[pkgsrc/trunk]: pkgsrc/databases/mysql4-server Fix for CVE-2007-2691

To: pkgsrc-changes-hg%NetBSD.org@localhost
Subject: [pkgsrc/trunk]: pkgsrc/databases/mysql4-server Fix for CVE-2007-2691
From: adrianp <adrianp%pkgsrc.org@localhost>
Date: Thu, 14 Oct 2021 04:59:34 +0000

details:   https://anonhg.NetBSD.org/pkgsrc/rev/529b49cd1e7d
branches:  trunk
changeset: 529998:529b49cd1e7d
user:      adrianp <adrianp%pkgsrc.org@localhost>
date:      Thu Jun 14 21:27:41 2007 +0000

description:
Fix for CVE-2007-2691

diffstat:

 databases/mysql4-server/Makefile         |   3 ++-
 databases/mysql4-server/distinfo         |   3 ++-
 databases/mysql4-server/patches/patch-bg |  13 +++++++++++++
 3 files changed, 17 insertions(+), 2 deletions(-)

diffs (44 lines):

diff -r b199014f3f72 -r 529b49cd1e7d databases/mysql4-server/Makefile
--- a/databases/mysql4-server/Makefile  Thu Jun 14 21:02:15 2007 +0000
+++ b/databases/mysql4-server/Makefile  Thu Jun 14 21:27:41 2007 +0000
@@ -1,7 +1,8 @@
-# $NetBSD: Makefile,v 1.32 2006/10/22 09:32:53 rillig Exp $
+# $NetBSD: Makefile,v 1.33 2007/06/14 21:27:41 adrianp Exp $
 
 PKGNAME=               ${DISTNAME:S/-/-server-/}
 SVR4_PKGNAME=          mysqs
+PKGREVISION=           1
 COMMENT=               MySQL 4, a free SQL database (server)
 
 CONFLICTS=             {mysql-server-[0-9]*,mysql3-server-[0-9]*}
diff -r b199014f3f72 -r 529b49cd1e7d databases/mysql4-server/distinfo
--- a/databases/mysql4-server/distinfo  Thu Jun 14 21:02:15 2007 +0000
+++ b/databases/mysql4-server/distinfo  Thu Jun 14 21:27:41 2007 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.27 2007/05/23 08:11:50 martti Exp $
+$NetBSD: distinfo,v 1.28 2007/06/14 21:27:41 adrianp Exp $
 
 SHA1 (mysql-4.1.22.tar.gz) = 857e942cc3207caf56e2aa48961fc1ed66d932e6
 RMD160 (mysql-4.1.22.tar.gz) = bfcf5058e4247cf4d7d1550ea54c64ebc8bc615e
@@ -19,3 +19,4 @@
 SHA1 (patch-bd) = 6eb42818196f0a981e7d85fa5791030483a037c4
 SHA1 (patch-be) = 9cb9e8fe550e168a67cd90d0fd7fc6cc9d4029d5
 SHA1 (patch-bf) = 1bbcdd13fa662e2b17114b8b390d16cebccf389c
+SHA1 (patch-bg) = e388cbafcc2d6eff1df881984442f34bdb7c07f6
diff -r b199014f3f72 -r 529b49cd1e7d databases/mysql4-server/patches/patch-bg
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/databases/mysql4-server/patches/patch-bg  Thu Jun 14 21:27:41 2007 +0000
@@ -0,0 +1,13 @@
+$NetBSD: patch-bg,v 1.1 2007/06/14 21:27:42 adrianp Exp $
+
+--- sql/sql_parse.cc.orig      2006-11-03 02:17:00.000000000 +0000
++++ sql/sql_parse.cc
+@@ -2736,7 +2736,7 @@ unsent_create_error:
+       old_list=table[0];
+       new_list=table->next[0];
+       old_list.next=new_list.next=0;
+-      if (check_grant(thd, ALTER_ACL, &old_list, 0, UINT_MAX, 0) ||
++      if (check_grant(thd, ALTER_ACL | DROP_ACL, &old_list, 0, UINT_MAX, 0) ||
+           (!test_all_bits(table->next->grant.privilege,
+                           INSERT_ACL | CREATE_ACL) &&
+            check_grant(thd, INSERT_ACL | CREATE_ACL, &new_list, 0,

Prev by Date: [pkgsrc/trunk]: pkgsrc/games/enigma Updated to version 1.01.
Next by Date: [pkgsrc/trunk]: pkgsrc/mail Update thunderbrd and thunderbird-gtk1 to 2.0.0.4.
Previous by Thread: [pkgsrc/trunk]: pkgsrc/games/enigma Updated to version 1.01.
Next by Thread: [pkgsrc/trunk]: pkgsrc/mail Update thunderbrd and thunderbird-gtk1 to 2.0.0.4.
Indexes:

Home | Main Index | Thread Index | Old Index