packages/mysql
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!127 Update to 8.0.37 for fix CVEs

Browse Source 
From: @wk333 
Reviewed-by: @wang--ge 
Signed-off-by: @wang--ge
This commit is contained in:
openeuler-ci-bot 2024-05-08 01:21:42 +00:00 committed by Gitee
commit d20b2cf5f4
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
9 changed files with 117 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
RPM-GPG-KEY-mysql-2023 Normal file
View File

@ -0,0 +1,52 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBGU2rNoBEACSi5t0nL6/Hj3d0PwsbdnbY+SqLUIZ3uWZQm6tsNhvTnahvPPZ
BGdl99iWYTt2KmXp0KeN2s9pmLKkGAbacQP1RqzMFnoHawSMf0qTUVjAvhnI4+qz
MDjTNSBq9fa3nHmOYxownnrRkpiQUM/yD7/JmVENgwWb6akZeGYrXch9jd4XV3t8
OD6TGzTedTki0TDNr6YZYhC7jUm9fK9Zs299pzOXSxRRNGd+3H9gbXizrBu4L/3l
UrNf//rM7OvV9Ho7u9YYyAQ3L3+OABK9FKHNhrpi8Q0cbhvWkD4oCKJ+YZ54XrOG
0YTg/YUAs5/3//FATI1sWdtLjJ5pSb0onV3LIbarRTN8lC4Le/5kd3lcot9J8b3E
MXL5p9OGW7wBfmNVRSUI74Vmwt+v9gyp0Hd0keRCUn8lo/1V0YD9i92KsE+/IqoY
Tjnya/5kX41jB8vr1ebkHFuJ404+G6ETd0owwxq64jLIcsp/GBZHGU0RKKAo9DRL
H7rpQ7PVlnw8TDNlOtWt5EJlBXFcPL+NgWbqkADAyA/XSNeWlqonvPlYfmasnAHA
pMd9NhPQhC7hJTjCiAwG8UyWpV8Dj07DHFQ5xBbkTnKH2OrJtguPqSNYtTASbsWz
09S8ujoTDXFT17NbFM2dMIiq0a4VQB3SzH13H2io9Cbg/TzJrJGmwgoXgwARAQAB
tDZNeVNRTCBSZWxlYXNlIEVuZ2luZWVyaW5nIDxteXNxbC1idWlsZEBvc3Mub3Jh
Y2xlLmNvbT6JAlQEEwEIAD4WIQS8pDQXw7SF3RKOxtS3s7eIqNN4XAUCZTas2gIb
AwUJA8JnAAULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRC3s7eIqNN4XLzoD/9P
lpWtfHlI8eQTHwGsGIwFA+fgipyDElapHw3MO+K9VOEYRZCZSuBXHJe9kjGEVCGU
DrfImvgTuNuqYmVUV+wyhP+w46W/cWVkqZKAW0hNp0TTvu3eDwap7gdk80VF24Y2
Wo0bbiGkpPiPmB59oybGKaJ756JlKXIL4hTtK3/hjIPFnb64Ewe4YLZyoJu0fQOy
A8gXuBoalHhUQTbRpXI0XI3tpZiQemNbfBfJqXo6LP3/LgChAuOfHIQ8alvnhCwx
hNUSYGIRqx+BEbJw1X99Az8XvGcZ36VOQAZztkW7mEfH9NDPz7MXwoEvduc61xwl
MvEsUIaSfn6SGLFzWPClA98UMSJgF6sKb+JNoNbzKaZ8V5w13msLb/pq7hab72HH
