
|
||||
|
||||
- /*
|
||||
- SSL_do_handshake will select between SSL_connect
|
||||
- or SSL_accept depending on server or client side
|
||||
- */
|
||||
- if (SSL_do_handshake(ssl) < 1)
|
||||
+ if (connect_accept_func(ssl) < 1)
|
||||
{
|
||||
- DBUG_PRINT("error", ("SSL_do_handshake failure"));
|
||||
+ DBUG_PRINT("error", ("SSL_connect/accept failure"));
|
||||
report_errors(ssl);
|
||||
SSL_free(ssl);
|
||||
vio_blocking(vio, was_blocking, &unused);
|
||||
@@ -259,6 +250,20 @@
|
||||
}
|
||||
|
||||
|
||||
+int sslaccept(struct st_VioSSLFd *ptr, Vio *vio, long timeout)
|
||||
+{
|
||||
+ DBUG_ENTER("sslaccept");
|
||||
+ DBUG_RETURN(ssl_do(ptr, vio, timeout, SSL_accept));
|
||||
+}
|
||||
+
|
||||
+
|
||||
+int sslconnect(struct st_VioSSLFd *ptr, Vio *vio, long timeout)
|
||||
+{
|
||||
+ DBUG_ENTER("sslconnect");
|
||||
+ DBUG_RETURN(ssl_do(ptr, vio, timeout, SSL_connect));
|
||||
+}
|
||||
+
|
||||
+
|
||||
int vio_ssl_blocking(Vio *vio __attribute__((unused)),
|
||||
my_bool set_blocking_mode,
|
||||
my_bool *old_mode)
|
||||
@@ -269,4 +274,6 @@
|
||||
return (set_blocking_mode ? 0 : 1);
|
||||
}
|
||||
|
||||
+
|
||||
+
|
||||
#endif /* HAVE_OPENSSL */
|
@ -1,160 +0,0 @@
|
||||
Back-port upstream fix for CVE-2007-6303.
|
||||
|
||||
diff -Naur mysql-5.0.45.orig/mysql-test/r/view_grant.result mysql-5.0.45/mysql-test/r/view_grant.result
|
||||
--- mysql-5.0.45.orig/mysql-test/r/view_grant.result 2007-07-04 09:49:09.000000000 -0400
|
||||
+++ mysql-5.0.45/mysql-test/r/view_grant.result 2007-12-13 14:20:02.000000000 -0500
|
||||
@@ -776,15 +776,60 @@
|
||||
GRANT DROP, CREATE VIEW ON db26813.v3 TO u26813@localhost;
|
||||
GRANT SELECT ON db26813.t1 TO u26813@localhost;
|
||||
ALTER VIEW v1 AS SELECT f2 FROM t1;
|
||||
-ERROR 42000: CREATE VIEW command denied to user 'u26813'@'localhost' for table 'v1'
|
||||
+ERROR 42000: Access denied; you need the SUPER privilege for this operation
|
||||
ALTER VIEW v2 AS SELECT f2 FROM t1;
|
||||
-ERROR 42000: DROP command denied to user 'u26813'@'localhost' for table 'v2'
|
||||
+ERROR 42000: Access denied; you need the SUPER privilege for this operation
|
||||
ALTER VIEW v3 AS SELECT f2 FROM t1;
|
||||
+ERROR 42000: Access denied; you need the SUPER privilege for this operation
|
||||
SHOW CREATE VIEW v3;
|
||||
View Create View
|
||||
-v3 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v3` AS select `t1`.`f2` AS `f2` from `t1`
|
||||
+v3 CREATE ALGORITHM=UNDEFINED DEFINER=`root`@`localhost` SQL SECURITY DEFINER VIEW `v3` AS select `t1`.`f1` AS `f1` from `t1`
|
||||
DROP USER u26813@localhost;
|
||||
DROP DATABASE db26813;
|
||||
+#
|
||||
+# Bug#29908: A user can gain additional access through the ALTER VIEW.
