Bug 229860 - databases/mysql57-server: Update to 5.7.23 (Fixes multiple CVE's)
Summary: databases/mysql57-server: Update to 5.7.23 (Fixes multiple CVE's)
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Many People
Assignee: Ports Security Team
URL: http://www.oracle.com/technetwork/sec...
Keywords: needs-qa, security
Depends on:
Blocks:
 
Reported: 2018-07-18 13:27 UTC by Markus Kohlmeyer
Modified: 2018-08-14 14:47 UTC (History)
4 users (show)

See Also:
mmokhi: maintainer-feedback+
mmokhi: maintainer-feedback+
mmokhi: merge-quarterly+


Attachments
Update to 5.7.23 (733 bytes, patch)
2018-08-06 07:57 UTC, Dani
no flags Details | Diff
Update to 5.7.23 (962 bytes, patch)
2018-08-06 08:27 UTC, Dani
i.dani: maintainer-approval? (ports-secteam)
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Markus Kohlmeyer 2018-07-18 13:27:05 UTC
Oracle Critical Patch Update Advisory - July 2018
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html#AppendixMSQL
Comment 1 Markus Kohlmeyer 2018-07-29 20:32:46 UTC
Just a heads up: Release is on mirrors for some time now.
Comment 2 Dani 2018-07-31 12:55:43 UTC
Bump..
Comment 3 Dani 2018-08-06 07:57:26 UTC
Created attachment 195939 [details]
Update to 5.7.23

Update to 5.7.23
  - This update includes fixes for multiple CVEs
  - http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html#AppendixMSQL
Comment 4 Dani 2018-08-06 08:27:42 UTC
Created attachment 195941 [details]
Update to 5.7.23

Update to 5.7.23
  - This update includes fixes for multiple CVEs
  - http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html#AppendixMSQL
Comment 5 Kubilay Kocak freebsd_committer freebsd_triage 2018-08-06 09:40:56 UTC
I believe Madhi (mmokhi) is away on holiday or otherwise AFK.

This change needs to be QA'd fairly thoroughly, at least on all supported FreeBSD version/arch combinations.

Also, this requires a VuXML update.

Over to ports-secteam to coordinate landing this, or re-assign as necessary
Comment 6 Bernard Spil freebsd_committer 2018-08-09 22:12:52 UTC
The vuxml entry I've done as part of the MariaDB updates I've processed sofar.

Not sure how to progress on MySQL but I could give it a whirl...
Comment 7 Bernard Spil freebsd_committer 2018-08-10 11:27:31 UTC
Darn. Redid the patch from Dani... Confirm that that is all that's needed. Ran bulk builds on vanilla FreeBSD 10.4, 11.1, 11.2 amd64 and i386

https://keg.brnrd.eu/build.html?mastername=111amd64-default&build=2018-08-10_09h50m28s
https://keg.brnrd.eu/build.html?mastername=111i386-default&build=2018-08-10_09h56m51s
https://keg.brnrd.eu/build.html?mastername=112amd64-default&build=2018-08-10_10h02m57s
https://keg.brnrd.eu/build.html?mastername=104amd64-default&build=2018-08-10_10h09m35s
https://keg.brnrd.eu/build.html?mastername=104i386-default&build=2018-08-10_10h15m01s

Happy to commit this, if someone checks runtime with the patch!

```
databases/mysql57-server: Security update to 5.7.23

PR: 229860
Reported by: Markus Kohlmeyer <rootservice gmail com>
Submitted by: <i dani outlook com>
Security: 909be51b-9b3b-11e8-add2-b499baebfeaf.html
```
Comment 8 Markus Kohlmeyer 2018-08-10 12:25:56 UTC
One hour runtime without problems.
Comment 9 commit-hook freebsd_committer 2018-08-10 21:45:59 UTC
A commit references this bug:

Author: mmokhi
Date: Fri Aug 10 21:45:09 UTC 2018
New revision: 476852
URL: https://svnweb.freebsd.org/changeset/ports/476852

Log:
  mysql57-{client, server}: Update ports to 5.7.23
  This update includes Oracle Critical Patch Advisory published on July 2018
  More info:
  http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html#AppendixMSQL

  PR:		229860
  Submitted by:	Dani <i.dani@outlook.com<
  Reported by:	Markus Kohlmeyer <rootservice@gmail.com>
  Reviewed by:	brnrd , koobs
  Sponsored by:	The FreeBSD Foundation

Changes:
  head/databases/mysql57-client/Makefile
  head/databases/mysql57-server/Makefile
  head/databases/mysql57-server/distinfo
Comment 10 Mahdi Mokhtari freebsd_committer freebsd_triage 2018-08-10 21:49:29 UTC
Hey folks,
1st sorry for my horrible delay on reacting for this, was heavily AFK due relocation ``:D 
Thanks to you all for patching, testing and even poking me ``:D

Again, forgive me for delay.
bests,
Comment 11 commit-hook freebsd_committer 2018-08-14 14:21:35 UTC
A commit references this bug:

Author: mmokhi
Date: Tue Aug 14 14:20:30 UTC 2018
New revision: 477157
URL: https://svnweb.freebsd.org/changeset/ports/477157

Log:
  MFH: r476852 r476934

  mysql57-{client, server}: Update ports to 5.7.23
  This update includes Oracle Critical Patch Advisory published on July 2018
  More info:
  http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html#AppendixMSQL

  PR:		229860
  Submitted by:	Dani <i.dani@outlook.com<
  Reported by:	Markus Kohlmeyer <rootservice@gmail.com>
  Reviewed by:	brnrd , koobs
  Sponsored by:	The FreeBSD Foundation

  mysql57-server: Fix build with LibreSSL 2.7

  PR:		230527
  Submitted by:	Markus Kohlmeyer <rootservice@gmail.com>
  Reported by:	Markus Kohlmeyer <rootservice@gmail.com>
  Sponsored by:	The FreeBSD Foundation

  Approved by:	ports-secteam (feld)

Changes:
_U  branches/2018Q3/
  branches/2018Q3/databases/mysql57-client/Makefile
  branches/2018Q3/databases/mysql57-server/Makefile
  branches/2018Q3/databases/mysql57-server/distinfo
  branches/2018Q3/databases/mysql57-server/files/patch-sql_mysqld.cc