CVS commit: pkgsrc/databases

[Takahiro Kambe <taca%netbsd.org@localhost>]

Module Name:    pkgsrc
Committed By:   taca
Date:           Wed May 26 01:52:22 UTC 2010

Modified Files:
        pkgsrc/databases/mysql51-client: Makefile.common distinfo
        pkgsrc/databases/mysql51-server: PLIST distinfo
Added Files:
        pkgsrc/databases/mysql51-server/patches: patch-ay

Log Message:
Update mysql51-{client,server} package to 5.1.47.

For full changes, see http://dev.mysql.com/doc/refman/5.1/en/news-5-1-47.html.

Here is important changes:

InnoDB Plugin Notes:

    * InnoDB Plugin has been upgraded to version 1.0.8. This version
      is considered of General Availability (GA) quality. InnoDB
      Plugin Change History, may contain information in addition to
      those changes reported here.

      In this release, the InnoDB Plugin is included in source and
      binary distributions, except RHEL3, RHEL4, SuSE 9 (x86, x86_64,
      ia64), and generic Linux RPM packages. It also does not work for
      FreeBSD 6 and HP-UX or for Linux on generic ia64.

Functionality added or changed:

    * InnoDB stores redo log records in a hash table during
      recovery. On 64-bit systems, this hash table was 1/8 of the
      buffer pool size. To reduce memory usage, the dimension of the
      hash table was reduced to 1/64 of the buffer pool size (or 1/128
      on 32-bit systems). (Bug#53122)

Security fixed:

    * Security Fix: The server failed to check the table name argument
      of a COM_FIELD_LIST command packet for validity and compliance
      to acceptable table name standards. This could be exploited to
      bypass almost all forms of checks for privileges and table-level
      grants by providing a specially crafted table name argument to
      COM_FIELD_LIST.

      In MySQL 5.0 and above, this allowed an authenticated user with
      SELECT privileges on one table to obtain the field definitions
      of any table in all other databases and potentially of other
      MySQL instances accessible from the server's file system.

      Additionally, for MySQL version 5.1 and above, an authenticated
    user with DELETE or SELECT privileges on one table could delete or
    read content from any other table in all databases on this server,
    and potentially of other MySQL instances accessible from the
    server's file system. (Bug#53371, CVE-2010-1848)

    * Security Fix: The server was susceptible to a buffer-overflow
      attack due to a failure to perform bounds checking on the table
      name argument of a COM_FIELD_LIST command packet. By sending
      long data for the table name, a buffer is overflown, which could
      be exploited by an authenticated user to inject malicious
      code. (Bug#53237, CVE-2010-1850)

    * Security Fix: The server could be tricked into reading packets
      indefinitely if it received a packet larger than the maximum
      size of one packet. (Bug#50974, CVE-2010-1849)


To generate a diff of this commit:
cvs rdiff -u -r1.7 -r1.8 pkgsrc/databases/mysql51-client/Makefile.common
cvs rdiff -u -r1.3 -r1.4 pkgsrc/databases/mysql51-client/distinfo
cvs rdiff -u -r1.4 -r1.5 pkgsrc/databases/mysql51-server/PLIST
cvs rdiff -u -r1.5 -r1.6 pkgsrc/databases/mysql51-server/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/databases/mysql51-server/patches/patch-ay

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.