Security update to 3.23.58.

Fixed buffer overflow in password handling which could potentially
be exploited by MySQL users with ALTER privilege on the mysql.user
table to execute random code or to gain shell access with the UID
of the mysqld process.

The complete changelog can be found at:
http://www.mysql.com/doc/en/News-3.23.58.html

Approved by:	marcus (portsmgr)
This commit is contained in:
Martin Blapp 2003-09-19 14:47:59 +00:00
parent 6f5e9129c5
commit ced2bcb792
Notes: svn2git 2021-03-31 03:12:20 +00:00
svn path=/head/; revision=89069
3 changed files with 4 additions and 13 deletions

View file

@ -6,7 +6,7 @@
#
PORTNAME?= ${MASTERPORTNAME}
PORTVERSION= 3.23.57
PORTVERSION= 3.23.58
#PORTREVISION?= 1
CATEGORIES= databases
MASTER_SITES= http://www.kernelnotes.de/MySQL/Downloads/MySQL-3.23/ \

View file

@ -1 +1 @@
MD5 (mysql-3.23.57.tar.gz) = 892f7d97af1ce7502e89d824031abd05
MD5 (mysql-3.23.58.tar.gz) = 835a96c86132fbde0db36db60c5b34cd

View file

@ -1,5 +1,5 @@
--- configure.orig Fri Jun 6 10:39:41 2003
+++ configure Fri Aug 29 13:26:35 2003
--- configure.orig Thu Sep 11 13:49:33 2003
+++ configure Fri Sep 19 16:37:59 2003
@@ -8070,6 +8070,7 @@
# This can be used to rebuild libtool when needed
@ -138,15 +138,6 @@
mysql_cv_btype_last_arg_accept=none
cat >conftest.$ac_ext <<_ACEOF
#line $LINENO "configure"
@@ -16942,7 +16886,7 @@
FILE *file=fopen("conftestval", "w");
f = (float) ll;
fprintf(file,"%g\n",f);
- close(file);
+ fclose(file);
exit (0);
}
_ACEOF
@@ -19229,14 +19173,6 @@
ac_compiler_gnu=$ac_cv_cxx_compiler_gnu