Upgrade to 8.0.35 for fix cves

(cherry picked from commit 4157acc6da16a913e8626a0da11b7b0e65fea6be)
2023-11-07 17:19:32 +08:00 · 2023-11-07 17:19:32 +08:00 · 35f62022bd
commit 35f62022bd
parent 4340f90eb8
12 changed files with 21 additions and 134 deletions
--- a/CVE-2022-37434-1.patch
+++ b/CVE-2022-37434-1.patch
@ -1,38 +0,0 @@
-From a16f5c7b7c5353cda8c8235d9a6765c7fe3c1231 Mon Sep 17 00:00:00 2001
-From: starlet-dx <15929766099@163.com>
-Date: Tue, 16 May 2023 15:15:10 +0800
-Subject: [PATCH 1/1] Fix a bug when getting a gzip header extra field with
- inflate().
-
-If the extra field was larger than the space the user provided with
-inflateGetHeader(), and if multiple calls of inflate() delivered
-the extra header data, then there could be a buffer overflow of the
-provided space. This commit assures that provided space is not
-exceeded.
-
-Origin:
-https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166bece1
---
- extra/zlib/inflate.c | 5 +++--
- 1 file changed, 3 insertions(+), 2 deletions(-)
-
-diff --git a/extra/zlib/inflate.c b/extra/zlib/inflate.c
-index 7be8c636..7a728974 100644
--- a/extra/zlib/inflate.c
-+++ b/extra/zlib/inflate.c
-@@ -763,9 +763,10 @@ int flush;
-                 copy = state->length;
-                 if (copy > have) copy = have;
-                 if (copy) {
-+                    len = state->head->extra_len - state->length;
-                     if (state->head != Z_NULL &&
-                        state->head->extra != Z_NULL) {
-                        len = state->head->extra_len - state->length;
-+                        state->head->extra != Z_NULL &&
-+                        len < state->head->extra_max) {
-                         zmemcpy(state->head->extra + len, next,
-                                 len + copy > state->head->extra_max ?
-                                 state->head->extra_max - len : copy);
-- 
-2.30.0
-
--- a/CVE-2022-37434-2.patch
+++ b/CVE-2022-37434-2.patch
@ -1,35 +0,0 @@
-From 49a8fd61c4f8db9b8e9a50e70114cedc5842178e Mon Sep 17 00:00:00 2001
-From: starlet-dx <15929766099@163.com>
-Date: Tue, 16 May 2023 15:17:40 +0800
-Subject: [PATCH 1/1] Fix extra field processing bug that dereferences NULL
- state->head.
-
-The recent commit to fix a gzip header extra field processing bug
-introduced the new bug fixed here.
-
-Origin:
-https://github.com/madler/zlib/commit/1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d
---
- extra/zlib/inflate.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/extra/zlib/inflate.c b/extra/zlib/inflate.c
-index 7a728974..2a3c4fe9 100644
--- a/extra/zlib/inflate.c
-+++ b/extra/zlib/inflate.c
-@@ -763,10 +763,10 @@ int flush;
-                 copy = state->length;
-                 if (copy > have) copy = have;
-                 if (copy) {
-                    len = state->head->extra_len - state->length;
-                     if (state->head != Z_NULL &&
-                         state->head->extra != Z_NULL &&
-                        len < state->head->extra_max) {
-+                        (len = state->head->extra_len - state->length) <
-+                            state->head->extra_max) {
-                         zmemcpy(state->head->extra + len, next,
-                                 len + copy > state->head->extra_max ?
-                                 state->head->extra_max - len : copy);
-- 
-2.30.0
-
--- a/mysql-Add-sw64-architecture.patch
+++ b/mysql-Add-sw64-architecture.patch
--- a/mysql-arm32-timer.patch
+++ b/mysql-arm32-timer.patch
@ -1,14 +1,16 @@
--- mysql-8.0.24-bak/mysql-test/include/mtr_warnings.sql	2021-03-22 16:44:50.000000000 +0800
-+++ mysql-8.0.24/mysql-test/include/mtr_warnings.sql	2021-05-07 10:58:00.852352992 +0800
-@@ -304,6 +304,11 @@
-  ("Invalid systemd notify socket, cannot send: "),
+diff --git a/mysql-test/include/mtr_warnings.sql b/mysql-test/include/mtr_warnings.sql
+index 78b09285..b7153445 100644
+--- a/mysql-test/include/mtr_warnings.sql
+++ b/mysql-test/include/mtr_warnings.sql
+@@ -376,6 +376,11 @@ INSERT INTO global_suppressions VALUES
 
