Subject: CVS commit: pkgsrc/databases/mysql57-server
From: Adam Ciarcinski
Date: 2016-12-12 20:18:40
Message id: 20161212191840.55542FBA6@cvs.NetBSD.org

Log Message:
Changes 5.7.17:

Compilation Notes
-----------------
For GCC versions higher than 4.4, -fno-expensive-optimizations was replaced with \ 
-ffp-contract=off, which has the effect of enabling more optimizations.

Security Notes
--------------
Incompatible Change: These changes were made to mysqld_safe:
* Unsafe use of rm and chown in mysqld_safe could result in privilege \ 
escalation. chown now can be used only when the target directory is /var/log. An \ 
incompatible change is that if the directory for the Unix socket file is \ 
missing, it is no longer created; instead, an error occurs. Due to these \ 
changes, /bin/bash is required to run mysqld_safe on Solaris. /bin/sh is still \ 
used on other Unix/Linux platforms.
* The --ledir option now is accepted only on the command line, not in option files.
* mysqld_safe ignores the current working directory.

Other related changes:
* Initialization scripts that invoke mysqld_safe pass --basedir explicitly.
* Initialization scripts create the error log file only if the base directory is \ 
/var/log or /var/lib.
* Unused systemd files for SLES were removed.

* MySQL Server now includes a plugin library that enables administrators to \ 
introduce an increasing delay in server response to clients after a certain \ 
number of consecutive failed connection attempts. This capability provides a \ 
deterrent that slows down brute force attacks that attempt to access MySQL user \ 
accounts. For more information, see The Connection-Control Plugin.

* OpenSSL is ending support for version 1.0.1 in December 2016; see \ 
https://www.openssl.org/policies/releasestrat.html. Consequently, MySQL \ 
Commercial Server builds now use version 1.0.2 rather than version 1.0.1, and \ 
the linked OpenSSL library for the MySQL Commercial Server has been updated from \ 
version 1.0.1 to version 1.0.2j. For a description of issues fixed in this \ 
version, see https://www.openssl.org/news/vulnerabilities.html.

This change does not affect the Oracle-produced MySQL Community build of MySQL \ 
Server, which uses the yaSSL library instead.

Files:
RevisionActionfile
1.3modifypkgsrc/databases/mysql57-server/PLIST