main/mariadb: security upgrade to 10.3.13

CVE-2019-2510, CVE-2019-2537
author: J0WI <J0WI@users.noreply.github.com> 2019-02-23 14:15:32 +0100
committer: Leonardo Arena <rnalrd@alpinelinux.org> 2019-02-26 13:00:08 +0000
commit: 267ee53412691dbdd967dfd1497b45a3f711ccd1 (patch)
tree: 7c4cb93ffe8031c1abbd17450d0149463a914823
parent: 515346ba5122de9073f216f2cef10dbcc5c917a6 (diff)
download: alpine_aports-267ee53412691dbdd967dfd1497b45a3f711ccd1.tar.bz2
alpine_aports-267ee53412691dbdd967dfd1497b45a3f711ccd1.tar.xz
alpine_aports-267ee53412691dbdd967dfd1497b45a3f711ccd1.zip
3 files changed, 8 insertions, 87 deletions
diff --git a/main/mariadb/0001-MDEV-18269-fix-off-by-one-bug-in-unittest.patch b/main/mariadb/0001-MDEV-18269-fix-off-by-one-bug-in-unittest.patch
deleted file mode 100644
index d45bfa6f93..0000000000
--- a/main/mariadb/0001-MDEV-18269-fix-off-by-one-bug-in-unittest.patch
+++ /dev/null
@@ -1,37 +0,0 @@
-From ac84787559f95f717cecb444bab6c4c5f7293f3e Mon Sep 17 00:00:00 2001
-From: Natanael Copa <ncopa@alpinelinux.org>
-Date: Wed, 16 Jan 2019 14:28:37 +0000
-Subject: [PATCH] MDEV-18269 - fix off-by-one bug in unittest
-Fix the off-by-one overflow which was introduced with commit
-b0fd06a6f2721 (MDEV-15670 - unit.my_atomic failed in buildbot with
-Signal 11 thrown)
---
- unittest/mysys/thr_template.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-diff --git a/unittest/mysys/thr_template.c b/unittest/mysys/thr_template.c
-index 3a57ed091e9..3606a253ae4 100644
--- a/unittest/mysys/thr_template.c
-+++ b/unittest/mysys/thr_template.c
-@@ -34,7 +34,7 @@ void test_concurrently(const char *test, pthread_handler handler, int n, int m)
-   bad= 0;
- 
-   diag("Testing %s with %d threads, %d iterations... ", test, n, m);
-  for (i= n; i; i--)
-+  for (i= 0; i < n; i++)
-   {
-     if (pthread_create(&threads[i], 0, handler, &m) != 0)
-     {
-@@ -43,7 +43,7 @@ void test_concurrently(const char *test, pthread_handler handler, int n, int m)
-     }
-   }
- 
-  for (i= n; i; i--)
-+  for (i= 0; i < n; i++)
-     pthread_join(threads[i], 0);
- 
-   now= my_interval_timer() - now;
-- 
-2.20.1
diff --git a/main/mariadb/APKBUILD b/main/mariadb/APKBUILD
index 254550b0fe..caa6171ed1 100644
--- a/main/mariadb/APKBUILD
+++ b/main/mariadb/APKBUILD
@@ -5,10 +5,10 @@
 # Contributor: TBK <alpine@jjtc.eu>
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=mariadb
-pkgver=10.3.12
+pkgver=10.3.13
-pkgrel=2
+pkgrel=0
 pkgdesc="A fast SQL database server"
-url="http://www.mariadb.org"
+url="https://www.mariadb.org"
 pkgusers="mysql"
 pkggroups="mysql"
 arch="all"
@@ -40,16 +40,17 @@ fi
 source="https://downloads.mariadb.org/interstitial/mariadb-$pkgver/source/mariadb-$pkgver.tar.gz
        $pkgname.initd