-  /*
+  ("'mysql_native_password' is deprecated and will be removed in a future release."),
+ 
+ /*
 +   ARM32 don't support timers and get this warning in every test.
 + */
 + ("The CYCLE timer is not available. WAIT events in the performance_schema will not be timed."),
 +
-+ /*
-    Manifest file processing
-  */
-  ("Manifest file '.*' is not read-only. For better security, please make sure that the file is read-only."),
+  ("THE_LAST_SUPPRESSION");
+ 
+ 
--- a/mysql-boost-8.0.35.tar.gz
+++ b/mysql-boost-8.0.35.tar.gz
--- a/mysql-boost-8.0.35.tar.gz.aa
+++ b/mysql-boost-8.0.35.tar.gz.aa
--- a/mysql-boost-8.0.35.tar.gz.ab
+++ b/mysql-boost-8.0.35.tar.gz.ab
--- a/mysql-boost-8.0.35.tar.gz.ac
+++ b/mysql-boost-8.0.35.tar.gz.ac
--- a/mysql-boost-8.0.35.tar.gz.ad
+++ b/mysql-boost-8.0.35.tar.gz.ad
--- a/mysql-chain-certs.patch
+++ b/mysql-chain-certs.patch
@ -1,24 +0,0 @@
-Fix things so that chains of certificates work in the server and client
-certificate files.
-
-This only really works for OpenSSL-based builds, as yassl is unable to read
-multiple certificates from a file.  The patch below to yassl/src/ssl.cpp
-doesn't fix that, but just arranges that the viosslfactories.c patch won't
-have any ill effects in a yassl build.  Since we don't use yassl in Red Hat/
-Fedora builds, I'm not feeling motivated to try to fix yassl for this.
-
-See RH bug #598656.  Filed upstream at http://bugs.mysql.com/bug.php?id=54158
- 
-diff --git a/vio/viosslfactories.cc b/vio/viosslfactories.cc
-index 5e881e3..2927e7f 100644
--- a/vio/viosslfactories.cc
-+++ b/vio/viosslfactories.cc
-@@ -198,7 +198,7 @@ static int vio_set_cert_stuff(SSL_CTX *ctx, const char *cert_file,
-   if (!key_file && cert_file) key_file = cert_file;
- 
-   if (cert_file &&
-      SSL_CTX_use_certificate_file(ctx, cert_file, SSL_FILETYPE_PEM) <= 0) {
-+      SSL_CTX_use_certificate_chain_file(ctx, cert_file) <= 0) {
-     *error = SSL_INITERR_CERT;
-     DBUG_PRINT("error",
-                ("%s from file '%s'", sslGetErrString(*error), cert_file));
--- a/mysql-fix-includes-robin-hood.patch
+++ b/mysql-fix-includes-robin-hood.patch
@ -1,13 +0,0 @@
-# Prevents fails when compiling with gcc11 (Fedora 34)
-# Upstream PR: https://github.com/mysql/mysql-server/pull/323
-
--- mysql-8.0.23/extra/robin-hood-hashing/robin_hood.h.old	2021-02-04 17:15:31.034997221 +0100
-+++ mysql-8.0.23/extra/robin-hood-hashing/robin_hood.h	2021-02-04 17:15:50.781372066 +0100
-@@ -48,6 +48,7 @@
- #include <string>
- #include <type_traits>
- #include <utility>
-+#include <limits>
- #if __cplusplus >= 201703L
- #    include <string_view>
- #endif
--- a/mysql.spec
+++ b/mysql.spec
@ -29,8 +29,8 @@
 %bcond_without conflicts
 %global sameevr   %{?epoch:%{epoch}:}%{version}-%{release}
 Name:                mysql
-Version:             8.0.29
-Release:             3
+Version:             8.0.35
+Release:             1
 Summary:             MySQL client programs and shared libraries
 URL:                 http://www.mysql.com
 License:             GPLv2 with exceptions and LGPLv2 and BSD
@ -48,25 +48,21 @@ Source17:            mysql-wait-stop.sh
 Source18:            mysql@.service.in
 Source30:            %{pkgnamepatch}.rpmlintrc
 Source31:            server.cnf.in
-Source32:           %{name}-boost-%{version}.tar.gz.aa
-Source33:           %{name}-boost-%{version}.tar.gz.ab
-Source34:           %{name}-boost-%{version}.tar.gz.ac
-Source35:           %{name}-boost-%{version}.tar.gz.ad
+Source32:            %{name}-boost-%{version}.tar.gz.aa
+Source33:            %{name}-boost-%{version}.tar.gz.ab
+Source34:            %{name}-boost-%{version}.tar.gz.ac
+Source35:            %{name}-boost-%{version}.tar.gz.ad
 Patch1:              %{pkgnamepatch}-install-test.patch
 Patch3:              %{pkgnamepatch}-file-contents.patch
 Patch4:              %{pkgnamepatch}-scripts.patch
 Patch5:              %{pkgnamepatch}-paths.patch
-Patch51:             %{pkgnamepatch}-chain-certs.patch
 Patch52:             %{pkgnamepatch}-sharedir.patch
 Patch55:             %{pkgnamepatch}-rpath.patch
 Patch75:             %{pkgnamepatch}-arm32-timer.patch
-Patch80:             %{pkgnamepatch}-fix-includes-robin-hood.patch
 Patch81:             disable-moutline-atomics-for-aarch64.patch
 Patch115:            boost-1.58.0-pool.patch
 Patch125:            boost-1.57.0-mpl-print.patch
 Patch126:            mysql-Add-sw64-architecture.patch
-Patch127:            CVE-2022-37434-1.patch
-Patch128:            CVE-2022-37434-2.patch