|
||||
+#
|
||||
+CREATE DATABASE mysqltest_29908;
|
||||
+USE mysqltest_29908;
|
||||
+CREATE TABLE t1(f1 INT, f2 INT);
|
||||
+CREATE USER u29908_1@localhost;
|
||||
+CREATE DEFINER = u29908_1@localhost VIEW v1 AS SELECT f1 FROM t1;
|
||||
+CREATE DEFINER = u29908_1@localhost SQL SECURITY INVOKER VIEW v2 AS
|
||||
+SELECT f1 FROM t1;
|
||||
+GRANT DROP, CREATE VIEW, SHOW VIEW ON mysqltest_29908.v1 TO u29908_1@localhost;
|
||||
+GRANT DROP, CREATE VIEW, SHOW VIEW ON mysqltest_29908.v2 TO u29908_1@localhost;
|
||||
+GRANT SELECT ON mysqltest_29908.t1 TO u29908_1@localhost;
|
||||
+CREATE USER u29908_2@localhost;
|
||||
+GRANT DROP, CREATE VIEW ON mysqltest_29908.v1 TO u29908_2@localhost;
|
||||
+GRANT DROP, CREATE VIEW, SHOW VIEW ON mysqltest_29908.v2 TO u29908_2@localhost;
|
||||
+GRANT SELECT ON mysqltest_29908.t1 TO u29908_2@localhost;
|
||||
+ALTER VIEW v1 AS SELECT f2 FROM t1;
|
||||
+ERROR 42000: Access denied; you need the SUPER privilege for this operation
|
||||
+ALTER VIEW v2 AS SELECT f2 FROM t1;
|
||||
+ERROR 42000: Access denied; you need the SUPER privilege for this operation
|
||||
+SHOW CREATE VIEW v2;
|
||||
+View Create View
|
||||
+v2 CREATE ALGORITHM=UNDEFINED DEFINER=`u29908_1`@`localhost` SQL SECURITY INVOKER VIEW `v2` AS select `t1`.`f1` AS `f1` from `t1`
|
||||
+ALTER VIEW v1 AS SELECT f2 FROM t1;
|
||||
+SHOW CREATE VIEW v1;
|
||||
+View Create View
|
||||
+v1 CREATE ALGORITHM=UNDEFINED DEFINER=`u29908_1`@`localhost` SQL SECURITY DEFINER VIEW `v1` AS select `t1`.`f2` AS `f2` from `t1`
|
||||
+ALTER VIEW v2 AS SELECT f2 FROM t1;
|
||||
+SHOW CREATE VIEW v2;
|
||||
+View Create View
|
||||
+v2 CREATE ALGORITHM=UNDEFINED DEFINER=`u29908_1`@`localhost` SQL SECURITY INVOKER VIEW `v2` AS select `t1`.`f2` AS `f2` from `t1`
|
||||
+ALTER VIEW v1 AS SELECT f1 FROM t1;
|
||||
+SHOW CREATE VIEW v1;
|
||||
+View Create View
|
||||
+v1 CREATE ALGORITHM=UNDEFINED DEFINER=`u29908_1`@`localhost` SQL SECURITY DEFINER VIEW `v1` AS select `t1`.`f1` AS `f1` from `t1`
|
||||
+ALTER VIEW v2 AS SELECT f1 FROM t1;
|
||||
+SHOW CREATE VIEW v2;
|
||||
+View Create View
|
||||
+v2 CREATE ALGORITHM=UNDEFINED DEFINER=`u29908_1`@`localhost` SQL SECURITY INVOKER VIEW `v2` AS select `t1`.`f1` AS `f1` from `t1`
|
||||
+DROP USER u29908_1@localhost;
|
||||
+DROP USER u29908_2@localhost;
|
||||
+DROP DATABASE mysqltest_29908;
|
||||
+#######################################################################
|
||||
DROP DATABASE IF EXISTS mysqltest1;
|
||||
DROP DATABASE IF EXISTS mysqltest2;
|
||||
CREATE DATABASE mysqltest1;
|
||||
diff -Naur mysql-5.0.45.orig/mysql-test/t/view_grant.test mysql-5.0.45/mysql-test/t/view_grant.test
|
||||
--- mysql-5.0.45.orig/mysql-test/t/view_grant.test 2007-07-04 09:49:09.000000000 -0400
|
||||
+++ mysql-5.0.45/mysql-test/t/view_grant.test 2007-12-13 14:19:43.000000000 -0500
|
||||
@@ -1034,10 +1034,11 @@
|
||||
|
||||
connect (u1,localhost,u26813,,db26813);
|
||||
connection u1;
|
||||
---error 1142
|
||||
+--error ER_SPECIFIC_ACCESS_DENIED_ERROR
|
||||
ALTER VIEW v1 AS SELECT f2 FROM t1;
|
||||
---error 1142
|
||||
+--error ER_SPECIFIC_ACCESS_DENIED_ERROR
|
||||
ALTER VIEW v2 AS SELECT f2 FROM t1;
|
||||
+--error ER_SPECIFIC_ACCESS_DENIED_ERROR
|
||||
ALTER VIEW v3 AS SELECT f2 FROM t1;
|
||||
|
||||
connection root;
|
||||
@@ -1047,6 +1048,51 @@
|
||||
DROP DATABASE db26813;
|
||||
disconnect u1;
|
||||
|
||||
+--echo #
|
||||
+--echo # Bug#29908: A user can gain additional access through the ALTER VIEW.
