Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package mariadb for openSUSE:Factory checked in at 2022-02-23 16:25:57 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/mariadb (Old) and /work/SRC/openSUSE:Factory/.mariadb.new.1958 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "mariadb" Wed Feb 23 16:25:57 2022 rev:122 rq:956844 version:10.7.3 Changes: -------- --- /work/SRC/openSUSE:Factory/mariadb/mariadb.changes 2022-01-05 13:39:05.033494030 +0100 +++ /work/SRC/openSUSE:Factory/.mariadb.new.1958/mariadb.changes 2022-02-23 16:26:37.943509222 +0100 @@ -1,0 +2,37 @@ +Wed Feb 16 09:59:08 UTC 2022 - Danilo Spinella <danilo.spine...@suse.com> + +- Update to 10.7.3 (bsc#1196016): + * release notes and changelog: + https://mariadb.com/kb/en/library/mariadb-1073-release-notes + https://mariadb.com/kb/en/library/mariadb-1073-changelog + https://mariadb.com/kb/en/library/mariadb-1072-release-notes + https://mariadb.com/kb/en/library/mariadb-1072-changelog + https://mariadb.com/kb/en/library/mariadb-1071-release-notes + https://mariadb.com/kb/en/library/mariadb-1071-changelog + https://mariadb.com/kb/en/library/mariadb-1070-release-notes + https://mariadb.com/kb/en/library/mariadb-1070-changelog + * fixes for the following security vulnerabilities: + 10.7.3: CVE-2021-46665 + CVE-2021-46664 + CVE-2021-46661 + CVE-2021-46668 + CVE-2021-46663 + 10.7.2: CVE-2022-24052 + CVE-2022-24051 + CVE-2022-24050 + CVE-2022-24048 + CVE-2021-46659, bsc#1195339 + 10.7.1: none + 10.7.0: none +- Remove upstreamed patches: + * mariadb-10.0.15-logrotate-su.patch + * mariadb-10.1.1-mysqld_multi-features.patch +- Refresh mariadb-10.2.4-logrotate.patch +- Update list of skipped tests +- Add bsc1194828.patch to fix build with GCC12, fixes bsc#1194828 +- The following issues have already been fixed in this package but weren't + previously mentioned in the changes file: + CVE-2021-46658, bsc#1195334 + CVE-2021-46657, bsc#1195325 + +------------------------------------------------------------------- Old: ---- mariadb-10.0.15-logrotate-su.patch mariadb-10.1.1-mysqld_multi-features.patch mariadb-10.6.5.tar.gz mariadb-10.6.5.tar.gz.asc New: ---- bsc1194828.patch mariadb-10.7.3.tar.gz mariadb-10.7.3.tar.gz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ mariadb.spec ++++++ --- /var/tmp/diff_new_pack.K4Xgcb/_old 2022-02-23 16:26:39.063509262 +0100 +++ /var/tmp/diff_new_pack.K4Xgcb/_new 2022-02-23 16:26:39.067509262 +0100 @@ -1,7 +1,7 @@ # # spec file for package mariadb # -# Copyright (c) 2021 SUSE LLC +# Copyright (c) 2022 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -52,7 +52,7 @@ # Build with cracklib plugin when cracklib-dict-full >= 2.9.0 is available %define with_cracklib_plugin 0 Name: mariadb -Version: 10.6.5 +Version: 10.7.3 Release: 0 Summary: Server part of MariaDB License: SUSE-GPL-2.0-with-FLOSS-exception @@ -75,13 +75,13 @@ Source51: mariadb-rpmlintrc Source52: series Patch1: mariadb-10.2.4-logrotate.patch -Patch2: mariadb-10.1.1-mysqld_multi-features.patch -Patch3: mariadb-10.0.15-logrotate-su.patch Patch4: mariadb-10.2.4-fortify-and-O.patch Patch6: mariadb-10.4.12-harden_setuid.patch Patch7: mariadb-10.4.12-fix-install-db.patch Patch9: func_math_tests_MDEV-26645.diff Patch10: fix-pamdir.patch +# PATCH-FIX-UPSTREAM danilo.spine...