Security update to 3.23.58.

Fixed buffer overflow in password handling which could potentially be exploited by MySQL users with ALTER privilege on the mysql.user table to execute random code or to gain shell access with the UID of the mysqld process. The complete changelog can be found at: http://www.mysql.com/doc/en/News-3.23.58.html Approved by: marcus (portsmgr)
svn path=/head/; revision=89069
2003-09-19 14:47:59 +00:00 · 2003-09-19 14:47:59 +00:00 · ced2bcb792 · 2021-03-31 03:12:20 +00:00
commit ced2bcb792
parent 6f5e9129c5
3 changed files with 4 additions and 13 deletions
--- a/databases/mysql323-server/Makefile
+++ b/databases/mysql323-server/Makefile
@ -6,7 +6,7 @@
 #

 PORTNAME?=	${MASTERPORTNAME}
-PORTVERSION=	3.23.57
+PORTVERSION=	3.23.58
 #PORTREVISION?=	1
 CATEGORIES=	databases
 MASTER_SITES=	http://www.kernelnotes.de/MySQL/Downloads/MySQL-3.23/ \
--- a/databases/mysql323-server/distinfo
+++ b/databases/mysql323-server/distinfo
@ -1 +1 @@
-MD5 (mysql-3.23.57.tar.gz) = 892f7d97af1ce7502e89d824031abd05
+MD5 (mysql-3.23.58.tar.gz) = 835a96c86132fbde0db36db60c5b34cd
--- a/databases/mysql323-server/files/patch-ag
+++ b/databases/mysql323-server/files/patch-ag
@ -1,5 +1,5 @@
--- configure.orig	Fri Jun  6 10:39:41 2003
-+++ configure	Fri Aug 29 13:26:35 2003
+--- configure.orig	Thu Sep 11 13:49:33 2003
+++ configure	Fri Sep 19 16:37:59 2003
@@ -8070,6 +8070,7 @@
 
 # This can be used to rebuild libtool when needed
@ -138,15 +138,6 @@
 mysql_cv_btype_last_arg_accept=none
 cat >conftest.$ac_ext <<_ACEOF
 #line $LINENO "configure"
-@@ -16942,7 +16886,7 @@
-   FILE *file=fopen("conftestval", "w");
-   f = (float) ll;
-   fprintf(file,"%g\n",f);
-  close(file);
-+  fclose(file);
-   exit (0);
- }
- _ACEOF
@@ -19229,14 +19173,6 @@
 ac_compiler_gnu=$ac_cv_cxx_compiler_gnu