Commit 3b3d1e39 authored by J0WI's avatar J0WI Committed by Leonardo Arena

main/mariadb: security upgrade to 10.3.13

CVE-2019-2510, CVE-2019-2537
parent bad64dae
From ac84787559f95f717cecb444bab6c4c5f7293f3e Mon Sep 17 00:00:00 2001
From: Natanael Copa <ncopa@alpinelinux.org>
Date: Wed, 16 Jan 2019 14:28:37 +0000
Subject: [PATCH] MDEV-18269 - fix off-by-one bug in unittest
Fix the off-by-one overflow which was introduced with commit
b0fd06a6f2721 (MDEV-15670 - unit.my_atomic failed in buildbot with
Signal 11 thrown)
---
unittest/mysys/thr_template.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/unittest/mysys/thr_template.c b/unittest/mysys/thr_template.c
index 3a57ed091e9..3606a253ae4 100644
--- a/unittest/mysys/thr_template.c
+++ b/unittest/mysys/thr_template.c
@@ -34,7 +34,7 @@ void test_concurrently(const char *test, pthread_handler handler, int n, int m)
bad= 0;
diag("Testing %s with %d threads, %d iterations... ", test, n, m);
- for (i= n; i; i--)
+ for (i= 0; i < n; i++)
{
if (pthread_create(&threads[i], 0, handler, &m) != 0)
{
@@ -43,7 +43,7 @@ void test_concurrently(const char *test, pthread_handler handler, int n, int m)
}
}
- for (i= n; i; i--)
+ for (i= 0; i < n; i++)
pthread_join(threads[i], 0);
now= my_interval_timer() - now;
--
2.20.1
......@@ -5,10 +5,10 @@
# Contributor: TBK <alpine@jjtc.eu>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=mariadb
pkgver=10.3.12
pkgrel=2
pkgver=10.3.13
pkgrel=0
pkgdesc="A fast SQL database server"
url="http://www.mariadb.org"
url="https://www.mariadb.org"
pkgusers="mysql"
pkggroups="mysql"
arch="all"
......@@ -40,16 +40,17 @@ fi
source="https://downloads.mariadb.org/interstitial/mariadb-$pkgver/source/mariadb-$pkgver.tar.gz
$pkgname.initd
fix-c11-atomics-check.patch
fix-mysql-install-db-path.patch
ppc-remove-glibc-dep.patch
pcre.cmake.patch
0001-MDEV-18269-fix-off-by-one-bug-in-unittest.patch
"
# dbug test fails under rootbld
#options="!check"
builddir="$srcdir/$pkgname-$pkgver"
# secfixes:
# 10.3.13-r0:
# - CVE-2019-2510
# - CVE-2019-2537
# 10.3.11-r0:
# - CVE-2018-3282
# - CVE-2016-9843
......@@ -419,10 +420,8 @@ _plugin_rocksdb() {
"$subpkgdir"/usr/lib/mariadb/plugin/ha_rocksdb.so
}
sha512sums="9dd2939684c4591db306be6afb34663626dfaae133f88dd31125c759dce16b9e9d767a9254e30d9ee5fa2ea027e223dd4799effba8a8b0e4638d5de9e2512003 mariadb-10.3.12.tar.gz
sha512sums="3cbd93291aa43b235e5b81d953ea69fb32df54fb518f922f69b5485952f01fae693c77b0efac37f414ed7ff132d3b58f899812bdb7be8a5b344c3640e2c3a0dd mariadb-10.3.13.tar.gz
06751768cb00d2e433655635c38d267ef25084a5830ff40e719ac579223c7192dc34b43f919ab6faf480094632327511cbd22456064dde2d04dc15648b9e3b9f mariadb.initd