|
||||
+--echo #
|
||||
+connection root;
|
||||
+CREATE DATABASE mysqltest_29908;
|
||||
+USE mysqltest_29908;
|
||||
+CREATE TABLE t1(f1 INT, f2 INT);
|
||||
+CREATE USER u29908_1@localhost;
|
||||
+CREATE DEFINER = u29908_1@localhost VIEW v1 AS SELECT f1 FROM t1;
|
||||
+CREATE DEFINER = u29908_1@localhost SQL SECURITY INVOKER VIEW v2 AS
|
||||
+ SELECT f1 FROM t1;
|
||||
+GRANT DROP, CREATE VIEW, SHOW VIEW ON mysqltest_29908.v1 TO u29908_1@localhost;
|
||||
+GRANT DROP, CREATE VIEW, SHOW VIEW ON mysqltest_29908.v2 TO u29908_1@localhost;
|
||||
+GRANT SELECT ON mysqltest_29908.t1 TO u29908_1@localhost;
|
||||
+CREATE USER u29908_2@localhost;
|
||||
+GRANT DROP, CREATE VIEW ON mysqltest_29908.v1 TO u29908_2@localhost;
|
||||
+GRANT DROP, CREATE VIEW, SHOW VIEW ON mysqltest_29908.v2 TO u29908_2@localhost;
|
||||
+GRANT SELECT ON mysqltest_29908.t1 TO u29908_2@localhost;
|
||||
+
|
||||
+connect (u2,localhost,u29908_2,,mysqltest_29908);
|
||||
+--error ER_SPECIFIC_ACCESS_DENIED_ERROR
|
||||
+ALTER VIEW v1 AS SELECT f2 FROM t1;
|
||||
+--error ER_SPECIFIC_ACCESS_DENIED_ERROR
|
||||
+ALTER VIEW v2 AS SELECT f2 FROM t1;
|
||||
+SHOW CREATE VIEW v2;
|
||||
+
|
||||
+connect (u1,localhost,u29908_1,,mysqltest_29908);
|
||||
+ALTER VIEW v1 AS SELECT f2 FROM t1;
|
||||
+SHOW CREATE VIEW v1;
|
||||
+ALTER VIEW v2 AS SELECT f2 FROM t1;
|
||||
+SHOW CREATE VIEW v2;
|
||||
+
|
||||
+connection root;
|
||||
+ALTER VIEW v1 AS SELECT f1 FROM t1;
|
||||
+SHOW CREATE VIEW v1;
|
||||
+ALTER VIEW v2 AS SELECT f1 FROM t1;
|
||||
+SHOW CREATE VIEW v2;
|
||||
+
|
||||
+DROP USER u29908_1@localhost;
|
||||
+DROP USER u29908_2@localhost;
|
||||
+DROP DATABASE mysqltest_29908;
|
||||
+disconnect u1;
|
||||
+disconnect u2;