@suse.com bsc#1194828 MDEV-26645 +Patch11: bsc1194828.patch # needed for bison SQL parser and wsrep API BuildRequires: bison BuildRequires: cmake @@ -137,6 +137,7 @@ BuildRequires: perl(Time::HiRes) # Do not ever switch away from BuildRequires: pkgconfig(libsystemd); BuildRequires systemd/systemd-devel causes build cycles BuildRequires: pkgconfig(libsystemd) +BuildRequires: pkgconfig(fmt) #!BuildIgnore: user(mysql) # Required by rcmysql Requires: %{name}-client @@ -354,8 +355,6 @@ # Remove JAR files from the tarball (used for testing from the source) find . -name "*.jar" -type f -exec rm --verbose -f {} \; %patch1 -%patch2 -%patch3 %patch4 %patch6 -p1 %patch7 -p1 @@ -368,6 +367,7 @@ %if 0%{?suse_version} > 1500 %patch10 -p1 %endif +%patch11 -p1 cp %{_sourcedir}/suse-test-run . ++++++ _constraints ++++++ --- /var/tmp/diff_new_pack.K4Xgcb/_old 2022-02-23 16:26:39.147509265 +0100 +++ /var/tmp/diff_new_pack.K4Xgcb/_new 2022-02-23 16:26:39.151509265 +0100 @@ -14,6 +14,7 @@ <arch>x86_64</arch> <arch>aarch64</arch> <arch>ppc64le</arch> + <arch>ppc</arch> </conditions> <hardware> <physicalmemory> ++++++ bsc1194828.patch ++++++ >From b69191bbb2278fce92b470e8e3abafe048166e39 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marko=20M=C3=A4kel=C3=A4?= <marko.mak...@mariadb.com> Date: Fri, 18 Feb 2022 16:31:54 +0200 Subject: [PATCH] MDEV-26645: Fix UB in Item_func_plus and Item_func_minus An integer overflow in an expression like a+b or a-b is undefined behavior. The compiler is allowed to assume that no such overflow is possible, and optimize away some code accordingly. Item_func_plus::int_op(), Item_func_minus::int_op(): Always check for overflow. Depending on the compiler and the compilation options, a test might fail: CURRENT_TEST: main.func_math mysqltest: At line 425: query 'SELECT 9223372036854775807 + 9223372036854775807' succeeded - should have failed with errno 1690... A similar bug had been fixed earlier in commit 328edf8560dbf1941ce314fa112e0db05d9f97f1. --- sql/item_func.cc | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-) diff --git a/sql/item_func.cc b/sql/item_func.cc index 60efc55d8785c..452bc74cc8215 100644 --- a/sql/item_func.cc +++ b/sql/item_func.cc @@ -1,5 +1,5 @@ /* Copyright (c) 2000, 2015, Oracle and/or its affiliates. - Copyright (c) 2009, 2021, MariaDB + Copyright (c) 2009, 2022, MariaDB This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -1163,14 +1163,10 @@ longlong Item_func_plus::int_op() } } -#ifndef WITH_UBSAN - res= val0 + val1; -#else if (res_unsigned) res= (longlong) ((ulonglong) val0 + (ulonglong) val1); else - res= val0+val1; -#endif /* WITH_UBSAN */ + res= val0 + val1; return check_integer_overflow(res, res_unsigned); @@ -1333,14 +1329,10 @@ longlong Item_func_minus::int_op() goto err; } } -#ifndef WITH_UBSAN - res= val0 - val1; -#else if (res_unsigned) res= (longlong) ((ulonglong) val0 - (ulonglong) val1); else res= val0 - val1; -#endif /* WITH_UBSAN */ return check_integer_overflow(res, res_unsigned); ++++++ mariadb-10.2.4-logrotate.patch ++++++ --- /var/tmp/diff_new_pack.K4Xgcb/_old 2022-02-23 16:26:39.207509267 +0100 +++ /var/tmp/diff_new_pack.K4Xgcb/_new 2022-02-23 16:26:39.211509267 +0100 @@ -16,8 +16,8 @@ -@localstatedir@/mysqld.log { +/var/log/mysql/*.log { # create 600 mysql mysql + su mysql mysql notifempty - daily @@ -32,6 +32,14 @@ then @bindir@/mysqladmin --local flush-error-log \ ++++++ mariadb-10.6.5.tar.gz -> mariadb-10.7.3.tar.gz ++++++ /work/SRC/openSUSE:Factory/mariadb/mariadb-10.6.5.tar.gz /work/SRC/openSUSE:Factory/.mariadb.new.1958/mariadb-10.7.3.tar.gz differ: char 5, line 1 ++++++ suse_skipped_tests.list ++++++ --- /var/tmp/diff_new_pack.K4Xgcb/_old 2022-02-23 16:26:39.399509274 +0100 +++ /var/tmp/diff_new_pack.K4Xgcb/_new 2022-02-23 16:26:39.403509274 +0100 @@ -71,3 +71,13 @@ sys_vars.profiling_history_size_basic : since 10.5.8 - x86_64 sys_vars.old_alter_table_basic : since 10.5.8 - x86_64 +roles.acl_statistics : since 10.7.3 - x86_64 +main.stat_tables_innodb : since 10.7.3 - x86_64 +main.stat_tables : since 10.7.3 - x86_64 +plugins.feedback_plugin_load : since 10.7.3 - x86_64 +main.explain_non_select : since 10.7.3 - x86_64 +main.selectivity_no_engine : since 10.7.3 - x86_64 +main.mysql_upgrade : since 10.7.3 - x86_64 +perfschema.privilege_table_io : since 10.7.3 - x86_64 + +
