pkgsrc/databases/mysql4-server/patches
seb 8713e488fb Update mysql4-client and mysql4-server to version 4.1.21.
Most notably this version includes fixes for:
http://secunia.com/advisories/21259/
http://secunia.com/advisories/21506/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3469

* Packages changes:
the script mysqldumpslow had been moved from the mysql4-client to the
mysql4-server.

* Changes since last packaged version (4.1.20)
(see http://dev.mysql.com/doc/refman/4.1/en/news-4-1-21.html for more details):

This is a bugfix release for the recent production release family.

Functionality added or changed:
- For spatial data types, the server formerly returned these as
VARSTRING values with a binary collation. Now the server returns
spatial values as BLOB values. (Bug#10166)
- Added the --set-charset option to mysqlbinlog to allow the
character set to be specified for processing binary log files.
(Bug#18351)
- For a table with an AUTO_INCREMENT column, SHOW CREATE TABLE now
shows the next AUTO_INCREMENT value to be generated. (Bug#19025)
- A warning now is issued if the client attempts to set the
SQL_LOG_OFF variable without the SUPER privilege. (Bug#16180)
- The mysqldumpslow script has been moved from client RPM packages
to server RPM packages. This corrects a problem where mysqldumpslow
could not be used with a client-only RPM install, because it depends
on my_print_defaults which is in the server RPM. (Bug#20216)

Bugs fixed:
- Security fix: On Linux, and possibly other platforms using
case-sensitive filesystems, it was possible for a user granted
rights on a database to create or access a database whose name
differed only from that of the first by the case of one or more
letters. (Bug#17647)
- Security fix: If a user has access to MyISAM table t, that user
can create a MERGE table m that accesses t. However, if the user's
privileges on t are subsequently revoked, the user can continue to
access t by doing so through m. If this behavior is undesirable,
you can start the server with the new --skip-merge option to disable
the MERGE storage engine. (Bug#15195)
- Security fix: Invalid arguments to DATE_FORMAT() caused a server
crash. (CVE-2006-3469, Bug#20729) Thanks to Jean-David Maillefer
for discovering and reporting this problem to the Debian project
and to Christian Hammers from the Debian Team for notifying us of
it.
...
(see http://dev.mysql.com/doc/refman/4.1/en/news-4-1-21.html for
the complete
bug fix list)
2006-08-31 12:42:42 +00:00
..
patch-aa Update mysql4-client and mysql4-server to version 4.1.19. 2006-05-26 18:25:34 +00:00
patch-ab Update to 4.1.13. 2005-07-29 21:02:35 +00:00
patch-ac Update mysql4-client and mysql4-server to version 4.1.19. 2006-05-26 18:25:34 +00:00
patch-ad Also commit patches for the DragonFly support. 2005-10-26 17:33:49 +00:00
patch-ae Also commit patches for the DragonFly support. 2005-10-26 17:33:49 +00:00
patch-af Add DragonFly support. 2005-10-26 17:33:07 +00:00
patch-al
patch-am o Add missing RCSID tags to patch-a{a,m} and use pkglint. 2005-03-08 16:48:11 +00:00
patch-aq Update mysql4-* to 4.1.8a. 2005-01-10 15:47:18 +00:00
patch-ar Update mysql4-client and mysql4-server to version 4.1.19. 2006-05-26 18:25:34 +00:00
patch-as Update mysql4* to 4.1.14: 2005-09-26 22:34:49 +00:00
patch-aw Update mysql4-client and mysql4-server to version 4.1.19. 2006-05-26 18:25:34 +00:00
patch-ax Update mysql4-client and mysql4-server to version 4.1.19. 2006-05-26 18:25:34 +00:00
patch-bd Update mysql4-client and mysql4-server to version 4.1.21. 2006-08-31 12:42:42 +00:00
patch-be Update mysql4-client and mysql4-server to version 4.1.20. 2006-06-19 07:52:59 +00:00