        fix-c11-atomics-check.patch
-        fix-mysql-install-db-path.patch
        ppc-remove-glibc-dep.patch
        pcre.cmake.patch
-        0001-MDEV-18269-fix-off-by-one-bug-in-unittest.patch
        "
 # dbug test fails under rootbld
 #options="!check"
 builddir="$srcdir/$pkgname-$pkgver"
 # secfixes:
+#   10.3.13-r0:
+#     - CVE-2019-2510
+#     - CVE-2019-2537
 #   10.3.11-r0:
 #     - CVE-2018-3282
 #     - CVE-2016-9843
@@ -419,10 +420,8 @@ _plugin_rocksdb() {
                 "$subpkgdir"/usr/lib/mariadb/plugin/ha_rocksdb.so
 }
-sha512sums="9dd2939684c4591db306be6afb34663626dfaae133f88dd31125c759dce16b9e9d767a9254e30d9ee5fa2ea027e223dd4799effba8a8b0e4638d5de9e2512003  mariadb-10.3.12.tar.gz
+sha512sums="3cbd93291aa43b235e5b81d953ea69fb32df54fb518f922f69b5485952f01fae693c77b0efac37f414ed7ff132d3b58f899812bdb7be8a5b344c3640e2c3a0dd  mariadb-10.3.13.tar.gz
 06751768cb00d2e433655635c38d267ef25084a5830ff40e719ac579223c7192dc34b43f919ab6faf480094632327511cbd22456064dde2d04dc15648b9e3b9f  mariadb.initd
 b4469f2f0299e71c09b65c91373f2d72b7fe9a9cd58ad24737a78a8097473b29c32b7267e173a2dfe1158f2f7d40a7fb02fb1b35caeda44d16ae3b9e2602a75f  fix-c11-atomics-check.patch
-0c08198b907dad18c5a7ab89f37ff53da7cb102b0848fb58912900bd92468a0d4f853bc5c0116f655c500d5ed20dcbf20d3884dcd0040634e23c911dfeaf7001  fix-mysql-install-db-path.patch
 e9ae4613f1d8c5f0a59b39a3548c46e50674ae78e7457d0e64c49f7e1573125c13634bbce7e29179bb8865a423171f852f43b96f7ef95619a95f02edcfc71efd  ppc-remove-glibc-dep.patch
-70da971aa78815495098205bcbd28428430aa83c3f1050fec0231ca86af9d9def2d2108a48ee08d86812c8dc5ad8ab1ef4e17a49b4936ed5187ae0f6a7ef8f63  pcre.cmake.patch
+70da971aa78815495098205bcbd28428430aa83c3f1050fec0231ca86af9d9def2d2108a48ee08d86812c8dc5ad8ab1ef4e17a49b4936ed5187ae0f6a7ef8f63  pcre.cmake.patch"
-f203fe7d4ab2c54dba1219b7fe7fcc7d128256424441f45441b65f117da2fb3e217fb69561bb3891c4b8a3cbd6d7b98ee614242533b441f198e211dcf6c5b1d9  0001-MDEV-18269-fix-off-by-one-bug-in-unittest.patch"
diff --git a/main/mariadb/fix-mysql-install-db-path.patch b/main/mariadb/fix-mysql-install-db-path.patch
deleted file mode 100644
index cabb28711b..0000000000
--- a/main/mariadb/fix-mysql-install-db-path.patch
+++ /dev/null
@@ -1,41 +0,0 @@
-diff --git a/scripts/CMakeLists.txt b/scripts/CMakeLists.txt
-index 464c00d..d75874e 100644
--- a/scripts/CMakeLists.txt
-+++ b/scripts/CMakeLists.txt
-@@ -166,29 +166,13 @@ SET(HOSTNAME "hostname")
- SET(MYSQLD_USER "mysql")
- ENDIF(UNIX)
- 
-# Really ugly, one script, "mysql_install_db", needs prefix set to ".",
-# i.e. makes access relative the current directory. This matches
-# the documentation, so better not change this.
-
-IF(INSTALL_LAYOUT MATCHES "STANDALONE")
-  SET(prefix ".")
