Subject: CVS commit: [pkgsrc-2019Q2] pkgsrc/databases
From: Benny Siegert
Date: 2019-09-08 18:55:18
Message id: 20190908165518.62639FBF4@cvs.NetBSD.org

Log Message:
Pullup ticket #6028 - requested by taca
databases/mysql56-client: security fix

Revisions pulled up:
- databases/mysql56-client/Makefile                             1.31
- databases/mysql56-client/Makefile.common                      1.52
- databases/mysql56-client/distinfo                             1.52-1.53
- databases/mysql56-client/patches/patch-include_m__string.h    1.1
- databases/mysql56-client/patches/patch-include_my_net.h       1.2
- databases/mysql56-client/patches/patch-mysys__ssl_my__aes__openssl.cc 1.1
- databases/mysql56-client/patches/patch-sql-common_client__authentication.cc deleted
- databases/mysql56-client/patches/patch-sql_mysqld.cc          1.5
- databases/mysql56-client/patches/patch-sql_rpl__slave.cc      1.3
- databases/mysql56-client/patches/patch-storage_innobase_include_univ.i 1.1
- databases/mysql56-client/patches/patch-vio_vio.c              1.3
- databases/mysql56-client/patches/patch-vio_viosslfactories.c  1.3
- databases/mysql56-server/Makefile                             1.38

---
   Module Name:	pkgsrc
   Committed By:	adam
   Date:		Tue Aug  6 06:55:15 UTC 2019

   Modified Files:
   	pkgsrc/databases/mysql56-client: Makefile Makefile.common distinfo
   	pkgsrc/databases/mysql56-server: Makefile
   Removed Files:
   	pkgsrc/databases/mysql56-client/patches:
   	    patch-sql-common_client__authentication.cc

   Log Message:
   mysql56: updated to 5.6.45

   Changes in MySQL 5.6.45:

   Functionality Added or Changed

   Microsoft Windows: A new warning message now reminds DBAs that connections \ 
made using the MySQL named pipe on Windows has limited the permissions a \ 
connector can request on the named pipe.

   Previously, the named_pipe_full_access_group system variable was set to a \ 
value that maps to the built-in Windows Everyone group (SID S-1-1-0) by default. \ 
However, this group is not ideal and should be replaced with a group that \ 
restricts its membership for connectors that are unable to request fewer \ 
permissions on the MySQL named pipe.

   The new warning is written to the error log at startup if the string value \ 
assigned to named_pipe_full_access_group is '*everyone*' (or the Windows System \ 
Language equivalent) and named pipes are enabled. In addition, the warning is \ 
written to the error log and raised to the client if the system variable is \ 
reset to the Everyone group at runtime.

   Bugs Fixed

   InnoDB: A query that scanned the primary key of a table did not return the \ 
expected result.

   InnoDB: A full-text cache lock taken when data is synchronized was not \ 
released if the full-text cache size exceeded the full-text cache size limit.

   InnoDB: Client sessions using different auto_increment_increment values while \ 
performing concurrent insert operations could cause a duplicate key error.

   Replication: In query log events in the binary log, the thread ID used for \ 
the execution of DROP TABLE and DELETE statements was identified incorrectly or \ 
not at all. On a multi-threaded replication slave, where temporary tables were \ 
involved (which require the correct thread ID as they are session specific), \ 
this omission resulted in errors when using mysqlbinlog to replay the binary log \ 
for point-in-time recovery. The thread ID is now set correctly.

   Installing from RPM packages could result in an error log with incorrect \ 
permissions.

   Enabling audit log encryption could cause a server exit.

   MySQL Installer did not install OpenSSL DLL dependencies if the Development \ 
component was not selected.

   The parser could leak memory for certain multiple-statement queries.

   MySQL does not support OpenSSL session tickets, but did not set the \ 
SSL_OP_NO_TICKET flag to inform OpenSSL of that. The flag is now set.

   UpdateXML() did not always free memory properly in certain cases.

   Empty values in the name column of the mysql.plugin system table caused the \ 
server to exit during startup.

   Some PROXY grants were not replicated to slaves, causing incorrect replication.

   If an INSTALL PLUGIN statement contained invalid UTF-8 characters in the \ 
shared library name, it caused the server to hang (or to raise an assertion in \ 
debug builds).

---
   Module Name:	pkgsrc
   Committed By:	taca
   Date:		Fri Sep  6 10:01:44 UTC 2019

   Modified Files:
   	pkgsrc/databases/mysql56-client: distinfo
   	pkgsrc/databases/mysql56-client/patches: patch-include_my_net.h
   Added Files:
   	pkgsrc/databases/mysql56-client/patches: patch-include_m__string.h
   	    patch-mysys__ssl_my__aes__openssl.cc patch-sql_mysqld.cc
   	    patch-sql_rpl__slave.cc patch-storage_innobase_include_univ.i
   	    patch-vio_vio.c patch-vio_viosslfactories.c

   Log Message:
   databases/mysql56-client: allow build with OpenSSL 1.1.x

   * Allow mysql56-{client,server} build with OpenSSL 1.1.x.
   * Reduce a few useless warnings.

Files:
RevisionActionfile
1.30.2.1modifypkgsrc/databases/mysql56-client/Makefile
1.51.2.1modifypkgsrc/databases/mysql56-client/Makefile.common
1.51.2.1modifypkgsrc/databases/mysql56-client/distinfo
1.1.54.1modifypkgsrc/databases/mysql56-client/patches/patch-include_my_net.h
1.37.2.1modifypkgsrc/databases/mysql56-server/Makefile
1.1.2.2addpkgsrc/databases/mysql56-client/patches/patch-include_m__string.h
1.1.2.2addpkgsrc/databases/mysql56-client/patches/patch-mysys__ssl_my__aes__openssl.cc
1.5.2.2addpkgsrc/databases/mysql56-client/patches/patch-sql_mysqld.cc
1.3.2.2addpkgsrc/databases/mysql56-client/patches/patch-sql_rpl__slave.cc
1.1.2.2addpkgsrc/databases/mysql56-client/patches/patch-storage_innobase_include_univ.i
1.3.2.2addpkgsrc/databases/mysql56-client/patches/patch-vio_vio.c
1.3.2.2addpkgsrc/databases/mysql56-client/patches/patch-vio_viosslfactories.c
1.1removepkgsrc/databases/mysql56-client/patches/patch-sql-common_client__authentication.cc