99XJbyKNliYj3+KA3q0YLf+Hgt4Y4EhIJ8x2+g690Np7zJF4KXNFbi1BGloLGm78
akY1rQlzpndKSpZq5KWw8FY/1PEXORezg/BPD3Etp0AVKff4YdrDlOkNB7zoHRfF
HAvEuuqti8aMBrbRnRSG0xunMUOEhbYS/wOOTl0g3bF9NpAkfU1Fun57N96Us2T9
gKo9AiOY5DxMe+IrBg4zaydEOovgqNi2wbU0MOBQb23Puhj7ZCIXcpILvcx9ygjk
ONr75w+XQrFDNeux4Znzay3ibXtAPqEykPMZHsZ2sbkCDQRlNqzaARAAsdvBo8WR
qZ5WVVk6lReD8b6Zx83eJUkV254YX9zn5t8KDRjYOySwS75mJIaZLsv0YQjJk+5r
t10tejyCrJIFo9CMvCmjUKtVbgmhfS5+fUDRrYCEZBBSa0Dvn68EBLiHugr+SPXF
6o1hXEUqdMCpB6oVp6X45JVQroCKIH5vsCtw2jU8S2/IjjV0V+E/zitGCiZaoZ1f
6NG7ozyFep1CSAReZu/sssk0pCLlfCebRd9Rz3QjSrQhWYuJa+eJmiF4oahnpUGk
txMD632I9aG+IMfjtNJNtX32MbO+Se+cCtVc3cxSa/pR+89a3cb9IBA5tFF2Qoek
hqo/1mmLi93Xn6uDUhl5tVxTnB217dBT27tw+p0hjd9hXZRQbrIZUTyh3+8EMfmA
jNSIeR+th86xRd9XFRr9EOqrydnALOUr9cT7TfXWGEkFvn6ljQX7f4RvjJOTbc4j
JgVFyu8K+VU6u1NnFJgDiNGsWvnYxAf7gDDbUSXEuC2anhWvxPvpLGmsspngge4y
l+3nv+UqZ9sm6LCebR/7UZ67tYz3p6xzAOVgYsYcxoIUuEZXjHQtsYfTZZhrjUWB
J09jrMvlKUHLnS437SLbgoXVYZmcqwAWpVNOLZf+fFm4IE5aGBG5Dho2CZ6ujngW
9Zkn98T1d4N0MEwwXa2V6T1ijzcqD7GApZUAEQEAAYkCPAQYAQgAJhYhBLykNBfD
tIXdEo7G1Lezt4io03hcBQJlNqzaAhsMBQkDwmcAAAoJELezt4io03hcXqMP/01a
PT3A3Sg7oTQoHdCxj04ELkzrezNWGM+YwbSKrR2LoXR8zf2tBFzc2/Tl98V0+68f
/eCvkvqCuOtq4392Ps23j9W3r5XG+GDOwDsx0gl0E+Qkw07pwdJctA6efsmnRkjF
2YVO0N9MiJA1tc8NbNXpEEHJZ7F8Ri5cpQrGUz/AY0eae2b7QefyP4rpUELpMZPj
c8Px39Fe1DzRbT+5E19TZbrpbwlSYs1iCzS5YGFmpCRyZcLKXo3zS6N22+82cnRB
SPPipiO6WaQawcVMlQO1SX0giB+3/DryfN9VuIYd1EWCGQa3O0MVu6o5KVHwPgl9
R1P6xPZhurkDpAd0b1s4fFxin+MdxwmG7RslZA9CXRPpzo7/fCMW8sYOH15DP+Yf
UckoEreBt+zezBxbIX2CGGWEV9v3UBXadRtwxYQ6sN9bqW4jm1b41vNA17b6CVH6
sVgtU3eN+5Y9an1e5jLD6kFYx+OIeqIIId/TEqwS61csY9aav4j4KLOZFCGNU0FV
ji7NQewSpepTcJwfJDOzmtiDP4vol1ApJGLRwZZZ9PB6wsOgDOoP6sr0YrDI/NNX
2RyXXbglnQ1yJZVSH3/3eo6knG2qTthUKHCRDNKdy9Qqc1x4WWWtSRjh+zX8AvJK
2q1rVLH2/3ilxe9wcAZUlaj3id3TxquAlud4lWDz
=h5nH
-----END PGP PUBLIC KEY BLOCK-----

