Git-Url:
http://git.frugalware.org/gitweb/gitweb.cgi?p=frugalware-0.7.git;a=commitdiff;h=0008e4d0b750e6a3aef6ede76058cbb4ad179562
commit 0008e4d0b750e6a3aef6ede76058cbb4ad179562
Author: voroskoi <[EMAIL PROTECTED]>
Date: Tue Nov 27 23:14:32 2007 +0100
mysql-5.0.45-2sayshell1-x86_64
secfix relbump, closes #2577
diff --git a/source/apps-extra/mysql/CVE-2007-5925.patch
b/source/apps-extra/mysql/CVE-2007-5925.patch
new file mode 100644
index 0000000..1338e28
--- /dev/null
+++ b/source/apps-extra/mysql/CVE-2007-5925.patch
@@ -0,0 +1,112 @@
+diff -ru old/innobase/include/db0err.h new/innobase/include/db0err.h
+--- old/innobase/include/db0err.h 2007-07-04 16:06:59.000000000 +0300
++++ new/innobase/include/db0err.h 2007-11-15 10:23:51.000000000 +0200
+@@ -57,6 +57,18 @@
+ buffer pool (for big transactions,
+ InnoDB stores the lock structs in the
+ buffer pool) */
++#define DB_FOREIGN_DUPLICATE_KEY 46 /* foreign key constraints
++ activated by the operation would
++ lead to a duplicate key in some
++ table */
++#define DB_TOO_MANY_CONCURRENT_TRXS 47 /* when InnoDB runs out of the
++ preconfigured undo slots, this can
++ only happen when there are too many
++ concurrent transactions */
++#define DB_UNSUPPORTED 48 /* when InnoDB sees any
artefact or
++ a feature that it can't recoginize or
++ work with e.g., FT indexes created by
++ a later version of the engine. */
+
+ /* The following are partial failure codes */
+ #define DB_FAIL 1000
+diff -ru old/innobase/include/page0cur.h new/innobase/include/page0cur.h
+--- old/innobase/include/page0cur.h 2007-07-04 16:06:10.000000000 +0300
++++ new/innobase/include/page0cur.h 2007-11-15 10:23:51.000000000 +0200
+@@ -22,6 +22,7 @@
+
+ /* Page cursor search modes; the values must be in this order! */
+
++#define PAGE_CUR_UNSUPP 0
+ #define PAGE_CUR_G 1
+ #define PAGE_CUR_GE 2
+ #define PAGE_CUR_L 3
+diff -ru old/sql/ha_innodb.cc new/sql/ha_innodb.cc
+--- old/sql/ha_innodb.cc 2007-07-04 16:06:48.000000000 +0300
++++ new/sql/ha_innodb.cc 2007-11-15 10:25:55.000000000 +0200
+@@ -526,6 +526,9 @@
+ }
+
+ return(HA_ERR_LOCK_TABLE_FULL);
++ } else if (error == DB_UNSUPPORTED) {
++
++ return(HA_ERR_UNSUPPORTED);
+ } else {
+ return(-1); // Unknown error
+ }
+@@ -3689,11 +3692,21 @@
+ and comparison of non-latin1 char type fields in
+ innobase_mysql_cmp() to get PAGE_CUR_LE_OR_EXTENDS to
+ work correctly. */
+-
+- default: assert(0);
++ case HA_READ_MBR_CONTAIN:
++ case HA_READ_MBR_INTERSECT:
++ case HA_READ_MBR_WITHIN:
++ case HA_READ_MBR_DISJOINT:
++ my_error(ER_TABLE_CANT_HANDLE_SPKEYS, MYF(0));
++ return(PAGE_CUR_UNSUPP);
++ /* do not use "default:" in order to produce a gcc warning:
++ enumeration value '...' not handled in switch
++ (if -Wswitch or -Wall is used)
++ */
+ }
+
+- return(0);
++ my_error(ER_CHECK_NOT_IMPLEMENTED, MYF(0), "this functionality");
++
++ return(PAGE_CUR_UNSUPP);
+ }
+
+ /*
+@@ -3831,11 +3844,18 @@
+
+ last_match_mode = (uint) match_mode;
+
+- innodb_srv_conc_enter_innodb(prebuilt->trx);
++ if (mode != PAGE_CUR_UNSUPP) {
+
+- ret = row_search_for_mysql((byte*) buf, mode, prebuilt, match_mode, 0);
++ innodb_srv_conc_enter_innodb(prebuilt->trx);
+
+- innodb_srv_conc_exit_innodb(prebuilt->trx);
++ ret = row_search_for_mysql((byte*) buf, mode, prebuilt,
++ match_mode, 0);
++
++ innodb_srv_conc_exit_innodb(prebuilt->trx);
++ } else {
++
++ ret = DB_UNSUPPORTED;
++ }
+
+ if (ret == DB_SUCCESS) {
+ error = 0;
+@@ -5150,8 +5170,16 @@
+ mode2 = convert_search_mode_to_innobase(max_key ? max_key->flag :
+ HA_READ_KEY_EXACT);
+
+- n_rows = btr_estimate_n_rows_in_range(index, range_start,
+- mode1, range_end, mode2);
++ if (mode1 != PAGE_CUR_UNSUPP && mode2 != PAGE_CUR_UNSUPP) {
++
++ n_rows = btr_estimate_n_rows_in_range(index, range_start,
++ mode1, range_end,
++ mode2);
++ } else {
++
++ n_rows = 0;
++ }
++
+ dtuple_free_for_mysql(heap1);
+ dtuple_free_for_mysql(heap2);
+
diff --git a/source/apps-extra/mysql/FrugalBuild
b/source/apps-extra/mysql/FrugalBuild
index 45a6c35..5af4482 100644
--- a/source/apps-extra/mysql/FrugalBuild
+++ b/source/apps-extra/mysql/FrugalBuild
@@ -3,7 +3,7 @@
pkgname=mysql
pkgver=5.0.45
-pkgrel=1
+pkgrel=2sayshell1
extrapkgver=
pkgdesc="A fast SQL database server"
url="http://www.mysql.com/";
@@ -15,8 +15,8 @@ groups=('apps-extra')
archs=('i686' 'x86_64')
up2date="lynx -dump http://dev.mysql.com/|grep 'Generally Available'|sed 's/.*
\([0-9.]*\) .*/\1/;s/$extrapkgver//;q'"
mirror="http://mysql.mirrors.crysys.hit.bme.hu/";
-source=($mirror/Downloads/MySQL-5.0/$pkgname-$pkgver$extrapkgver.tar.gz
rc.mysqld my.cnf)
-signatures=("${source[0]}.asc" '' '')
+source=($mirror/Downloads/MySQL-5.0/$pkgname-$pkgver$extrapkgver.tar.gz
rc.mysqld my.cnf CVE-2007-5925.patch)
+signatures=("${source[0]}.asc" '' '' '')
subpkgs=('libmysqlclient')
subdescs=('MySQL client library.')
_______________________________________________
Frugalware-git mailing list
Frugalware-git@frugalware.org
http://frugalware.org/mailman/listinfo/frugalware-git
