buildroot/package/mariadb, branch 2019.02-op-build

package/mariadb: security bump to version 10.3.13

2019-03-27T15:00:04+00:00

Release notes: https://mariadb.com/kb/en/library/mariadb-10313-release-notes/ Changelog: https://mariadb.com/kb/en/mariadb-10313-changelog/ Fixes the following security vulnerabilities: CVE-2019-2510 - Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVE-2019-2537 - Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. Note that the hash for README.md changed due to Travis CI and Appveyor CI updates. Signed-off-by: Ryan Coe Signed-off-by: Peter Korsgaard (cherry picked from commit f389df2334750194b0a19cb5dff86739f2bf7e2d) Signed-off-by: Peter Korsgaard

package/mariadb: security bump version to 10.3.11

2018-12-30T15:33:03+00:00

Remove 0002-cmake-fix-ucontext-dection.path as it is now upstream. Hash updated for README.md because upstream changed bug report links. Release notes: https://mariadb.com/kb/en/mariadb-10311-release-notes/ Changelog: https://mariadb.com/kb/en/mariadb-10311-changelog/ Fixes the following security vulnerabilities: CVE-2018-3282 - Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Storage Engines). Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVE-2016-9843 - The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation. CVE-2018-3174 - Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. While the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVE-2018-3143 - Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVE-2018-3156 - Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVE-2018-3251 - Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVE-2018-3185 - Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability impacts). CVE-2018-3277 - Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVE-2018-3162 - Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVE-2018-3173 - Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVE-2018-3200 - Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVE-2018-3284 - Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. Signed-off-by: Ryan Coe Signed-off-by: Thomas Petazzoni

package/mariadb: add option to disable build of embedded server

2018-10-22T08:43:59+00:00

Size of output/target/usr: with embedded: 1,7G without embedded: 648M This config option saves space on the target if the embedded server is not used by any other package: https://mariadb.com/kb/en/library/embedded-mariadb-interface/ Signed-off-by: Bernd Kuhls Tested-by: Ryan Coe [Peter: make Config.in option depend on _MARIADB_SERVER] Signed-off-by: Peter Korsgaard

package/mariadb: bump version to 10.3.10

2018-10-08T08:18:29+00:00

Release notes: https://mariadb.com/kb/en/library/mariadb-10310-release-notes/ Changelog: https://mariadb.com/kb/en/mariadb-10310-changelog/ This bump also fixes broken atomic support for BR2_TOOLCHAIN_HAS_LIBATOMIC=y with mariadb-10.2: [ 59%] Linking CXX executable mariabackup ../../storage/innobase/libinnobase.a(handler0alter.cc.o): In function `my_atomic_add64': /home/bernd/buildroot/output/build/mariadb-10.2.17/include/my_atomic.h:274: undefined reference to `__sync_fetch_and_add_8' with this defconfig BR2_arcle=y BR2_archs38=y BR2_TOOLCHAIN_EXTERNAL=y BR2_TOOLCHAIN_EXTERNAL_CUSTOM=y BR2_TOOLCHAIN_EXTERNAL_DOWNLOAD=y BR2_TOOLCHAIN_EXTERNAL_URL="http://autobuild.buildroot.org/toolchains/tarballs/br-arcle-hs38-full-2018.02-926-gb393c24.tar.bz2" BR2_TOOLCHAIN_EXTERNAL_GCC_7=y BR2_TOOLCHAIN_EXTERNAL_HEADERS_4_1=y BR2_TOOLCHAIN_EXTERNAL_LOCALE=y BR2_TOOLCHAIN_EXTERNAL_CXX=y BR2_PACKAGE_MYSQL=y BR2_PACKAGE_MARIADB=y BR2_PACKAGE_MARIADB_SERVER=y Adding "-latomic" to CXXFLAGS and/or adding -DHAVE_GCC_ATOMIC_BUILTINS=1 to CONF_OPTS, like we do for mariadb-10.3, does not fix the build error with mariadb-10.2. There the build would stop even earlier without these options: /home/bernd/buildroot/output/build/mariadb-10.2.17/include/my_atomic.h:138:2: error: #error atomic ops for this platform are not implemented #error atomic ops for this platform are not implemented Mariadb-10.3 contains improved atomic support, this build error does not occur here. Updated license hash of README.md after upstream commits: https://github.com/MariaDB/server/commits/10.3/README.md my-small.cnf.sh is not provided anymore by upstream: https://github.com/MariaDB/server/commit/7fee164faf8fce7be4ebe322d2178efd3d075eae [Peter Seiderer: bumped to version 10.3.7] Signed-off-by: Peter Seiderer [Bernd: bumped to version 10.3.10, fixed atomic support, fixed my-small.cnf.sh, updated license hash] Signed-off-by: Bernd Kuhls Signed-off-by: Thomas Petazzoni