46
mysql-Add-sw64-architecture.patch
View File

@ -14,11 +14,11 @@ Signed-off-by: wxy <xywang7443@stu.jiangna.edu.cn>
.../boost_1_77_0/boost/predef/architecture.h | 1 +
.../boost/predef/architecture/sw_64.h | 54 +
boost/boost_1_77_0/boost/wave/wave_config.hpp | 2 +-
.../icu/icu-release-69-1/source/acinclude.m4 | 6 +
.../icu/icu-release-69-1/source/config.guess | 8 +
extra/icu/icu-release-69-1/source/config.sub | 2 +
extra/icu/icu-release-69-1/source/configure | 8 +-
.../icu/icu-release-69-1/source/configure.ac | 2 +-
.../icu/icu-release-73-1/source/acinclude.m4 | 6 +
.../icu/icu-release-73-1/source/config.guess | 8 +
extra/icu/icu-release-73-1/source/config.sub | 2 +
extra/icu/icu-release-73-1/source/configure | 8 +-
.../icu/icu-release-73-1/source/configure.ac | 2 +-
.../source/i18n/double-conversion-utils.h | 2 +-
extra/rapidjson/include/rapidjson/rapidjson.h | 2 +-
16 files changed, 1319 insertions(+), 5 deletions(-)
@ -1396,10 +1396,10 @@ index dce42d43..abd3d977 100644
defined(BOOST_WAVE_STRINGTYPE_USE_STDSTRING)
#define BOOST_WAVE_STRINGTYPE std::string
diff --git a/extra/icu/icu-release-69-1/source/acinclude.m4 b/extra/icu/icu-release-69-1/source/acinclude.m4
diff --git a/extra/icu/icu-release-73-1/source/acinclude.m4 b/extra/icu/icu-release-73-1/source/acinclude.m4
index 507f41f5..344471c0 100644
--- a/extra/icu/icu-release-69-1/source/acinclude.m4
+++ b/extra/icu/icu-release-69-1/source/acinclude.m4
--- a/extra/icu/icu-release-73-1/source/acinclude.m4
+++ b/extra/icu/icu-release-73-1/source/acinclude.m4
@@ -21,6 +21,12 @@ case "${host}" in
else
icu_cv_host_frag=mh-solaris
@ -1413,10 +1413,10 @@ index 507f41f5..344471c0 100644
alpha*-*-linux-gnu)
if test "$GCC" = yes; then
icu_cv_host_frag=mh-alpha-linux-gcc
diff --git a/extra/icu/icu-release-69-1/source/config.guess b/extra/icu/icu-release-69-1/source/config.guess
diff --git a/extra/icu/icu-release-73-1/source/config.guess b/extra/icu/icu-release-73-1/source/config.guess
index 31e01efe..3eb10f96 100644
--- a/extra/icu/icu-release-69-1/source/config.guess
+++ b/extra/icu/icu-release-69-1/source/config.guess
--- a/extra/icu/icu-release-73-1/source/config.guess
+++ b/extra/icu/icu-release-73-1/source/config.guess
@@ -894,6 +894,14 @@ EOF
UNAME_MACHINE=aarch64_be
echo ${UNAME_MACHINE}-unknown-linux-${LIBC}
@ -1432,10 +1432,10 @@ index 31e01efe..3eb10f96 100644
alpha:Linux:*:*)
case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in
EV5) UNAME_MACHINE=alphaev5 ;;
diff --git a/extra/icu/icu-release-69-1/source/config.sub b/extra/icu/icu-release-69-1/source/config.sub
diff --git a/extra/icu/icu-release-73-1/source/config.sub b/extra/icu/icu-release-73-1/source/config.sub
