Bug 239571 - databases/mysql55-server databases/mysql56-server databases/mysql57-server databases/mysql80-server - security fixes
Summary: databases/mysql55-server databases/mysql56-server databases/mysql57-server da...
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Many People
Assignee: Mahdi Mokhtari
URL: https://www.oracle.com/technetwork/se...
Keywords: needs-patch, security
Depends on:
Blocks:
 
Reported: 2019-08-01 08:16 UTC by Sergey N. Voronkov
Modified: 2019-09-20 07:15 UTC (History)
6 users (show)

See Also:
snvoronkov: maintainer-feedback+
joneum: merge-quarterly+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Comment 1 Greg Veldman 2019-08-01 15:35:22 UTC
Patches for 5.7 are in bug 239271, I didn't see this one until just now.  I'll see if I can work up patches for the other supported versions in the next day or two, unless someone beats me to it...

Meanwhile, since this is security related, if the patches in the other bug look good can a committer get them committed?
Comment 2 Greg Veldman 2019-08-01 15:36:19 UTC
Tagging ports-secteam@...
Comment 3 commit-hook freebsd_committer 2019-08-05 23:22:19 UTC
A commit references this bug:

Author: mmokhi
Date: Mon Aug  5 23:21:26 UTC 2019
New revision: 508218
URL: https://svnweb.freebsd.org/changeset/ports/508218

Log:
  databases/mysq56-{client, server}: Update to 5.6.45

  This update includes security fixes which are
  mentioned on upstream critical patch report.
  Further info:
  https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html#AppendixMSQL

  PR:		239571
  Reported by:	serg@tmn.ru
  Sponsored by:	Platform.sh

Changes:
  head/databases/mysql56-client/files/patch-sql-common_client__authentication.cc
  head/databases/mysql56-server/Makefile
  head/databases/mysql56-server/distinfo
  head/databases/mysql56-server/files/patch-sql-common_client__authentication.cc
Comment 4 Jochen Neumeister freebsd_committer 2019-08-19 18:02:41 UTC
There are a lot of CVE, Pls Add a vuxml, after that, Approved for 2019Q3
Comment 5 Mahdi Mokhtari freebsd_committer freebsd_triage 2019-08-19 23:58:20 UTC
(In reply to Jochen Neumeister from comment #4)

Sure,
Thanks for both approval and the hint also.
Comment 6 commit-hook freebsd_committer 2019-08-20 00:07:23 UTC
A commit references this bug:

Author: mmokhi
Date: Tue Aug 20 00:06:58 UTC 2019
New revision: 509387
URL: https://svnweb.freebsd.org/changeset/ports/509387

Log:
  MFH: r508218

  databases/mysq56-{client, server}: Update to 5.6.45

  This update includes security fixes which are
  mentioned on upstream critical patch report.
  Further info:
  https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html#AppendixMSQL

  PR:		239571
  Reported by:	serg@tmn.ru
  Sponsored by:	Platform.sh

  Approved by:	ports-secteam (joneum)

Changes:
_U  branches/2019Q3/
  branches/2019Q3/databases/mysql56-client/files/patch-sql-common_client__authentication.cc
  branches/2019Q3/databases/mysql56-server/Makefile
  branches/2019Q3/databases/mysql56-server/distinfo
  branches/2019Q3/databases/mysql56-server/files/patch-sql-common_client__authentication.cc
Comment 7 Jochen Neumeister freebsd_committer 2019-08-20 07:22:46 UTC
Heya Mahdi,

this is wrong, there is no Vuxml entry. Could you add that, please? :-)

Cheers
Jochen
Comment 8 Jochen Neumeister freebsd_committer 2019-09-20 06:50:17 UTC
are all works done?

When yes, so please close the PR :-)