Commit graph

31 commits

Author SHA1 Message Date
taca
29cdca5dae Update mysql51-{client,server} to 5.1.63 (MySQL 5.1.63).
Changes (http://dev.mysql.com/doc/refman/5.1/en/news-5-1-63.html):

     * Security Fix: Bug #64884 was fixed.

     * Security Fix: Bug #59387 was fixed.

     * InnoDB: Deleting a huge amount of data from InnoDB tables
       within a short time could cause the purge operation that
       flushes data from the buffer pool to stall. If this issue
       occurs, restart the server to work around it. This issue is
       only likely to occur on 32-bit platforms. (Bug #13847885)

     * InnoDB: If the server crashed during a TRUNCATE TABLE or
       CREATE INDEX statement for an InnoDB table, or a DROP DATABASE
       statement for a database containing InnoDB tables, an index
       could be corrupted, causing an error message when accessing
       the table after restart:
       InnoDB: Error: trying to load index index_name for table
       table_name
       InnoDB: but the index tree has been freed!
       In MySQL 5.1, this fix applies to the InnoDB Plugin, but not
       the built-in InnoDB storage engine. (Bug #12861864, Bug
       #11766019)

     * InnoDB: When data was removed from an InnoDB table, newly
       inserted data might not reuse the freed disk blocks, leading
       to an unexpected size increase for the system tablespace or
       .ibd file (depending on the setting of innodb_file_per_table.
       The OPTIMIZE TABLE could compact a .ibd file in some cases but
       not others. The freed disk blocks would eventually be reused
       as additional data was inserted. (Bug #11766634, Bug #59783)

     * Partitioning: After updating a row of a partitioned table and
       selecting that row within the same transaction with the query
       cache enabled, then performing a ROLLBACK, the same result was
       returned by an identical SELECT issued in a new transaction.
       (Bug #11761296, Bug #53775)

     * Replication: The --relay-log-space-limit option was sometimes
       ignored.
       More specifically, when the SQL thread went to sleep, it
       allowed the I/O thread to queue additional events in such a
       way that the relay log space limit was bypassed, and the
       number of events in the queue could grow well past the point
       where the relay logs needed to be rotated. Now in such cases,
       the SQL thread checks to see whether the I/O thread should
       rotate and provide the SQL thread a chance to purge the logs
       (thus freeing space).
       Note that, when the SQL thread is in the middle of a
       transaction, it cannot purge the logs; it can only ask for
       more events until the transaction is complete. Once the
       transaction is finished, the SQL thread can immediately
       instruct the I/O thread to rotate. (Bug #12400313, Bug #64503)
       References: See also Bug #13806492.

     * Mishandling of NO_BACKSLASH_ESCAPES SQL mode within stored
       procedures on slave servers could cause replication failures.
       (Bug #12601974)

     * If the system time was adjusted backward during query
       execution, the apparent execution time could be negative. But
       in some cases these queries would be written to the slow query
       log, with the negative execution time written as a large
       unsigned number. Now statements with apparent negative
       execution time are not written to the slow query log. (Bug
       #63524, Bug #13454045) References: See also Bug #27208.

     * mysql_store_result() and mysql_use_result() are not for use
       with prepared statements and are not intended to be called
       following mysql_stmt_execute(), but failed to return an error
       when invoked that way in libmysqld. (Bug #62136, Bug
       #13738989) References: See also Bug #47485.

     * SHOW statements treated stored procedure, stored function, and
       event names as case sensitive. (Bug #56224, Bug #11763507)