-  SET(bindir ${prefix}/${INSTALL_BINDIR})
-  SET(sbindir ${prefix}/${INSTALL_SBINDIR})
-  SET(scriptdir ${prefix}/${INSTALL_BINDIR})
-  SET(libexecdir ${prefix}/${INSTALL_SBINDIR})
-  SET(pkgdatadir ${prefix}/${INSTALL_MYSQLSHAREDIR})
-  SET(pkgplugindir ${prefix}/${INSTALL_PLUGINDIR})
-  SET(localstatedir ${prefix}/data)
-ELSE()
-  SET(prefix "${CMAKE_INSTALL_PREFIX}")
-  SET(bindir ${INSTALL_BINDIRABS})
-  SET(sbindir ${INSTALL_SBINDIRABS})
-  SET(scriptdir ${INSTALL_BINDIRABS})
-  SET(libexecdir ${INSTALL_SBINDIRABS})
-  SET(pkgdatadir ${INSTALL_MYSQLSHAREDIRABS})
-  SET(pkgplugindir ${INSTALL_PLUGINDIRABS})
-  SET(localstatedir ${MYSQL_DATADIR})
-ENDIF()
-+SET(prefix "${CMAKE_INSTALL_PREFIX}")
-+SET(bindir ${prefix}/${INSTALL_BINDIR})
-+SET(sbindir ${prefix}/${INSTALL_SBINDIR})
-+SET(scriptdir ${prefix}/${INSTALL_BINDIR})
-+SET(libexecdir ${prefix}/${INSTALL_SBINDIR})
-+SET(pkgdatadir ${prefix}/${INSTALL_MYSQLSHAREDIR})
-+SET(localstatedir ${MYSQL_DATADIR})
- 
- SET(resolveip_locations "$basedir/${INSTALL_BINDIR} $basedir/bin")
- SET(mysqld_locations "$basedir/${INSTALL_SBINDIR} $basedir/libexec $basedir/sbin $basedir/bin")
author	J0WI <J0WI@users.noreply.github.com>	2019-02-23 14:15:32 +0100
committer	Leonardo Arena <rnalrd@alpinelinux.org>	2019-02-26 13:00:08 +0000
commit	267ee53412691dbdd967dfd1497b45a3f711ccd1 (patch)
tree	7c4cb93ffe8031c1abbd17450d0149463a914823
parent	515346ba5122de9073f216f2cef10dbcc5c917a6 (diff)
download	alpine_aports-267ee53412691dbdd967dfd1497b45a3f711ccd1.tar.bz2 alpine_aports-267ee53412691dbdd967dfd1497b45a3f711ccd1.tar.xz alpine_aports-267ee53412691dbdd967dfd1497b45a3f711ccd1.zip

diff --git a/main/mariadb/0001-MDEV-18269-fix-off-by-one-bug-in-unittest.patch b/main/mariadb/0001-MDEV-18269-fix-off-by-one-bug-in-unittest.patch deleted file mode 100644 index d45bfa6f93..0000000000 --- a/main/mariadb/0001-MDEV-18269-fix-off-by-one-bug-in-unittest.patch +++ /dev/null
@@ -1,37 +0,0 @@
1	From ac84787559f95f717cecb444bab6c4c5f7293f3e Mon Sep 17 00:00:00 2001
2	From: Natanael Copa <ncopa@alpinelinux.org>
3	Date: Wed, 16 Jan 2019 14:28:37 +0000
4	Subject: [PATCH] MDEV-18269 - fix off-by-one bug in unittest
5
6	Fix the off-by-one overflow which was introduced with commit
7	b0fd06a6f2721 (MDEV-15670 - unit.my_atomic failed in buildbot with
8	Signal 11 thrown)
9	---
10	unittest/mysys/thr_template.c \| 4 ++--
11	1 file changed, 2 insertions(+), 2 deletions(-)
12
13	diff --git a/unittest/mysys/thr_template.c b/unittest/mysys/thr_template.c
14	index 3a57ed091e9..3606a253ae4 100644
15	--- a/unittest/mysys/thr_template.c
16	+++ b/unittest/mysys/thr_template.c
17	@@ -34,7 +34,7 @@ void test_concurrently(const char *test, pthread_handler handler, int n, int m)
18	bad= 0;
19
20	diag("Testing %s with %d threads, %d iterations... ", test, n, m);
21	- for (i= n; i; i--)
22	+ for (i= 0; i < n; i++)
23	{
24	if (pthread_create(&threads[i], 0, handler, &m) != 0)
25	{