index fb579478..ad7fd2a7 100644
--- a/extra/icu/icu-release-69-1/source/config.sub
+++ b/extra/icu/icu-release-69-1/source/config.sub
--- a/extra/icu/icu-release-73-1/source/config.sub
+++ b/extra/icu/icu-release-73-1/source/config.sub
@@ -245,6 +245,7 @@ case $basic_machine in
1750a | 580 \
| a29k \
@ -1452,10 +1452,10 @@ index fb579478..ad7fd2a7 100644
| alpha-* | alphaev[4-8]-* | alphaev56-* | alphaev6[78]-* \
| alpha64-* | alpha64ev[4-8]-* | alpha64ev56-* | alpha64ev6[78]-* \
| alphapca5[67]-* | alpha64pca5[67]-* | arc-* | arceb-* \
diff --git a/extra/icu/icu-release-69-1/source/configure b/extra/icu/icu-release-69-1/source/configure
diff --git a/extra/icu/icu-release-73-1/source/configure b/extra/icu/icu-release-73-1/source/configure
index a2ff7e48..a1902502 100755
--- a/extra/icu/icu-release-69-1/source/configure
+++ b/extra/icu/icu-release-69-1/source/configure
--- a/extra/icu/icu-release-73-1/source/configure
+++ b/extra/icu/icu-release-73-1/source/configure
@@ -5249,6 +5249,12 @@ case "${host}" in
else
icu_cv_host_frag=mh-solaris
@ -1478,10 +1478,10 @@ index a2ff7e48..a1902502 100755
CONFIG_CPPFLAGS="${CONFIG_CPPFLAGS} -DU_HAVE_INTTYPES_H=0"
esac
fi
diff --git a/extra/icu/icu-release-69-1/source/configure.ac b/extra/icu/icu-release-69-1/source/configure.ac
diff --git a/extra/icu/icu-release-73-1/source/configure.ac b/extra/icu/icu-release-73-1/source/configure.ac
index 425fdc7b..73e26739 100644
--- a/extra/icu/icu-release-69-1/source/configure.ac
+++ b/extra/icu/icu-release-69-1/source/configure.ac
--- a/extra/icu/icu-release-73-1/source/configure.ac
+++ b/extra/icu/icu-release-73-1/source/configure.ac
@@ -685,7 +685,7 @@ fi
if test "$CC" = ccc; then
AC_MSG_RESULT("C compiler set to CCC ${CC}" )
@ -1491,10 +1491,10 @@ index 425fdc7b..73e26739 100644
CONFIG_CPPFLAGS="${CONFIG_CPPFLAGS} -DU_HAVE_INTTYPES_H=0"
esac
fi
diff --git a/extra/icu/icu-release-69-1/source/i18n/double-conversion-utils.h b/extra/icu/icu-release-69-1/source/i18n/double-conversion-utils.h
diff --git a/extra/icu/icu-release-73-1/source/i18n/double-conversion-utils.h b/extra/icu/icu-release-73-1/source/i18n/double-conversion-utils.h
index c9374636..7dcdbf8e 100644
--- a/extra/icu/icu-release-69-1/source/i18n/double-conversion-utils.h
+++ b/extra/icu/icu-release-69-1/source/i18n/double-conversion-utils.h
--- a/extra/icu/icu-release-73-1/source/i18n/double-conversion-utils.h
+++ b/extra/icu/icu-release-73-1/source/i18n/double-conversion-utils.h
@@ -122,7 +122,7 @@ int main(int argc, char** argv) {
defined(__powerpc__) || defined(__ppc__) || defined(__ppc64__) || \
defined(_POWER) || defined(_ARCH_PPC) || defined(_ARCH_PPC64) || \