     * On Windows, mysqlslap crashed for attempts to connect using
       shared memory. (Bug #31173, Bug #11747181, Bug #59107, Bug
       #11766072)
2012-05-13 12:59:39 +00:00
adam
798bf9651b Changes 5.1.62:
* New utf8_general_mysql500_ci and ucs2_general_mysql500_ci collations have
  been added that preserve the behavior of utf8_general_ci and ucs2_general_ci
  from versions of MySQL previous to 5.1.24. Bug 27877 corrected an error in
  the original collations but introduced an incompatibility for columns that
  contain German 'ß' LATIN SMALL LETTER SHARP S. (As a result of the fix, that
  character compares equal to characters with which it previously compared
  different.) A symptom of the problem after upgrading to MySQL 5.1.24 or newer
  from a version older than 5.1.24 is that CHECK TABLE produces this error:
* yaSSL was upgraded from version 1.7.2 to 2.2.0.
* Bugs Fixed
2012-04-08 19:10:58 +00:00
fhajny
535b8ecbc1 Make sure GNU diff is available.
Fixes PR pkg/44828.
2012-03-09 11:55:11 +00:00
adam
aeb10e8fe3 Changes 5.1.61:
* InnoDB Storage Engine: Issuing INSERT...ON DUPLICATE KEY statements for
  InnoDB tables from concurrent threads could cause a deadlock, particularly
  with the INSERT...ON DUPLICATE KEY UPDATE form. The fix avoids deadlocks
  caused by the same row being accessed by more than one transaction. Deadlocks
  could still occur when multiple rows are inserted and updated simultaneously
  by different transactions in inconsistent order; those types of deadlocks
  require the standard error handling on the application side, of re-trying the
  transaction.
* An incorrect InnoDB assertion could cause the server to halt. This issue only
  affected debug builds. The assertion referenced the source file btr0pcur.ic
  and the variable cursor->pos_state.
* The handle_segfault() signal-handler code in mysqld could itself crash due to
  calling unsafe functions.
* ARCHIVE tables with NULL columns could cause server crashes or become corrupt
  under concurrent load.
* Enabling myisam_use_mmap could cause the server to crash.
* Concurrent access to ARCHIVE tables could cause corruption.
2012-01-12 17:41:21 +00:00
adam
b021d87776 Changes 5.1.60:
* Upgrading from an Advanced GPL RPM package to an Advanced RPM package did not
  work. Now on Linux it is possible to use rpm -U to replace any installed MySQL
  product by any other of the same release family. It is not necessary to remove
  the old produce with rpm -e first.
* MEMORY table creation time is now available in the CREATE_TIME column of the
  INFORMATION_SCHEMA.TABLES table and the Create_time column of SHOW TABLE
  STATUS output.
Bugs Fixed
* Important Change: InnoDB Storage Engine: Data from BLOB columns could be lost   if the server crashed at a precise moment when other columns were being
  updated in an InnoDB table.
* InnoDB Storage Engine: This fix improves the performance of instrumentation
  code for InnoDB buffer pool operations.
* InnoDB Storage Engine: Lookups using secondary indexes could give incorrect
  matches under a specific set of conditions. The conditions involve an index
  defined on a column prefix, for a BLOB or other long column stored outside
  the index page, with a table using the Barracuda file format.
* InnoDB Storage Engine: This fix corrects cases where the MySQL server could
  hang or abort with a long semaphore wait message. (This is a different issue
  than when these symptoms occurred during a CHECK TABLE statement.)
* Replication: Issuing the following statements, in the order shown, could cause  a deadlock between the user thread and I/O thread.
* more...
2011-12-02 14:25:09 +00:00
taca
3d20dccc1b Update mysql51-client and mysql51-server package to 5.1.58 (MySQL 5.1.58).
This is bug fix release.  Since whole changes are too many to write here,
please refer http://dev.mysql.com/doc/refman/5.1/en/news-5-1-58.html.

Especially, some important one for related to us.

* On FreeBSD 64-built builds of the embedded server, exceptions were not
  prevented from propagating into the embedded application. (Bug #38965,
  Bug #11749418)
2011-08-02 14:10:34 +00:00
taca
9fe4af5745 Update mysql51-{client,server} package to 5.1.57.
This is simply maintenance release, no security fix.
Please refer http://dev.mysql.com/doc/refman/5.1/en/news-5-1-57.html in
detail.
2011-05-08 16:01:57 +00:00
obache
f7b10b4818 not compatible with mysql-5.5. 2011-04-27 06:33:22 +00:00
adam
de4cf05277 patch-ab: take 2 2011-03-18 05:39:58 +00:00
adam
72026c633b Fix building with Clang. 2011-03-17 13:26:04 +00:00
taca
fc9a437a7b Update MySQL package to 5.1.56.
Functionality added or changed:

* mysqldump --xml now displays comments from column definitions. (Bug #13618)

Bugs fixed:

* InnoDB Storage Engine: InnoDB returned values for ¡Èrows examined¡É
  in the query plan that were higher than expected. NULL values were
  treated in an inconsistent way. The inaccurate statistics could
  trigger ¡Èfalse positives¡É in combination with the MAX_JOIN_SIZE
  setting, because the queries did not really examine as many rows as
  reported. (Bug #30423)

* Partitioning: Trying to use the same column more than once in the
  partitioning key when partitioning a table by KEY caused mysqld to
  crash. Such duplication of key columns is now expressly disallowed,
  and fails with an appropriate error. (Bug #53354, Bug #57924)

* Replication: When using the statement-based logging format, INSERT
  ON DUPLICATE KEY UPDATE and INSERT IGNORE statements affecting
  transactional tables that did not fail were not written to the
  binary log if they did not insert any rows. (With statement-based
  logging, all successful statements should be logged, whether they do
  or do not cause any rows to be changed.) (Bug #59338)

* Replication: Formerly, STOP SLAVE stopped the slave I/O thread first
  and then stopped the slave SQL thread; thus, it was possible for the
  I/O thread to stop after replicating only part of a transaction
  which the SQL thread was executing, in wich case¡½if the transaction
  could not be rolled back safely¡½the SQL thread could hang.

  Now, STOP SLAVE stops the slave SQL thread first and then stops the
  I/O thread; this guarantees that the I/O thread can fetch any
  remaining events in the transaction that the SQL thread is
  executing, so that the SQL thread can finish the transaction if it
  cannot be rolled back safely. (Bug #58546)

* A query of the following form returned an incorrect result, where
  the values for col_name in the result set were entirely replaced
  with NULL values:

  SELECT DISTINCT col_name ... ORDER BY col_name DESC;
  (Bug #59308, Bug #11766241)

* DELETE or UPDATE statements could fail if they used DATE or DATETIME
  values with a year, month, or day part of zero. (Bug #59173)

* The ESCAPE clause for the LIKE operator allows only expressions that
  evaluate to a constant at execution time, but aggregrate functions
  were not being rejected. (Bug #59149)

* Memory leaks detected by Valgrind, some of which could cause
  incorrect query results, were corrected. (Bug #59110, Bug #11766075)

  mysqlslap failed to check for a NULL return from mysql_store_result()
  and crashed trying to process the result set. (Bug #59109)

* In debug builds, SUBSTRING_INDEX(FORMAT(...), FORMAT(...)) could
  cause a server crash. (Bug #58371)

* When mysqldadmin was run with the --sleep and --count options, it
  went into an infinite loop executing the specified command. (Bug
  #58221)

* Some string manipulating SQL functions use a shared string object
  intended to contain an immutable empty string. This object was used
  by the SQL function SUBSTRING_INDEX() to return an empty string when
  one argument was of the wrong datatype. If the string object was
  then modified by the SQL function INSERT(), undefined behavior
  ensued. (Bug #58165, Bug #11765225)

* Parsing nested regular expressions could lead to recursion resulting
  in a stack overflow crash. (Bug #58026, Bug #11765099)

* The mysql client went into an infinite loop if the standard input
  was a directory. (Bug #57450)

* The expression const1 BETWEEN const2 AND field was optimized
  incorrectly and produced incorrect results. (Bug #57030, Bug
  #11764215)

* Some RPM installation scripts used a hardcoded value for the data
  directory, which could result in a failed installation for users who
  have a nonstandard data directory location. The same was true for
  other configuration values such as the PID file name. (Bug #56581,
  Bug #11763817)

* On FreeBSD and OpenBSD, the server incorrectly checked the range of
  the system date, causing legal values to be rejected. (Bug #55755,
  Bug #11763089)

* When using ExtractValue() or UpdateXML(), if the XML to be read
  contained an incomplete XML comment, MySQL read beyond the end of
  the XML string when processing, leading to a crash of the
  server. (Bug #44332)
2011-03-08 14:06:43 +00:00
taca
350cd2d4de Update mysql51-{client,server} package to 5.1.55.
Full changes: http://dev.mysql.com/doc/refman/5.1/en/news-5-1-55.html

MySQL 5.1.55

Functionality added or changed:

The time zone tables available at
http://dev.mysql.com/downloads/timezones.html have been updated. These
tables can be used on systems such as Windows or HP-UX that do not
include zoneinfo files. (Bug#40230)
2011-02-13 16:19:45 +00:00
taca
3931677dee Update mysql51-{client,server} package to 5.1.54.
Functionality added or changed:

* Support for the IBMDB2I storage engine has been removed. (Bug#58079)

* The pstack library was nonfunctional and has been removed, along with the
  --with-pstack option for configure. The --enable-pstack option for mysqld is
  deprecated and will be removed in MySQL 5.5. (Bug#57210)

Bugs fixed:

* Performance: InnoDB Storage Engine: Improved concurrency when several
  ANALYZE TABLE or SHOW TABLE STATUS statements are run simultaneously for
  InnoDB tables. (Bug#53046)

* InnoDB Storage Engine: For an InnoDB table created with
  ROW_FORMAT=COMPRESSED or ROW_FORMAT=DYNAMIC, a query using the READ
  UNCOMMITTED isolation level could cause the server to stop with an assertion
  error, if BLOB or other large columns that use off-page storage were being
  inserted at the same time. (Bug#57799)

* Partitioning: An INSERT ... ON DUPLICATE KEY UPDATE column = 0 statement on
  an AUTO_INCREMENT column caused the debug server to crash. (Bug#57890)

* Several compilation problems were fixed. (Bug#57992, Bug#57993, Bug#57994,
  Bug#57995, Bug#57996, Bug#57997, Bug#58057)

* Passing a string that was not null-terminated to UpdateXML() or
  ExtractValue() caused the server to fail with an assertion. (Bug#57279)

* Queries executed using the Index Merge access method and a temporary file
  could return incorrect results. (Bug#56862)

* The find_files() function used by SHOW statements performed redundant and
  unnecessary memory allocation. (Bug#51208)
2010-12-16 03:42:49 +00:00
taca
804be8d63d Update mysql51-{client,server} to 5.1.53.
Most changes are related to replication and seems to no security fix.
For more detail, please refer:

	http://dev.mysql.com/doc/refman/5.1/en/news-5-1-53.html
2010-11-26 13:52:58 +00:00
sketch
0819abd86f Drop maintainer, ENOTIME. 2010-11-15 16:24:09 +00:00
taca
e5c730fdcb Update mysql51-{client,server} package from 5.1.51 to 5.1.52.
This is maintainous release and pleare refer in detail:

	http://dev.mysql.com/doc/refman/5.1/en/news-5-1-52.html


One note from the changes:

* Security Fix: In prepared-statement mode, EXPLAIN for a SELECT from
  a derived table caused a server crash. (Bug#54488)
2010-11-04 15:57:07 +00:00
taca
22d40b32e1 Update mysql51-{client,server} package to 5.1.51, MySQL 5.1.51.
For full changes, please refer:
	http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html

Here is summary for security fixes:

* Security Fix: During evaluation of arguments to extreme-value
  functions (such as LEAST() and GREATEST()), type errors did not
  propagate properly, causing the server to crash. (Bug#55826)

* Security Fix: The server could crash after materializing a derived
  table that required a temporary table for grouping. (Bug#55568)

* Security Fix: A user-variable assignment expression that is
  evaluated in a logical expression context can be precalculated in a
  temporary table for GROUP BY. However, when the expression value is
  used after creation of the temporary table, it was re-evaluated, not
  read from the table and a server crash resulted. (Bug#55564)

* Security Fix: Pre-evaluation of LIKE predicates during view
  preparation could cause a server crash. (Bug#54568)

* Security Fix: GROUP_CONCAT() and WITH ROLLUP together could cause a
  server crash. (Bug#54476)

* Security Fix: Queries could cause a server crash if the GREATEST()
  or LEAST() function had a mixed list of numeric and LONGBLOB
  arguments, and the result of such a function was processed using an
  intermediate temporary table. (Bug#54461)

* Security Fix: Queries with nested joins could cause an infinite loop
  in the server when used from stored procedures and prepared
  statements. (Bug#53544)

* Security Fix: The PolyFromWKB() function could crash the server when
  improper WKB data was passed to the function. (Bug#51875)
2010-10-06 12:37:58 +00:00
taca
6f294a2ad9 * Install my_compiler.h as public header. It is already fixed in
MySQL's repository.
* Add comments to patches.

Bump PKGREVISION and it fixes P$ pkg/43887.
2010-09-21 15:57:30 +00:00
taca
65553c7235 Update mysql51-{client,server} to 5.1.50.
Please refer http://dev.mysql.com/doc/refman/5.1/en/news-5-1-50.html
for full changes .


InnoDB Notes:

InnoDB Plugin has been upgraded to version 1.0.11. This version is
considered of General Availability (GA) quality.

In this release, the InnoDB Plugin is included in source and binary
distributions, except RHEL3, RHEL4, SuSE 9 (x86, x86_64, ia64),
generic Linux RPM packages, and any builds produced with the icc
compiler. It also does not work for FreeBSD 6 and HP-UX or for Linux
on generic ia64.

Bugs fixed:

Important Change: Replication: The LOAD DATA INFILE statement is now
considered unsafe for statement-based replication. When using
statement-based logging mode, the statement now produces a warning;
when using mixed-format logging, the statement is made using the
row-based format. (Bug#34283)

Partitioning: UPDATE and INSERT statements affecting partitioned
tables performed poorly when using row-based replication. (Bug#52517)

Partitioning: INSERT ON DUPLICATE KEY UPDATE statements performed
poorly on tables having many partitions. This was because the handler
function for reading a row from a specific index was not optimized in
the partitioning handler. (Bug#52455)

The server could crash on shutdown, if started with
--innodb-use-system-malloc=0. (Bug#55581)

GROUP BY operations used max_sort_length inconsistently. (Bug#55188)

Building MySQL on Solaris 8 x86 failed when using Sun Studio due to
gcc inline assembler code. (Bug#55061)

In debug builds, an assertion could be raised when the server tried to
send an OK packet to the client after having failed to detect errors
during processing of the WHERE condition of an UPDATE
statement. (Bug#54734)

The database server could crash when renaming a table that had active
transactions. (This issue only affected the database server when built
for debugging.) (Bug#54453)

The server could crash during the recovery phase of startup, if it
previously crashed while inserting BLOB or other large columns that
use off-page storage into an InnoDB table created with
ROW_FORMAT=REDUNDANT or ROW_FORMAT=COMPACT. (Bug#54408)

For an InnoDB table created with ROW_FORMAT=COMPRESSED or
ROW_FORMAT=DYNAMIC, a query using the READ UNCOMMITTED isolation level
could cause the server to stop with an assertion error, if BLOB or
other large columns that use off-page storage were being inserted at
the same time. (Bug#54358)

A client could supply data in chunks to a prepared statement parameter other than of type TEXT or BLOB using the mysql_stmt_send_long_data() C API function (or COM_STMT_SEND_LONG_DATA command). This led to a crash because other data types are not valid for long data. (Bug#54041)

mysql_secure_installation did not properly identify local accounts and
could incorrectly remove nonlocal root accounts. (Bug#54004)

Transactions could be incorrectly committed during recovery, rather
than rolled back, if the server crashed and was restarted after
performing ALTER TABLE...ADD PRIMARY KEY on an InnoDB table, or some
other operation that involves copying the entire table. (Bug#53756)

Portability problems in SHOW STATUS could lead to incorrect results on
some platforms. (Bug#53493)

Builds of MySQL generated a large number of warnings. (Bug#53445)

With lower_case_table_names set to a nonzero value, searches for table
or database names in INFORMATION_SCHEMA tables could produce incorrect
results. (Bug#53095)

The ABI check for MySQL failed to compile with gcc 4.5. (Bug#52514)

mysql_secure_installation sometimes failed to locate the mysql
client. (Bug#52274)