b4469f2f0299e71c09b65c91373f2d72b7fe9a9cd58ad24737a78a8097473b29c32b7267e173a2dfe1158f2f7d40a7fb02fb1b35caeda44d16ae3b9e2602a75f fix-c11-atomics-check.patch
0c08198b907dad18c5a7ab89f37ff53da7cb102b0848fb58912900bd92468a0d4f853bc5c0116f655c500d5ed20dcbf20d3884dcd0040634e23c911dfeaf7001 fix-mysql-install-db-path.patch
e9ae4613f1d8c5f0a59b39a3548c46e50674ae78e7457d0e64c49f7e1573125c13634bbce7e29179bb8865a423171f852f43b96f7ef95619a95f02edcfc71efd ppc-remove-glibc-dep.patch
70da971aa78815495098205bcbd28428430aa83c3f1050fec0231ca86af9d9def2d2108a48ee08d86812c8dc5ad8ab1ef4e17a49b4936ed5187ae0f6a7ef8f63 pcre.cmake.patch
f203fe7d4ab2c54dba1219b7fe7fcc7d128256424441f45441b65f117da2fb3e217fb69561bb3891c4b8a3cbd6d7b98ee614242533b441f198e211dcf6c5b1d9 0001-MDEV-18269-fix-off-by-one-bug-in-unittest.patch"
70da971aa78815495098205bcbd28428430aa83c3f1050fec0231ca86af9d9def2d2108a48ee08d86812c8dc5ad8ab1ef4e17a49b4936ed5187ae0f6a7ef8f63 pcre.cmake.patch"
diff --git a/scripts/CMakeLists.txt b/scripts/CMakeLists.txt
index 464c00d..d75874e 100644
--- a/scripts/CMakeLists.txt
+++ b/scripts/CMakeLists.txt
@@ -166,29 +166,13 @@ SET(HOSTNAME "hostname")
SET(MYSQLD_USER "mysql")
ENDIF(UNIX)
-# Really ugly, one script, "mysql_install_db", needs prefix set to ".",
-# i.e. makes access relative the current directory. This matches
-# the documentation, so better not change this.
-
-IF(INSTALL_LAYOUT MATCHES "STANDALONE")
- SET(prefix ".")
- SET(bindir ${prefix}/${INSTALL_BINDIR})
- SET(sbindir ${prefix}/${INSTALL_SBINDIR})
- SET(scriptdir ${prefix}/${INSTALL_BINDIR})
- SET(libexecdir ${prefix}/${INSTALL_SBINDIR})
- SET(pkgdatadir ${prefix}/${INSTALL_MYSQLSHAREDIR})
- SET(pkgplugindir ${prefix}/${INSTALL_PLUGINDIR})
- SET(localstatedir ${prefix}/data)
-ELSE()
- SET(prefix "${CMAKE_INSTALL_PREFIX}")
- SET(bindir ${INSTALL_BINDIRABS})
- SET(sbindir ${INSTALL_SBINDIRABS})
- SET(scriptdir ${INSTALL_BINDIRABS})
- SET(libexecdir ${INSTALL_SBINDIRABS})
- SET(pkgdatadir ${INSTALL_MYSQLSHAREDIRABS})
- SET(pkgplugindir ${INSTALL_PLUGINDIRABS})
- SET(localstatedir ${MYSQL_DATADIR})
-ENDIF()
+SET(prefix "${CMAKE_INSTALL_PREFIX}")
+SET(bindir ${prefix}/${INSTALL_BINDIR})
+SET(sbindir ${prefix}/${INSTALL_SBINDIR})
+SET(scriptdir ${prefix}/${INSTALL_BINDIR})
+SET(libexecdir ${prefix}/${INSTALL_SBINDIR})
+SET(pkgdatadir ${prefix}/${INSTALL_MYSQLSHAREDIR})
+SET(localstatedir ${MYSQL_DATADIR})
SET(resolveip_locations "$basedir/${INSTALL_BINDIR} $basedir/bin")
SET(mysqld_locations "$basedir/${INSTALL_SBINDIR} $basedir/libexec $basedir/sbin $basedir/bin")
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment