pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/databases/mysql3-client Apply patches from FreeBSD/por...
details: https://anonhg.NetBSD.org/pkgsrc/rev/03078bfa2b95
branches: trunk
changeset: 487800:03078bfa2b95
user: xtraeme <xtraeme%pkgsrc.org@localhost>
date: Thu Jan 20 14:15:04 2005 +0000
description:
Apply patches from FreeBSD/ports to fix vulnerabilities in the
mysqlaccess and mysqlhotcopy scripts.
Bump PKGREVISION and BUILDLINK_RECOMMENDED.
diffstat:
databases/mysql3-client/Makefile | 4 +-
databases/mysql3-client/buildlink3.mk | 4 +-
databases/mysql3-client/distinfo | 4 +-
databases/mysql3-client/patches/patch-ay | 49 ++++++++++++++++
databases/mysql3-client/patches/patch-az | 95 ++++++++++++++++++++++++++++++++
5 files changed, 151 insertions(+), 5 deletions(-)
diffs (195 lines):
diff -r 536f59f3c9ab -r 03078bfa2b95 databases/mysql3-client/Makefile
--- a/databases/mysql3-client/Makefile Thu Jan 20 14:01:44 2005 +0000
+++ b/databases/mysql3-client/Makefile Thu Jan 20 14:15:04 2005 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.2 2005/01/01 00:37:56 minskim Exp $
+# $NetBSD: Makefile,v 1.3 2005/01/20 14:15:04 xtraeme Exp $
PKGNAME= ${DISTNAME:S/-/-client-/}
-PKGREVISION= 2
+PKGREVISION= 3
SVR4_PKGNAME= mysqc
COMMENT= MySQL 3, a free SQL database (client)
diff -r 536f59f3c9ab -r 03078bfa2b95 databases/mysql3-client/buildlink3.mk
--- a/databases/mysql3-client/buildlink3.mk Thu Jan 20 14:01:44 2005 +0000
+++ b/databases/mysql3-client/buildlink3.mk Thu Jan 20 14:15:04 2005 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: buildlink3.mk,v 1.2 2004/10/28 01:17:33 xtraeme Exp $
+# $NetBSD: buildlink3.mk,v 1.3 2005/01/20 14:15:04 xtraeme Exp $
BUILDLINK_DEPTH:= ${BUILDLINK_DEPTH}+
MYSQL_CLIENT_BUILDLINK3_MK:= ${MYSQL_CLIENT_BUILDLINK3_MK}+
@@ -12,7 +12,7 @@
.if !empty(MYSQL_CLIENT_BUILDLINK3_MK:M+)
BUILDLINK_DEPENDS.mysql-client+= mysql-client>=3.23.58
-BUILDLINK_RECOMMENDED.mysql-client+= mysql-client>=3.23.58nb1
+BUILDLINK_RECOMMENDED.mysql-client+= mysql-client>=3.23.58nb3
BUILDLINK_PKGSRCDIR.mysql-client?= ../../databases/mysql3-client
BUILDLINK_LIBDIRS.mysql-client?= lib/mysql
.endif # MYSQL_CLIENT_BUILDLINK3_MK
diff -r 536f59f3c9ab -r 03078bfa2b95 databases/mysql3-client/distinfo
--- a/databases/mysql3-client/distinfo Thu Jan 20 14:01:44 2005 +0000
+++ b/databases/mysql3-client/distinfo Thu Jan 20 14:15:04 2005 +0000
@@ -1,5 +1,7 @@
-$NetBSD: distinfo,v 1.1.1.1 2004/10/28 01:01:32 xtraeme Exp $
+$NetBSD: distinfo,v 1.2 2005/01/20 14:15:04 xtraeme Exp $
SHA1 (mysql-3.23.58.tar.gz) = f3383e41e8926c040a295173881414a1e96e0266
Size (mysql-3.23.58.tar.gz) = 12039843 bytes
SHA1 (patch-af) = 0ac0172c264b9c9e8f173d29085096bc1c611132
+SHA1 (patch-ay) = d607f01b19bc1c5c0e2367d0b39c7703c9d5648f
+SHA1 (patch-az) = b4e2059514e479e27675d68af973386ad9ee5f6d
diff -r 536f59f3c9ab -r 03078bfa2b95 databases/mysql3-client/patches/patch-ay
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/databases/mysql3-client/patches/patch-ay Thu Jan 20 14:15:04 2005 +0000
@@ -0,0 +1,49 @@
+$NetBSD: patch-ay,v 1.1 2005/01/20 14:15:04 xtraeme Exp $
+
+--- scripts/mysqlhotcopy.sh.orig Sun Dec 21 19:01:29 2003
++++ scripts/mysqlhotcopy.sh Thu Sep 23 11:02:45 2004
+@@ -7,6 +7,7 @@
+ use File::Path;
+ use DBI;
+ use Sys::Hostname;
++use File::Temp;
+
+ =head1 NAME
+
+@@ -607,7 +608,6 @@
+ sub copy_index
+ {
+ my ($method, $files, $source, $target) = @_;
+- my $tmpfile="$opt_tmpdir/mysqlhotcopy$$";
+
+ print "Copying indices for ".@$files." files...\n" unless $opt{quiet};
+ foreach my $file (@$files)
+@@ -633,23 +633,23 @@
+ }
+ close OUTPUT || die "Error on close of $to: $!\n";
+ }
+- elsif ($opt{method} eq 'scp')
++ elsif ($opt{method} =~ /^scp\b/)
+ {
+- my $tmp=$tmpfile;
+- open(OUTPUT,">$tmp") || die "Can\'t create file $tmp: $!\n";
+- if (syswrite(OUTPUT,$buff) != length($buff))
++ my ($fh, $tmp)=tempfile('mysqlhotcopy-XXXXXX', DIR => $opt_tmpdir);
++ die "Can\'t create/open file in $opt_tmpdir\n";
