Update to nb5: Add patch from

http://lists.netsys.com/pipermail/full-disclosure/2003-September/009819.html against a vulnerability.
2003-09-17 21:03:07 +00:00 · 2003-09-17 21:03:07 +00:00 · 50f5b84362
commit 50f5b84362
parent 8eedabb708
3 changed files with 17 additions and 3 deletions
--- a/databases/mysql-server/Makefile
+++ b/databases/mysql-server/Makefile
@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.43 2003/09/01 12:00:26 seb Exp $
+# $NetBSD: Makefile,v 1.44 2003/09/17 21:03:07 wiz Exp $

 PKGNAME=		${DISTNAME:S/-/-server-/}
-PKGREVISION=		4
+PKGREVISION=		5
 SVR4_PKGNAME=		mysqs
 COMMENT=		MySQL, a free SQL database (server)

--- a/databases/mysql-server/distinfo
+++ b/databases/mysql-server/distinfo
@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.20 2003/01/21 08:13:19 lukem Exp $
+$NetBSD: distinfo,v 1.21 2003/09/17 21:03:08 wiz Exp $

 SHA1 (mysql-3.23.49.tar.gz) = 0256331c7aa9388955148f80cdca382f467ad1be
 Size (mysql-3.23.49.tar.gz) = 11844905 bytes
@ -15,3 +15,4 @@ SHA1 (patch-aj) = 2e619c6f16a1256174fd3e6e4bca3214679a9347
 SHA1 (patch-ak) = f484f0bd5b77e0475c7b693b51f5f5146795afa0
 SHA1 (patch-al) = 75b237ea28da2b44f05c0c0fb3493bba060004dc
 SHA1 (patch-am) = adc14bcc3bd21e5a522e1a732ded223b641a2ac7
+SHA1 (patch-an) = c42a40e8772eb4a59eacae71c416b62682ce78dd
--- a/databases/mysql-server/patches/patch-an
+++ b/databases/mysql-server/patches/patch-an
@ -0,0 +1,13 @@
+$NetBSD: patch-an,v 1.3 2003/09/17 21:03:11 wiz Exp $
+
+--- sql/sql_acl.cc.orig	Thu Feb 14 18:30:21 2002
+++ sql/sql_acl.cc
+@@ -206,7 +206,7 @@ int  acl_init(bool dont_read_acl_tables)
+ 		      "Found old style password for user '%s'. Ignoring user. (You may want to restart using --old-protocol)",
+ 		      user.user ? user.user : ""); /* purecov: tested */
+     }
+-    else if (length % 8)		// This holds true for passwords
+    else if (length % 8 || length > 16)		// This holds true for passwords
+     {
+       sql_print_error(
+ 		      "Found invalid password for user: '%s@%s'; Ignoring user",