Bug 56703

Summary: [Maintainer Update] Port: MySQL 4.0.15 (Security Fix)
Product: Ports & Packages Reporter: Alex Dupre <sysadmin>
Component: Individual Port(s)Assignee: Peter Pentchev <roam>
Status: Closed FIXED    
Severity: Affects Only Me CC: nork
Priority: Normal    
Version: Latest   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
mysql40.diff none

Description Alex Dupre 2003-09-11 15:20:10 UTC
Update to 4.0.15 release.
Fix exploitable buffer overflow (maybe we can ignore the port freeze (?)).
Whitespace fix.
Check OVERWRITE_DB is not set to "no", when defined.
Comment 1 Peter Pentchev 2003-09-11 15:38:03 UTC
On Thu, Sep 11, 2003 at 04:11:38PM +0200, Alex Dupre wrote:
[snip]
> Check OVERWRITE_DB is not set to "no", when defined.
[snip]
>  post-install:
>  .if !defined(PACKAGE_BUILDING)
> -.if exists(${DB_DIR}) && defined(OVERWRITE_DB)
> +.if exists(${DB_DIR}) && defined(OVERWRITE_DB) && ${OVERWRITE_DB} != "no"
>  	@${RM} -r ${DB_DIR}/mysql ${DB_DIR}/test 2>/dev/null || true
>  .endif
> -.if !exists(${DB_DIR}) || defined(OVERWRITE_DB)
> +.if !exists(${DB_DIR}) || (defined(OVERWRITE_DB) && ${OVERWRITE_DB} != "no")

Do you think we should change those to ${OVERWRITE_DB:L} to also catch
the OVERWRITE_DB=NO case?

G'luck,
Peter

-- 
Peter Pentchev	roam@ringlet.net    roam@sbnd.net    roam@FreeBSD.org
PGP key:	http://people.FreeBSD.org/~roam/roam.key.asc
Key fingerprint	FDBA FD79 C26F 3C51 C95E  DF9E ED18 B68D 1619 4553
This sentence every third, but it still comprehensible.
Comment 2 Peter Pentchev freebsd_committer freebsd_triage 2003-09-11 15:51:34 UTC
State Changed
From-To: open->analyzed

I'll try to sneak this in during the freeze. 
Thanks for the quick reaction - I was actually about to send you 
an email with pretty much the same patch, when I saw your PR :) 


Comment 3 Peter Pentchev freebsd_committer freebsd_triage 2003-09-11 15:51:34 UTC
Responsible Changed
From-To: freebsd-ports-bugs->roam

I'll take care of this and request portmgr's approval.
Comment 4 Alex Dupre 2003-09-11 16:09:29 UTC
Thursday, September 11, 2003, 4:38:03 PM, you wrote:

PP> Do you think we should change those to ${OVERWRITE_DB:L} to also catch
PP> the OVERWRITE_DB=NO case?

Yes, good catch.

-- 
Alex Dupre                             sysadmin@alexdupre.com
http://www.alexdupre.com/              alex@sm.FreeBSD.org

Today's excuse: Only people with names beginning with 'A' are getting mail this week (a la Microsoft)
Comment 5 Alex Dupre 2003-09-20 10:43:52 UTC
Since mysql 3.23 has been committed and approved by portsmgr, I cannot
see a reason to delay the commit of mysql 4.0 :-)

-- 
Alex Dupre                             sysadmin@alexdupre.com
http://www.alexdupre.com/              alex@sm.FreeBSD.org

Today's excuse: We need a licensed electrician to replace the light bulbs in the computer room.
Comment 6 Alex Dupre 2003-09-22 09:12:01 UTC
Monday, September 22, 2003, 5:42:59 AM, you wrote:

EG> On MySQL home page, current production release shown as 4.0.15a, is it possible to update to that before committing?

No relevant changes for FreeBSD in that sub-release.

-- 
Alex Dupre                             sysadmin@alexdupre.com
http://www.alexdupre.com/              alex@sm.FreeBSD.org

Today's excuse: Failure to adjust for daylight savings time.
Comment 7 Peter Pentchev freebsd_committer freebsd_triage 2003-09-23 15:38:20 UTC
State Changed
From-To: analyzed->closed

Update to 4.0.15 committed, thanks!