26	@@ -43,7 +43,7 @@ void test_concurrently(const char *test, pthread_handler handler, int n, int m)
27	}
28	}
29
30	- for (i= n; i; i--)
31	+ for (i= 0; i < n; i++)
32	pthread_join(threads[i], 0);
33
34	now= my_interval_timer() - now;
35	--
36	2.20.1
37


diff --git a/main/mariadb/APKBUILD b/main/mariadb/APKBUILD index 254550b0fe..caa6171ed1 100644 --- a/main/mariadb/APKBUILD +++ b/main/mariadb/APKBUILD
@@ -5,10 +5,10 @@
5	# Contributor: TBK <alpine@jjtc.eu>	5	# Contributor: TBK <alpine@jjtc.eu>
6	# Maintainer: Natanael Copa <ncopa@alpinelinux.org>	6	# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
7	pkgname=mariadb	7	pkgname=mariadb
8	pkgver=10.3.12	8	pkgver=10.3.13
9	pkgrel=2	9	pkgrel=0
10	pkgdesc="A fast SQL database server"	10	pkgdesc="A fast SQL database server"
11	url="http://www.mariadb.org"	11	url="https://www.mariadb.org"
12	pkgusers="mysql"	12	pkgusers="mysql"
13	pkggroups="mysql"	13	pkggroups="mysql"
14	arch="all"	14	arch="all"
@@ -40,16 +40,17 @@ fi
40	source="https://downloads.mariadb.org/interstitial/mariadb-$pkgver/source/mariadb-$pkgver.tar.gz	40	source="https://downloads.mariadb.org/interstitial/mariadb-$pkgver/source/mariadb-$pkgver.tar.gz
41	$pkgname.initd	41	$pkgname.initd
42	fix-c11-atomics-check.patch	42	fix-c11-atomics-check.patch
43	fix-mysql-install-db-path.patch
44	ppc-remove-glibc-dep.patch	43	ppc-remove-glibc-dep.patch
45	pcre.cmake.patch	44	pcre.cmake.patch
46	0001-MDEV-18269-fix-off-by-one-bug-in-unittest.patch
47	"	45	"
48	# dbug test fails under rootbld	46	# dbug test fails under rootbld
49	#options="!check"	47	#options="!check"
50	builddir="$srcdir/$pkgname-$pkgver"	48	builddir="$srcdir/$pkgname-$pkgver"
51		49
52	# secfixes:	50	# secfixes:
		51	# 10.3.13-r0:
		52	# - CVE-2019-2510
		53	# - CVE-2019-2537
53	# 10.3.11-r0:	54	# 10.3.11-r0:
54	# - CVE-2018-3282	55	# - CVE-2018-3282
55	# - CVE-2016-9843	56	# - CVE-2016-9843
@@ -419,10 +420,8 @@ _plugin_rocksdb() {
419	"$subpkgdir"/usr/lib/mariadb/plugin/ha_rocksdb.so	420	"$subpkgdir"/usr/lib/mariadb/plugin/ha_rocksdb.so
420	}	421	}
421		422
422	sha512sums="9dd2939684c4591db306be6afb34663626dfaae133f88dd31125c759dce16b9e9d767a9254e30d9ee5fa2ea027e223dd4799effba8a8b0e4638d5de9e2512003 mariadb-10.3.12.tar.gz	423	sha512sums="3cbd93291aa43b235e5b81d953ea69fb32df54fb518f922f69b5485952f01fae693c77b0efac37f414ed7ff132d3b58f899812bdb7be8a5b344c3640e2c3a0dd mariadb-10.3.13.tar.gz
423	06751768cb00d2e433655635c38d267ef25084a5830ff40e719ac579223c7192dc34b43f919ab6faf480094632327511cbd22456064dde2d04dc15648b9e3b9f mariadb.initd	424	06751768cb00d2e433655635c38d267ef25084a5830ff40e719ac579223c7192dc34b43f919ab6faf480094632327511cbd22456064dde2d04dc15648b9e3b9f mariadb.initd
424	b4469f2f0299e71c09b65c91373f2d72b7fe9a9cd58ad24737a78a8097473b29c32b7267e173a2dfe1158f2f7d40a7fb02fb1b35caeda44d16ae3b9e2602a75f fix-c11-atomics-check.patch	425	b4469f2f0299e71c09b65c91373f2d72b7fe9a9cd58ad24737a78a8097473b29c32b7267e173a2dfe1158f2f7d40a7fb02fb1b35caeda44d16ae3b9e2602a75f fix-c11-atomics-check.patch