|
||||
+--echo #######################################################################
|
||||
+
|
||||
#
|
||||
# BUG#24040: Create View don't succed with "all privileges" on a database.
|
||||
#
|
||||
diff -Naur mysql-5.0.45.orig/sql/sql_view.cc mysql-5.0.45/sql/sql_view.cc
|
||||
--- mysql-5.0.45.orig/sql/sql_view.cc 2007-07-04 09:06:03.000000000 -0400
|
||||
+++ mysql-5.0.45/sql/sql_view.cc 2007-12-13 13:30:29.000000000 -0500
|
||||
@@ -224,9 +224,6 @@
|
||||
{
|
||||
LEX *lex= thd->lex;
|
||||
bool link_to_local;
|
||||
-#ifndef NO_EMBEDDED_ACCESS_CHECKS
|
||||
- bool definer_check_is_needed= mode != VIEW_ALTER || lex->definer;
|
||||
-#endif
|
||||
/* first table in list is target VIEW name => cut off it */
|
||||
TABLE_LIST *view= lex->unlink_first_table(&link_to_local);
|
||||
TABLE_LIST *tables= lex->query_tables;
|
||||
@@ -281,7 +278,7 @@
|
||||
- same as current user
|
||||
- current user has SUPER_ACL
|
||||
*/
|
||||
- if (definer_check_is_needed &&
|
||||
+ if (lex->definer &&
|
||||
(strcmp(lex->definer->user.str, thd->security_ctx->priv_user) != 0 ||
|
||||
my_strcasecmp(system_charset_info,
|
||||
lex->definer->host.str,
|
12
mysql.spec
12
mysql.spec
@ -1,6 +1,6 @@
|
||||
Name: mysql
|
||||
Version: 5.0.45
|
||||
Release: 11%{?dist}
|
||||
Version: 5.0.51a
|
||||
Release: 1%{?dist}
|
||||
Summary: MySQL client programs and shared libraries
|
||||
Group: Applications/Databases
|
||||
URL: http://www.mysql.com
|
||||
@ -29,8 +29,7 @@ Patch8: mysql-install-test.patch
|
||||
Patch9: mysql-bdb-link.patch
|
||||
Patch10: mysql-bdb-open.patch
|
||||
Patch11: mysql-innodb-crash.patch
|
||||
Patch12: mysql-rename-bug.patch
|
||||
Patch13: mysql-view-bug.patch
|
||||
Patch12: mysql-ssl.patch
|
||||
Patch14: mysql-ss-test.patch
|
||||
Patch15: mysql-stack-guard.patch
|
||||
|
||||
@ -140,7 +139,6 @@ the MySQL sources.
|
||||
%patch10 -p1
|
||||
%patch11 -p1
|
||||
%patch12 -p1
|
||||
%patch13 -p1
|
||||
%patch14 -p1
|
||||
%patch15 -p1
|
||||
|
||||
@ -254,6 +252,7 @@ rm -f ${RPM_BUILD_ROOT}%{_datadir}/mysql/make_sharedlib_distribution
|
||||
rm -f ${RPM_BUILD_ROOT}%{_datadir}/mysql/mi_test_all*
|
||||
rm -f ${RPM_BUILD_ROOT}%{_datadir}/mysql/ndb-config-2-node.ini
|
||||
rm -f ${RPM_BUILD_ROOT}%{_datadir}/mysql/mysql.server
|
||||
rm -f ${RPM_BUILD_ROOT}%{_datadir}/mysql/mysqld_multi.server
|
||||
rm -f ${RPM_BUILD_ROOT}%{_datadir}/mysql/MySQL-shared-compat.spec
|
||||
rm -f ${RPM_BUILD_ROOT}%{_datadir}/mysql/*.plist
|
||||
rm -f ${RPM_BUILD_ROOT}%{_datadir}/mysql/preinstall
|
||||
@ -484,6 +483,9 @@ fi
|
||||
%{_mandir}/man1/mysql_client_test.1*
|
||||
|
||||
%changelog
|
||||
* Mon Mar 3 2008 Tom Lane <tgl@redhat.com> 5.0.51a-1
|
||||
- Update to mysql version 5.0.51a
|
||||
|
||||
* Mon Mar 3 2008 Tom Lane <tgl@redhat.com> 5.0.45-11
|
||||
- Fix mysql-stack-guard patch to work correctly on IA64
|
||||
- Fix mysql.init to wait correctly when socket is not in default place
|
||||
|
Loading…
Reference in New Issue
Block a user