CVE-2021-2166 (DoS).
Various hash_XXX functions have been renamed to ma_hashtbl_XXX to fix
an issue with static linking to newer GnuTLS releases;
https://jira.mariadb.org/browse/CONC-543d19c7c6926
These functions don't appear to be in the exported API so I have skipped
bumping the library version so that the same update can be used in stable.
I don't expect problems but if we run into any it can be bumped later.
Out-of-cycle release to fix regressions in MariaDB 10.5.7
Follow up to MDEV-19838 to alter protocol checks to support the
following implementations (which add garbage to the end of some
packets):
mysqlnd (from PHP < 7.3) (MDEV-24121)
mysql-connector-python (all versions) (MDEV-24134)
and mysql-connector-java (all versions)
The kernel used to have a quite small limit for SO_RCVTIMEO/SO_SNDTIMEO,
this lead mysqladmin to error out with its default --connect-timeout
value. But that was before mpi@'s uipc_socket.c rev 1.239 commit, which
extended the maximum timeout for those socket options.
ok Brad (maintainer)
drop ONLY_FOR_ARCHS which with hppa added would be equal to the set
of arches with base-clang/ports-gcc as set in COMPILER, req by jca
"couldn't hurt" brad, ok jca
Bugs fixed (documented as hangs/crashes):
o CVE-2019-2614
o CVE-2019-2627
o CVE-2019-2628
Major update, upstream says running mysql_upgrade is required.
Release notes:
https://mariadb.com/kb/en/library/mariadb-10315-release-notes/
Upstream doesn't provide a default config file any more so I tried to
cook up which seemed reasonable.
This update should also fix mariadb on powerpc, broken since the update
to 10.2.23. Thanks to cwen@ for the tests and tweaks.
ok Brad (maintainer)
For libmariadb don't try to pick up cURL and use external zlib.
For the CONNECT engine don't try to pick up Mongo.
(plus small comment/ONLY_FOR_ARCHS tweaks and s/do-regress/do-test/)
Some config options have changed or have been removed, check your config
file. Also make sure to use mysql_upgrade.
Update effort started by jeremy@, continued by sthen@ and me. Delayed
for some time because of lack of atomic builtins on lots of our base-gcc
platforms. Since we now use ports-gcc to build mariadb, this is not
a problem any more.
This update brings in libiconv and changes the name of the library.
Stuart kindly proposed to handle the WANTLIB syncing.
Test reports for the server from jcs@ and sthen@.
ok sthen@, "go ahead" Brad (maintainer)
some existing COMPILER lines with arch restrictions etc. In the usual
case this is now using "COMPILER = base-clang ports-gcc base-gcc" on
ports with c++ libraries in WANTLIB.
This is basically intended to be a noop on architectures using clang
as the system compiler, but help with other architectures where we
currently have many ports knocked out due to building with an unsuitable
compiler -
- some ports require c++11/newer so the GCC version in base that is used
on these archirtectures is too old.
- some ports have conflicts where an executable is built with one compiler
(e.g. gcc from base) but a library dependency is built with a different
one (e.g. gcc from ports), resulted in mixing incompatible libraries in the
same address space.
devel/gmp is intentionally skipped as it's on the path to building gcc -
the c++ library there is unused in ports (and not built by default upstream)
so intending to disable building gmpcxx in a future commit.
