[pkgsrc/trunk]: pkgsrc/databases/mysql5-server Add fix for CAN-2006-0903 take...

[tron <tron%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/2458013d90b2
branches:  trunk
changeset: 511559:2458013d90b2
user:      tron <tron%pkgsrc.org@localhost>
date:      Mon Apr 17 11:21:41 2006 +0000

description:
Add fix for CAN-2006-0903 taken from MySQL bug #17667. Bump package
revision because of this security fix.

diffstat:

 databases/mysql5-server/Makefile         |   4 ++--
 databases/mysql5-server/distinfo         |   3 ++-
 databases/mysql5-server/patches/patch-ao |  14 ++++++++++++++
 3 files changed, 18 insertions(+), 3 deletions(-)

diffs (45 lines):

diff -r 41dc5ff88c66 -r 2458013d90b2 databases/mysql5-server/Makefile
--- a/databases/mysql5-server/Makefile  Mon Apr 17 08:56:35 2006 +0000
+++ b/databases/mysql5-server/Makefile  Mon Apr 17 11:21:41 2006 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.10 2006/04/13 11:19:25 xtraeme Exp $
+# $NetBSD: Makefile,v 1.11 2006/04/17 11:21:41 tron Exp $
 
 PKGNAME=               ${DISTNAME:S/-/-server-/}
-#PKGREVISION=          1
+PKGREVISION=           1
 SVR4_PKGNAME=          mysqs
 COMMENT=               MySQL 5, a free SQL database (server)
 
diff -r 41dc5ff88c66 -r 2458013d90b2 databases/mysql5-server/distinfo
--- a/databases/mysql5-server/distinfo  Mon Apr 17 08:56:35 2006 +0000
+++ b/databases/mysql5-server/distinfo  Mon Apr 17 11:21:41 2006 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.5 2006/04/13 11:19:25 xtraeme Exp $
+$NetBSD: distinfo,v 1.6 2006/04/17 11:21:41 tron Exp $
 
 SHA1 (mysql-5.0.20.tar.gz) = b66fd7821d6cb5f3150f703e90d64697a770a165
 RMD160 (mysql-5.0.20.tar.gz) = f7daabd98124b88c021b314ac23c25d09597e573
@@ -16,3 +16,4 @@
 SHA1 (patch-ak) = 516460b0aa9f641d74f83c5514f258a980033e41
 SHA1 (patch-al) = b2f76b2d4e6aca649f975eba0f9c18316d4d4c17
 SHA1 (patch-am) = 999bb2dbca518a7e19a96b53678de35c0b227434
+SHA1 (patch-ao) = c6c56cbff6fbb7ff809b9b544c28ea28fcd18517
diff -r 41dc5ff88c66 -r 2458013d90b2 databases/mysql5-server/patches/patch-ao
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/databases/mysql5-server/patches/patch-ao  Mon Apr 17 11:21:41 2006 +0000
@@ -0,0 +1,14 @@
+$NetBSD: patch-ao,v 1.1 2006/04/17 11:21:41 tron Exp $
+
+--- sql/sql_lex.cc.orig        2006-03-31 18:10:45.000000000 +0100
++++ sql/sql_lex.cc     2006-04-17 12:09:26.000000000 +0100
+@@ -960,6 +960,9 @@
+       while (lex->ptr != lex->end_of_query &&
+            ((c=yyGet()) != '*' || yyPeek() != '/'))
+       {
++      if (c == '\0')
++        return(ABORT_SYM);            // NULLs illegal even in comments
++
+       if (c == '\n')
+         lex->yylineno++;
+       }