BIN
mysql-boost-8.0.35.tar.gz.aa
View File

Binary file not shown.

BIN
mysql-boost-8.0.35.tar.gz.ab
View File

Binary file not shown.

BIN
mysql-boost-8.0.35.tar.gz.ac
View File

Binary file not shown.

BIN
mysql-boost-8.0.35.tar.gz.ad
View File

Binary file not shown.

0
mysql-boost-8.0.35.tar.gz → mysql-boost-8.0.37.tar.gz
View File

16
mysql-boost-8.0.37.tar.gz.asc Normal file
View File

@ -0,0 +1,16 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEvKQ0F8O0hd0SjsbUt7O3iKjTeFwFAmYJokEACgkQt7O3iKjT
eFzuPA/8DIiNVe5c8dxp+rjGMrJ2DpoATskQ4l0amQ4uI9sN/OzImnJSe6PktPAw
Ct6emNlU733l7n71k+1LmS3eAY3b7c+6pa2+IPKKzGU0kBKYbJBc7SBzs8rNsh3Q
EelZ6Khy9ZNLZIVke8qp80m2Vn2T25fS8VpqV8U5Oo+WrVaek1/xtUeDyxgJL0yu
E/1xTztulVePN81z8sq1tLhHddfRt06yTzcOj/Iuq0tBao4AAMqHqYN4H69ztNBo
RUUjrFp95FM6GWvFzA8QoPxHat4JpC0Trnb9kXayNORiLb5y+Achsw9/Q30tCnQR
l2tteJkAJ2ZXrdCiFIB2U7SB+8IVO3JFYYLC+HNxdgf+fqPc97V+AsRSIXL2GslR
SnZ24Tn0w75ZmQvRsLlF2s+YIdA+sgsLG8rccXiQKT49C0zqbA2ah9sm7jKuqBIy
Hv5sqjzvho3h1O2wSCPrOXyLaXmg7smnjw0dYUZuX2VxhoOWeg6Y8OWka1a8RX9i
Xa10WAcccFmgYzK+MqblXnzJIrSbZBNCZ6tMPjc8ouTT5w0e9z4iaqJbGx45poLP
JHZnWh5KKxMVEZ+Suiuzhw0IWXUBjKLJwArenWBEk9oxeTHC6CiQBqfLqsSQd9sL
6efpNmoqrQj8TG/64UWlo86K7hxZdYfTp0dbfe/9IrpEks1PWCs=
=pODp
-----END PGP SIGNATURE-----