 BuildRequires:       cmake gcc-c++ libaio-devel libedit-devel libevent-devel libicu-devel lz4
 BuildRequires:       lz4-devel mecab-devel bison libzstd-devel
@ -217,21 +213,17 @@ The package provides Docs for development of MySQL applications.

 %prep
 cd ../SOURCES
-cat %{SOURCE32} %{SOURCE33} %{SOURCE34} %{SOURCE35} | tar xj
+cat %{SOURCE32} %{SOURCE33} %{SOURCE34} %{SOURCE35} > %{SOURCE0}
 cd ..
 %setup -q -n mysql-%{version}
 %patch1 -p1
 %patch3 -p1
 %patch4 -p1
 %patch5 -p1
-%patch51 -p1
 %patch52 -p1
 %patch55 -p1
 %patch75 -p1
-%patch80 -p1
 %patch81 -p1
-%patch127 -p1
-%patch128 -p1
 pushd boost/boost_$(echo %{boost_bundled_version}| tr . _)
 %patch115 -p0
 %patch125 -p1
@ -551,6 +543,9 @@ fi
 %{_mandir}/man1/mysql_config.1*

 %changelog
+* Tue Nov 07 2023 yaoxin <yao_xin001@hoperun.com> - 8.0.35-1
+- Upgrade to 8.0.35 for fix cves
+
 * Tue May 16 2023 yaoxin <yao_xin001@hoperun.com> - 8.0.29-3
 - Fix CVE-2022-37434