Reading a ucs2 data file with LOAD DATA INFILE was subject to three
problems. 1) Incorrect parsing of the file as ucs2 data, resulting in
incorrect length of the parsed string. This is fixed by truncating the
invalid trailing bytes (incomplete multibyte characters) when reading
from the file. 2) Reads from a proper ucs2 file did not recognize
newline characters. This is fixed by first checking whether a byte is
a newline (or any other special character) before reading it as a part
of a multibyte character. 3) When using user variables to hold column
data, the character set of the user variable was set incorrectly to
the database charset. This is fixed by setting it to the character set
specified in the LOAD DATA INFILE statement, if any. (Bug#51876)

Searches in INFORMATION_SCHEMA tables for rows matching a nonexistent
database produced an error instead of an empty query
result. (Bug#49542)

On FreeBSD, memory mapping for MERGE tables could fail if underlying
tables were empty. (Bug#47139)

The my_like_range_xxx() functions returned badly formed maximum
strings for Asian character sets, which caused problems for storage
engines. (Bug#45012)

A debugging assertion could be raised after a write failure to a
closed socket. (Bug#42496)

An assertion failure occurred within yaSSL for very long keys. (Bug#29784)

See also Bug#53463.
2010-09-08 16:24:57 +00:00
taca
f1fdf4c660 Update mysql51-client and mysql51-server to 5.1.49.
Please refer http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html
for full changes.


* InnoDB Plugin has been upgraded to version 1.0.10. This version is
  considered of General Availability (GA) quality.

  In this release, the InnoDB Plugin is included in source and binary
  distributions, except RHEL3, RHEL4, SuSE 9 (x86, x86_64, ia64), and
  generic Linux RPM packages. It also does not work for FreeBSD 6 and
  HP-UX or for Linux on generic ia64.

Bugs fixed:

* Security Fix: After changing the values of the innodb_file_format or
  innodb_file_per_table configuration parameters, DDL statements could
  cause a server crash. (Bug#55039)

* Security Fix: Joins involving a table with with a unique SET column
  could cause a server crash. (Bug#54575)

* Security Fix: Incorrect handling of NULL arguments could lead to a
  crash for IN() or CASE operations when NULL arguments were either
  passed explicitly as arguments (for IN()) or implicitly generated by
  the WITH ROLLUP modifier (for IN() and CASE). (Bug#54477)

* Security Fix: A malformed argument to the BINLOG statement could
  result in Valgrind warnings or a server crash. (Bug#54393)

* Security Fix: Use of TEMPORARY InnoDB tables with nullable columns
  could cause a server crash. (Bug#54044)

* Security Fix: The server could crash if there were alternate reads
  from two indexes on a table using the HANDLER interface. (Bug#54007)

* Security Fix: Using EXPLAIN with queries of the form SELECT
  ... UNION ... ORDER BY (SELECT ... WHERE ...) could cause a server
  crash. (Bug#52711)

* Security Fix: LOAD DATA INFILE did not check for SQL errors and sent
  an OK packet even when errors were already reported. Also, an assert
  related to client-server protocol checking in debug servers
  sometimes was raised when it should not have been. (Bug#52512)
2010-08-11 23:18:04 +00:00
taca
f97d607fc4 Update mysql51-{client,server} package to 5.1.48.
Secunia Advisory SA40333 (http://secunia.com/advisories/40333/) reports
that this release fixes DoS problem and it refers:

	http://dev.mysql.com/doc/refman/5.1/en/news-5-1-48.html
	http://bugs.mysql.com/bug.php?id=53804

But news-5-1-48.html dosen't contains about bug id 53804...

Anyway, please refer http://dev.mysql.com/doc/refman/5.1/en/news-5-1-48.html
for full changes.
2010-07-05 03:15:04 +00:00
taca
aa5d9c6e8d Update mysql51-{client,server} package to 5.1.47.
For full changes, see http://dev.mysql.com/doc/refman/5.1/en/news-5-1-47.html.

Here is important changes:


InnoDB Plugin Notes:

    * InnoDB Plugin has been upgraded to version 1.0.8. This version
      is considered of General Availability (GA) quality. InnoDB
      Plugin Change History, may contain information in addition to
      those changes reported here.

      In this release, the InnoDB Plugin is included in source and
      binary distributions, except RHEL3, RHEL4, SuSE 9 (x86, x86_64,
      ia64), and generic Linux RPM packages. It also does not work for
      FreeBSD 6 and HP-UX or for Linux on generic ia64.