38
mysql.spec
View File

@ -29,11 +29,11 @@
%bcond_without conflicts
%global sameevr %{?epoch:%{epoch}:}%{version}-%{release}
Name: mysql
Version: 8.0.35
Version: 8.0.37
Release: 1
Summary: MySQL client programs and shared libraries
URL: http://www.mysql.com
License: GPLv2 with exceptions and LGPLv2 and BSD
License: GPL-2.0-or-later AND LGPL-2.1-only AND BSL-1.0 AND GPL-1.0-or-later OR Artistic-1.0-Perl AND BSD-2-Clause
Source0: https://cdn.mysql.com//Downloads/MySQL-8.0/mysql-boost-%{version}.tar.gz
Source2: mysql_config_multilib.sh
Source3: my.cnf.in
@ -48,10 +48,8 @@ Source17: mysql-wait-stop.sh
Source18: mysql@.service.in
Source30: %{pkgnamepatch}.rpmlintrc
Source31: server.cnf.in
Source32: %{name}-boost-%{version}.tar.gz.aa
Source33: %{name}-boost-%{version}.tar.gz.ab
Source34: %{name}-boost-%{version}.tar.gz.ac
Source35: %{name}-boost-%{version}.tar.gz.ad
Source32: https://cdn.mysql.com/Downloads/MySQL-8.0/mysql-boost-%{version}.tar.gz.asc
Source33: https://repo.mysql.com/RPM-GPG-KEY-mysql-2023
Patch1: %{pkgnamepatch}-install-test.patch
Patch3: %{pkgnamepatch}-file-contents.patch
Patch4: %{pkgnamepatch}-scripts.patch
@ -81,7 +79,7 @@ BuildRequires: perl(Getopt::Long) perl(if) perl(IO::File) perl(IO::Handle)
BuildRequires: perl(IO::Socket::INET) perl(IPC::Open3) perl(JSON) perl(lib) perl(LWP::Simple)
BuildRequires: perl(Memoize) perl(Net::Ping) perl(POSIX) perl(Socket) perl(strict)
BuildRequires: perl(Sys::Hostname) perl(Test::More) perl(Time::HiRes) perl(Time::localtime)
BuildRequires: perl(warnings) systemd m4
BuildRequires: perl(warnings) systemd m4 chrpath gnupg2 wget
Requires: bash coreutils grep %{name}-common%{?_isa} = %{sameevr}
Provides: bundled(boost) = %{boost_bundled_version}
%if %{with mysql_names}
@ -127,7 +125,7 @@ package itself.
%package common
Summary: The shared files required for MySQL server and client
Requires: %{_sysconfdir}/my.cnf
Requires: %{name}-config = %{sameevr}
%description common
The mysql-common package provides the essential shared files for any
MySQL program. You will need to install this package to use any other
@ -146,7 +144,7 @@ The package provides error messages files for the MySQL daemon
Summary: The MySQL server and related files
Suggests: %{name}%{?_isa} = %{sameevr}
Requires: mysql%{?_isa}
Requires: %{name}-common%{?_isa} = %{sameevr} %{_sysconfdir}/my.cnf
Requires: %{name}-common%{?_isa} = %{sameevr} %{name}-config = %{sameevr}
Requires: %{_sysconfdir}/my.cnf.d %{name}-errmsg%{?_isa} = %{sameevr}
%{?mecab:Requires: mecab-ipadic}
Requires: coreutils
@ -212,9 +210,10 @@ The package provides Docs for development of MySQL applications.
%prep
cd ../SOURCES
cat %{SOURCE32} %{SOURCE33} %{SOURCE34} %{SOURCE35} > %{SOURCE0}
cd ..
# download source0 and gpg check
wget -qO %{SOURCE0} https://user-repo.openeuler.openatom.cn/lfs-tar/mysql/mysql-boost-%{version}.tar.gz
gpg --import %{SOURCE33}
gpg --verify %{SOURCE32} %{SOURCE0}
%setup -q -n mysql-%{version}
%patch1 -p1
%patch3 -p1
@ -387,6 +386,7 @@ chmod 644 %{buildroot}%{logrotateddir}/%{daemon_name}
mkdir -p %{buildroot}%{_sysconfdir}/ld.so.conf.d
echo "%{_libdir}/mysql" > %{buildroot}%{_sysconfdir}/ld.so.conf.d/%{name}-%{_arch}.conf
mv %{buildroot}%{_bindir}/mysqld %{buildroot}%{_libexecdir}/mysqld
chrpath -d %{buildroot}%{_libexecdir}/mysqld
mkdir -p %{buildroot}%{_sbindir}
ln -s %{_libexecdir}/mysqld %{buildroot}%{_sbindir}/mysqld
@ -543,6 +543,20 @@ fi
%{_mandir}/man1/mysql_config.1*
%changelog
* Tue May 07 2024 wangkai <13474090681@163.com> - 8.0.37-1
- Update to 8.0.37 for fix CVEs(CVE-2024-20964,CVE-2024-20971,CVE-2024-20976,
CVE-2024-20973,CVE-2024-20978,CVE-2024-20981,CVE-2024-20962,CVE-2024-20977,
CVE-2024-20963,CVE-2024-20965,CVE-2024-20972,CVE-2024-20961,CVE-2024-20982,
CVE-2024-20970,CVE-2024-20967,CVE-2024-20984,CVE-2024-20974,CVE-2024-20966,
CVE-2024-20960,CVE-2024-20985,CVE-2024-20969,CVE-2024-21000,CVE-2024-21069,
CVE-2024-21009,CVE-2024-21087,CVE-2024-21047,CVE-2024-20998,CVE-2024-21013,
CVE-2024-21060,CVE-2024-21008,CVE-2024-21102,CVE-2024-21054,CVE-2024-21062,
CVE-2024-20994,CVE-2024-21096,CVE-2024-21061,CVE-2024-20993,CVE-2024-21055,
CVE-2024-21057,CVE-2023-6129)
* Wed Dec 13 2023 Ge Wang <wang__ge@126.com> - 8.0.35-2
- Remove rpath to fix euler maker build failure
* Tue Nov 07 2023 yaoxin <yao_xin001@hoperun.com> - 8.0.35-1
- Upgrade to 8.0.35 for fix cves