425	0c08198b907dad18c5a7ab89f37ff53da7cb102b0848fb58912900bd92468a0d4f853bc5c0116f655c500d5ed20dcbf20d3884dcd0040634e23c911dfeaf7001 fix-mysql-install-db-path.patch
426	e9ae4613f1d8c5f0a59b39a3548c46e50674ae78e7457d0e64c49f7e1573125c13634bbce7e29179bb8865a423171f852f43b96f7ef95619a95f02edcfc71efd ppc-remove-glibc-dep.patch	426	e9ae4613f1d8c5f0a59b39a3548c46e50674ae78e7457d0e64c49f7e1573125c13634bbce7e29179bb8865a423171f852f43b96f7ef95619a95f02edcfc71efd ppc-remove-glibc-dep.patch
427	70da971aa78815495098205bcbd28428430aa83c3f1050fec0231ca86af9d9def2d2108a48ee08d86812c8dc5ad8ab1ef4e17a49b4936ed5187ae0f6a7ef8f63 pcre.cmake.patch	427	70da971aa78815495098205bcbd28428430aa83c3f1050fec0231ca86af9d9def2d2108a48ee08d86812c8dc5ad8ab1ef4e17a49b4936ed5187ae0f6a7ef8f63 pcre.cmake.patch"
428	f203fe7d4ab2c54dba1219b7fe7fcc7d128256424441f45441b65f117da2fb3e217fb69561bb3891c4b8a3cbd6d7b98ee614242533b441f198e211dcf6c5b1d9 0001-MDEV-18269-fix-off-by-one-bug-in-unittest.patch"


diff --git a/main/mariadb/fix-mysql-install-db-path.patch b/main/mariadb/fix-mysql-install-db-path.patch deleted file mode 100644 index cabb28711b..0000000000 --- a/main/mariadb/fix-mysql-install-db-path.patch +++ /dev/null
@@ -1,41 +0,0 @@
1	diff --git a/scripts/CMakeLists.txt b/scripts/CMakeLists.txt
2	index 464c00d..d75874e 100644
3	--- a/scripts/CMakeLists.txt
4	+++ b/scripts/CMakeLists.txt
5	@@ -166,29 +166,13 @@ SET(HOSTNAME "hostname")
6	SET(MYSQLD_USER "mysql")
7	ENDIF(UNIX)
8
9	-# Really ugly, one script, "mysql_install_db", needs prefix set to ".",
10	-# i.e. makes access relative the current directory. This matches
11	-# the documentation, so better not change this.
12	-
13	-IF(INSTALL_LAYOUT MATCHES "STANDALONE")
14	- SET(prefix ".")
15	- SET(bindir ${prefix}/${INSTALL_BINDIR})
16	- SET(sbindir ${prefix}/${INSTALL_SBINDIR})
17	- SET(scriptdir ${prefix}/${INSTALL_BINDIR})
18	- SET(libexecdir ${prefix}/${INSTALL_SBINDIR})
19	- SET(pkgdatadir ${prefix}/${INSTALL_MYSQLSHAREDIR})
20	- SET(pkgplugindir ${prefix}/${INSTALL_PLUGINDIR})
21	- SET(localstatedir ${prefix}/data)
22	-ELSE()
23	- SET(prefix "${CMAKE_INSTALL_PREFIX}")
24	- SET(bindir ${INSTALL_BINDIRABS})
25	- SET(sbindir ${INSTALL_SBINDIRABS})
26	- SET(scriptdir ${INSTALL_BINDIRABS})
27	- SET(libexecdir ${INSTALL_SBINDIRABS})
28	- SET(pkgdatadir ${INSTALL_MYSQLSHAREDIRABS})
29	- SET(pkgplugindir ${INSTALL_PLUGINDIRABS})
30	- SET(localstatedir ${MYSQL_DATADIR})
31	-ENDIF()
32	+SET(prefix "${CMAKE_INSTALL_PREFIX}")
33	+SET(bindir ${prefix}/${INSTALL_BINDIR})
34	+SET(sbindir ${prefix}/${INSTALL_SBINDIR})
35	+SET(scriptdir ${prefix}/${INSTALL_BINDIR})
36	+SET(libexecdir ${prefix}/${INSTALL_SBINDIR})
37	+SET(pkgdatadir ${prefix}/${INSTALL_MYSQLSHAREDIR})
38	+SET(localstatedir ${MYSQL_DATADIR})
39
40	SET(resolveip_locations "$basedir/${INSTALL_BINDIR} $basedir/bin")
41	SET(mysqld_locations "$basedir/${INSTALL_SBINDIR} $basedir/libexec $basedir/sbin $basedir/bin")