++ if (syswrite($fh,$buff) != length($buff))
+ {
+ die "Error when writing data to $tmp: $!\n";
+ }
+- close OUTPUT || die "Error on close of $tmp: $!\n";
+- safe_system("scp $tmp $to");
++ close $fh || die "Error on close of $tmp: $!\n";
++ safe_system("$opt{method} $tmp $to");
++ unlink $tmp;
+ }
+ else
+ {
+ die "Can't use unsupported method '$opt{method}'\n";
+ }
+ }
+- unlink "$tmpfile" if ($opt{method} eq 'scp');
+ }
diff -r 536f59f3c9ab -r 03078bfa2b95 databases/mysql3-client/patches/patch-az
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/databases/mysql3-client/patches/patch-az Thu Jan 20 14:15:04 2005 +0000
@@ -0,0 +1,95 @@
+$NetBSD: patch-az,v 1.1 2005/01/20 14:15:04 xtraeme Exp $
+
+mysqlaccess symlink vulnerability
+
+--- scripts/mysqlaccess.sh.orig 2005-01-16 14:28:38 -08:00
++++ scripts/mysqlaccess.sh 2005-01-16 14:28:38 -08:00
+@@ -2,7 +2,7 @@
+ # ****************************
+ package MySQLaccess;
+ #use strict;
+-use POSIX qw(tmpnam);
++use File::Temp qw(tempfile tmpnam);
+ use Fcntl;
+
+ BEGIN {
+@@ -32,7 +32,6 @@
+ $ACCESS_U_BCK = 'user_backup';
+ $ACCESS_D_BCK = 'db_backup';
+ $DIFF = '/usr/bin/diff';
+- $TMP_PATH = '/tmp'; #path to writable tmp-directory
+ $MYSQLDUMP = '@bindir@/mysqldump';
+ #path to mysqldump executable
+
+@@ -432,7 +431,7 @@
+ # no caching on STDOUT
+ $|=1;
+
+- $MYSQL_CNF = POSIX::tmpnam();
++ $MYSQL_CNF = tmpnam();
+ %MYSQL_CNF = (client => { },
+ mysql => { },
+ mysqldump => { },
+@@ -577,8 +576,6 @@
+ push(@MySQLaccess::Grant::Error,'not_found_mysql') if !(-x $MYSQL);
+ push(@MySQLaccess::Grant::Error,'not_found_diff') if !(-x $DIFF);
+ push(@MySQLaccess::Grant::Error,'not_found_mysqldump') if !(-x $MYSQLDUMP);
+-push(@MySQLaccess::Grant::Error,'not_found_tmp') if !(-d $TMP_PATH);
+-push(@MySQLaccess::Grant::Error,'write_err_tmp') if !(-w $TMP_PATH);
+ if (@MySQLaccess::Grant::Error) {
+ MySQLaccess::Report::Print_Error_Messages() ;
+ exit 0;
+@@ -1777,17 +1774,15 @@
+ @before = sort(@before);
+ @after = sort(@after);
+
+- $before = "$MySQLaccess::TMP_PATH/$MySQLaccess::script.before.$$";
+- $after = "$MySQLaccess::TMP_PATH/$MySQLaccess::script.after.$$";
+- #$after = "/tmp/t0";
+- open(BEFORE,"> $before") ||
+- push(@MySQLaccess::Report::Errors,"Can't open temporary file $before for writing");
+- open(AFTER,"> $after") ||
+- push(@MySQLaccess::Report::Errors,"Can't open temporary file $after for writing");
+- print BEFORE join("\n",@before);
+- print AFTER join("\n",@after);
+- close(BEFORE);
+- close(AFTER);
++ ($hb, $before) = tempfile("$MySQLaccess::script.XXXXXX") or
++ push(@MySQLaccess::Report::Errors,"Can't create temporary file: $!");
++ ($ha, $after) = tempfile("$MySQLaccess::script.XXXXXX") or
++ push(@MySQLaccess::Report::Errors,"Can't create temporary file: $!");
++
++ print $hb join("\n",@before);
++ print $ha join("\n",@after);
++ close $hb;
++ close $ha;
+
+ # ----------------------------------
+ # compute difference
+@@ -1800,8 +1795,8 @@
+
+ # ----------------------------------
+ # cleanup temp. files
+- unlink(BEFORE);
+- unlink(AFTER);
++ unlink($before);
++ unlink($after);
+
+ return \@diffs;
+ }
+@@ -2316,14 +2311,6 @@
+ => "The diff program <$MySQLaccess::DIFF> could not be found.\n"
+ ."+ Check your path, or\n"
+ ."+ edit the source of this script to point \$DIFF to the diff program.\n"
+- ,'not_found_tmp'
+- => "The temporary directory <$MySQLaccess::TMP_PATH> could not be found.\n"
+- ."+ create this directory (writeable!), or\n"
+- ."+ edit the source of this script to point \$TMP_PATH to the right directory.\n"
+- ,'write_err_tmp'
+- => "The temporary directory <$MySQLaccess::TMP_PATH> is not writable.\n"
+- ."+ make this directory writeable!, or\n"
+- ."+ edit the source of this script to point \$TMP_PATH to another directory.\n"
+ ,'Unrecognized_option'
+ => "Sorry,\n"
+ ."You are using an old version of the mysql-program,\n"
+
Home |
Main Index |
Thread Index |
Old Index