Subject: CVS commit: [pkgsrc-2006Q2] pkgsrc/databases
To: None <pkgsrc-changes@NetBSD.org>
From: Lubomir Sedlacik <salo@netbsd.org>
List: pkgsrc-changes
Date: 09/13/2006 13:36:00
Module Name:	pkgsrc
Committed By:	salo
Date:		Wed Sep 13 13:35:59 UTC 2006

Modified Files:
	pkgsrc/databases/mysql4-client [pkgsrc-2006Q2]: Makefile.common PLIST
	    distinfo
	pkgsrc/databases/mysql4-client/patches [pkgsrc-2006Q2]: patch-ax
	    patch-bd
	pkgsrc/databases/mysql4-server [pkgsrc-2006Q2]: Makefile PLIST distinfo
	pkgsrc/databases/mysql4-server/patches [pkgsrc-2006Q2]: patch-bd

Log Message:
Pullup ticket 1823 - requested by seb
security update for mysql4

Revisions pulled up:
- pkgsrc/databases/mysql4-client/Makefile.common	1.54
- pkgsrc/databases/mysql4-client/PLIST			1.14
- pkgsrc/databases/mysql4-client/distinfo		1.27
- pkgsrc/databases/mysql4-client/patches/patch-ax	1.5
- pkgsrc/databases/mysql4-client/patches/patch-bd	1.2
- pkgsrc/databases/mysql4-server/Makefile		1.31
- pkgsrc/databases/mysql4-server/PLIST			1.18
- pkgsrc/databases/mysql4-server/distinfo		1.25
- pkgsrc/databases/mysql4-server/patches/patch-bd	1.2

   Module Name:		pkgsrc
   Committed By:	seb
   Date:		Thu Aug 31 12:42:42 UTC 2006

   Modified Files:
   	pkgsrc/databases/mysql4-client: Makefile.common PLIST distinfo
   	pkgsrc/databases/mysql4-client/patches: patch-ax patch-bd
   	pkgsrc/databases/mysql4-server: Makefile PLIST distinfo
   	pkgsrc/databases/mysql4-server/patches: patch-bd

   Log Message:
   Update mysql4-client and mysql4-server to version 4.1.21.

   Most notably this version includes fixes for:
   http://secunia.com/advisories/21259/
   http://secunia.com/advisories/21506/
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3469

   * Packages changes:
   the script mysqldumpslow had been moved from the mysql4-client to the
   mysql4-server.

   * Changes since last packaged version (4.1.20)
   (see http://dev.mysql.com/doc/refman/4.1/en/news-4-1-21.html for more details):

   This is a bugfix release for the recent production release family.

   Functionality added or changed:
   - For spatial data types, the server formerly returned these as
   VARSTRING values with a binary collation. Now the server returns
   spatial values as BLOB values. (Bug#10166)
   - Added the --set-charset option to mysqlbinlog to allow the
   character set to be specified for processing binary log files.
   (Bug#18351)
   - For a table with an AUTO_INCREMENT column, SHOW CREATE TABLE now
   shows the next AUTO_INCREMENT value to be generated. (Bug#19025)
   - A warning now is issued if the client attempts to set the
   SQL_LOG_OFF variable without the SUPER privilege. (Bug#16180)
   - The mysqldumpslow script has been moved from client RPM packages
   to server RPM packages. This corrects a problem where mysqldumpslow
   could not be used with a client-only RPM install, because it depends
   on my_print_defaults which is in the server RPM. (Bug#20216)

   Bugs fixed:
   - Security fix: On Linux, and possibly other platforms using
   case-sensitive filesystems, it was possible for a user granted
   rights on a database to create or access a database whose name
   differed only from that of the first by the case of one or more
   letters. (Bug#17647)
   - Security fix: If a user has access to MyISAM table t, that user
   can create a MERGE table m that accesses t. However, if the user's
   privileges on t are subsequently revoked, the user can continue to
   access t by doing so through m. If this behavior is undesirable,
   you can start the server with the new --skip-merge option to disable
   the MERGE storage engine. (Bug#15195)
   - Security fix: Invalid arguments to DATE_FORMAT() caused a server
   crash. (CVE-2006-3469, Bug#20729) Thanks to Jean-David Maillefer
   for discovering and reporting this problem to the Debian project
   and to Christian Hammers from the Debian Team for notifying us of
   it.
   ...
   (see http://dev.mysql.com/doc/refman/4.1/en/news-4-1-21.html for
   the complete
   bug fix list)


To generate a diff of this commit:
cvs rdiff -r1.53 -r1.53.2.1 pkgsrc/databases/mysql4-client/Makefile.common
cvs rdiff -r1.13 -r1.13.2.1 pkgsrc/databases/mysql4-client/PLIST
cvs rdiff -r1.26 -r1.26.2.1 pkgsrc/databases/mysql4-client/distinfo
cvs rdiff -r1.4 -r1.4.6.1 pkgsrc/databases/mysql4-client/patches/patch-ax
cvs rdiff -r1.1 -r1.1.2.1 pkgsrc/databases/mysql4-client/patches/patch-bd
cvs rdiff -r1.30 -r1.30.2.1 pkgsrc/databases/mysql4-server/Makefile
cvs rdiff -r1.17 -r1.17.2.1 pkgsrc/databases/mysql4-server/PLIST
cvs rdiff -r1.24 -r1.24.2.1 pkgsrc/databases/mysql4-server/distinfo
cvs rdiff -r1.1 -r1.1.2.1 pkgsrc/databases/mysql4-server/patches/patch-bd

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.