Functionality added or changed:

    * InnoDB stores redo log records in a hash table during
      recovery. On 64-bit systems, this hash table was 1/8 of the
      buffer pool size. To reduce memory usage, the dimension of the
      hash table was reduced to 1/64 of the buffer pool size (or 1/128
      on 32-bit systems). (Bug#53122)

Security fixed:

    * Security Fix: The server failed to check the table name argument
      of a COM_FIELD_LIST command packet for validity and compliance
      to acceptable table name standards. This could be exploited to
      bypass almost all forms of checks for privileges and table-level
      grants by providing a specially crafted table name argument to
      COM_FIELD_LIST.

      In MySQL 5.0 and above, this allowed an authenticated user with
      SELECT privileges on one table to obtain the field definitions
      of any table in all other databases and potentially of other
      MySQL instances accessible from the server's file system.

      Additionally, for MySQL version 5.1 and above, an authenticated
    user with DELETE or SELECT privileges on one table could delete or
    read content from any other table in all databases on this server,
    and potentially of other MySQL instances accessible from the
    server's file system. (Bug#53371, CVE-2010-1848)

    * Security Fix: The server was susceptible to a buffer-overflow
      attack due to a failure to perform bounds checking on the table
      name argument of a COM_FIELD_LIST command packet. By sending
      long data for the table name, a buffer is overflown, which could
      be exploited by an authenticated user to inject malicious
      code. (Bug#53237, CVE-2010-1850)

    * Security Fix: The server could be tricked into reading packets
      indefinitely if it received a packet larger than the maximum
      size of one packet. (Bug#50974, CVE-2010-1849)
2010-05-26 01:52:21 +00:00
obache
eddc71a562 Interix GNU cc doesn't support `-fPIC'. 2010-04-30 06:03:36 +00:00
taca
617b94d60a Update mysql51-client/mysql51-server package to 5.1.46.
This is maintainous release and please refer for full changes:

	http://dev.mysql.com/doc/refman/5.1/en/news-5-1-46.html
2010-04-24 15:59:23 +00:00
taca
0238d6eb3b Update mysql51-client/mysql51-server package to 5.1.45.
This is maintainous release and please refer for full changes:

	http://dev.mysql.com/doc/refman/5.1/en/news-5-1-45.html

Added a patch for recent security problem to mysql51-server, too.

	http://secunia.com/advisories/39454
2010-04-20 22:58:10 +00:00
taca
000e88edc0 Fix build problem on NetBSD except current.
Explicitly specify CFLAGS on NetBSD/i386 and should fix PR pkg/43108.
2010-04-08 15:31:55 +00:00
taca
f89437b7d2 Add mysqlmanager, ndb-cluster and pstack options.
Thess are used by mysql51-server only.
2010-03-21 14:40:15 +00:00
taca
e37807ed02 Some clean up to CONFIGURE_ARGS; remove obsolete options. 2010-03-21 14:39:27 +00:00
wiz
89f3190691 Enable PIC compilation, needed for working mysql-embedded support
(and perhaps also on Solaris).

Bump PKGREVISION.

Ok taca@
2010-03-16 19:24:54 +00:00
taca
1e798c58e7 Enable embedded-server default by PKG_SUPPORTED_OPTIONS.
I modified it temporary for testing and forgot to revert before import.
2010-03-04 16:34:23 +00:00
taca
1ed0e35f2a Importing mysql51-client 5.1.44, client part of MySQL 5.1.44.
For release MySQL 5.1 specific information please refer:

	http://dev.mysql.com/doc/refman/5.1/en/mysql-nutshell.html


MySQL is a SQL (Structured Query Language) database server.  SQL is the
most popular database language in the world.  MySQL is a client-server
implementation that consists of a server daemon `mysqld' and many
different client programs/libraries.

The main goals of MySQL are speed and robustness.

The base upon which MySQL is built is a set of routines that have been
used in a highly demanding production environment for many years.  While
MySQL is still in development it already offers a rich and highly useful
function set.

The official way to pronounce 'MySQL' is 'My Ess Que Ell' (Not MY-SEQUEL).

This package contains the MySQL client programs and libraries.
2010-03-04 16:27:18 +00:00