pkgsrc-changes: CVS commit: pkgsrc/databases

Subject: CVS commit: pkgsrc/databases
To: None <pkgsrc-changes@NetBSD.org>
From: Stoned Elipot <seb@netbsd.org>
List: pkgsrc-changes
Date: 08/31/2006 12:42:42
Module Name:	pkgsrc
Committed By:	seb
Date:		Thu Aug 31 12:42:42 UTC 2006

Modified Files:
	pkgsrc/databases/mysql4-client: Makefile.common PLIST distinfo
	pkgsrc/databases/mysql4-client/patches: patch-ax patch-bd
	pkgsrc/databases/mysql4-server: Makefile PLIST distinfo
	pkgsrc/databases/mysql4-server/patches: patch-bd

Log Message:
Update mysql4-client and mysql4-server to version 4.1.21.

Most notably this version includes fixes for:
http://secunia.com/advisories/21259/
http://secunia.com/advisories/21506/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3469

* Packages changes:
the script mysqldumpslow had been moved from the mysql4-client to the
mysql4-server.

* Changes since last packaged version (4.1.20)
(see http://dev.mysql.com/doc/refman/4.1/en/news-4-1-21.html for more details):

This is a bugfix release for the recent production release family.

Functionality added or changed:
- For spatial data types, the server formerly returned these as
VARSTRING values with a binary collation. Now the server returns
spatial values as BLOB values. (Bug#10166)
- Added the --set-charset option to mysqlbinlog to allow the
character set to be specified for processing binary log files.
(Bug#18351)
- For a table with an AUTO_INCREMENT column, SHOW CREATE TABLE now
shows the next AUTO_INCREMENT value to be generated. (Bug#19025)
- A warning now is issued if the client attempts to set the
SQL_LOG_OFF variable without the SUPER privilege. (Bug#16180)
- The mysqldumpslow script has been moved from client RPM packages
to server RPM packages. This corrects a problem where mysqldumpslow
could not be used with a client-only RPM install, because it depends
on my_print_defaults which is in the server RPM. (Bug#20216)

Bugs fixed:
- Security fix: On Linux, and possibly other platforms using
case-sensitive filesystems, it was possible for a user granted
rights on a database to create or access a database whose name
differed only from that of the first by the case of one or more
letters. (Bug#17647)
- Security fix: If a user has access to MyISAM table t, that user
can create a MERGE table m that accesses t. However, if the user's
privileges on t are subsequently revoked, the user can continue to
access t by doing so through m. If this behavior is undesirable,
you can start the server with the new --skip-merge option to disable
the MERGE storage engine. (Bug#15195)
- Security fix: Invalid arguments to DATE_FORMAT() caused a server
crash. (CVE-2006-3469, Bug#20729) Thanks to Jean-David Maillefer
for discovering and reporting this problem to the Debian project
and to Christian Hammers from the Debian Team for notifying us of
it.
...
(see http://dev.mysql.com/doc/refman/4.1/en/news-4-1-21.html for
the complete
bug fix list)


To generate a diff of this commit:
cvs rdiff -r1.53 -r1.54 pkgsrc/databases/mysql4-client/Makefile.common
cvs rdiff -r1.13 -r1.14 pkgsrc/databases/mysql4-client/PLIST
cvs rdiff -r1.26 -r1.27 pkgsrc/databases/mysql4-client/distinfo
cvs rdiff -r1.4 -r1.5 pkgsrc/databases/mysql4-client/patches/patch-ax
cvs rdiff -r1.1 -r1.2 pkgsrc/databases/mysql4-client/patches/patch-bd
cvs rdiff -r1.30 -r1.31 pkgsrc/databases/mysql4-server/Makefile
cvs rdiff -r1.17 -r1.18 pkgsrc/databases/mysql4-server/PLIST
cvs rdiff -r1.24 -r1.25 pkgsrc/databases/mysql4-server/distinfo
cvs rdiff -r1.1 -r1.2 pkgsrc/databases/mysql4-server/patches/patch-bd

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.