package/mariadb: handle missing ucontext_t

2018-10-08T08:18:19+00:00

On some archs uclibc does not provide ucontext_t, for details see https://git.buildroot.net/buildroot/commit/?id=f1cbfeea95e6287c7a666aafc182ffa318eff262 This patch fixes a build error In file included from /home/bernd/buildroot/output/build/mariadb-10.2.17/libmariadb/plugins/pvio/pvio_socket.c:32:0: /home/bernd/buildroot/output/build/mariadb-10.2.17/libmariadb/include/ma_context.h:62:3: error: unknown type name ‘ucontext_t’ ucontext_t base_context; ^~~~~~~~~~ using this defconfig: BR2_arcle=y BR2_archs38=y BR2_TOOLCHAIN_EXTERNAL=y BR2_TOOLCHAIN_EXTERNAL_CUSTOM=y BR2_TOOLCHAIN_EXTERNAL_DOWNLOAD=y BR2_TOOLCHAIN_EXTERNAL_URL="http://autobuild.buildroot.org/toolchains/tarballs/br-arcle-hs38-full-2018.02-926-gb393c24.tar.bz2" BR2_TOOLCHAIN_EXTERNAL_GCC_7=y BR2_TOOLCHAIN_EXTERNAL_HEADERS_4_1=y BR2_TOOLCHAIN_EXTERNAL_LOCALE=y BR2_TOOLCHAIN_EXTERNAL_CXX=y BR2_PACKAGE_MYSQL=y BR2_PACKAGE_MARIADB=y BR2_PACKAGE_MARIADB_SERVER=y Signed-off-by: Bernd Kuhls Signed-off-by: Thomas Petazzoni

mariadb: bump version to 10.2.17

2018-08-21T20:58:14+00:00

Release notes: https://mariadb.com/kb/en/mariadb-10217-release-notes/ Changelog: https://mariadb.com/kb/en/mariadb-10217-changelog/ Note that HOST_MARIADB_CONF_OPTS += -DWITH_SSL=bundled has been changed to HOST_MARIADB_CONF_OPTS += -DWITH_SSL=OFF in order to prevent the following configure error: CMake Error at /usr/share/cmake-3.11/Modules/FindPackageHandleStandardArgs.cmake:137 (message): Could NOT find GnuTLS (missing: GNUTLS_LIBRARY GNUTLS_INCLUDE_DIR) (Required is at least version "3.3.24") Call Stack (most recent call first): /usr/share/cmake-3.11/Modules/FindPackageHandleStandardArgs.cmake:378 (_FPHSA_FAILURE_MESSAGE) /usr/share/cmake-3.11/Modules/FindGnuTLS.cmake:54 (FIND_PACKAGE_HANDLE_STANDARD_ARGS) libmariadb/CMakeLists.txt:303 (FIND_PACKAGE) RocksDB is also disabled to prevent the following build error in some configurations: ./buildroot/output/build/mariadb-10.2.17/storage/rocksdb/rocksdb/utilities/backupable/backupable_db.cc:327:38: error: field 'result' has incomplete type 'std::promise' std::promise result; ./buildroot/output/build/mariadb-10.2.17/storage/rocksdb/rocksdb/utilities/backupable/backupable_db.cc:378:37: error: field 'result' has incomplete type 'std::future' std::future result; ./buildroot/output/build/mariadb-10.2.17/storage/rocksdb/rocksdb/utilities/backupable/backupable_db.cc:425:37: error: field 'result' has incomplete type 'std::future' std::future result; ./buildroot/output/build/mariadb-10.2.17/storage/rocksdb/rocksdb/utilities/backupable/backupable_db.cc: In member function 'rocksdb::Status rocksdb::BackupEngineImpl::AddBackupFileWorkItem(std::unordered_set >&, std::vector&, rocksdb::BackupID, bool, const string&, const string&, rocksdb::RateLimiter*, uint64_t, uint64_t, bool, std::function, const string&)': ./buildroot/output/build/mariadb-10.2.17/storage/rocksdb/rocksdb/utilities/backupable/backupable_db.cc:1366:38: error: aggregate 'std::promise promise_result' has incomplete type and cannot be defined std::promise promise_result; Signed-off-by: Ryan Coe Signed-off-by: Thomas Petazzoni

package/mariadb: security bump to version 10.1.35

2018-08-21T20:58:11+00:00

Fixes CVE-2018-3064, CVE-2018-3063, CVE-2018-3058 & CVE-2018-3066: https://mariadb.com/kb/en/library/mariadb-10135-release-notes/ Added all hashes provided by upstream. Signed-off-by: Bernd Kuhls Signed-off-by: Thomas Petazzoni

mariadb: move comments outside of define block

2018-07-30T12:09:17+00:00

There are two comments inside the post install define block that show up in the build. Fix this by moving the comments outside the block. Signed-off-by: Ryan Coe Signed-off-by: Thomas Petazzoni

mariadb: security bump version to 10.1.33

2018-06-09T14:41:30+00:00

Release notes: https://mariadb.com/kb/en/mariadb-10133-release-notes/ Changelog: https://mariadb.com/kb/en/mariadb-10133-changelog/ Fixes the following security vulnerabilities: CVE-2018-2782 - Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVE-2018-2784 - Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVE-2018-2787 - Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVE-2018-2766 - Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVE-2018-2755 - Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVE-2018-2819 - Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVE-2018-2817 - Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVE-2018-2761 - Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVE-2018-2781 - Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVE-2018-2771 - Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Locking). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVE-2018-2813 - Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. Signed-off-by: Peter Korsgaard Acked-by: Ryan Coe Signed-off-by: Peter Korsgaard

mariadb: bump version to 10.1.32

2018-04-17T06:56:57+00:00

Release notes: https://mariadb.com/kb/en/mariadb-10132-release-notes/ Changelog: https://mariadb.com/kb/en/mariadb-10132-changelog/ Signed-off-by: Ryan Coe Signed-off-by: Thomas Petazzoni