Date: Mon, 17 May 2004 13:04:57 +0300 From: Peter Pentchev <roam@ringlet.net> To: Alex Dupre <ale@FreeBSD.org> Cc: ports@FreeBSD.org Subject: databases/mysql* fix for mysqlbug.sh Message-ID: <20040517100457.GE979@straylight.m.ringlet.net>
next in thread | raw e-mail | index | archive | help
--IrhDeMKUP4DT/M7F Content-Type: text/plain; charset=windows-1251 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi, What do you think about the attached patch, taken from the MySQL BitKeeper repository, that fixes the mysqlbug.sh symlink vulnerability announced back in March and brought up recently on -security? This patch is for the mysql40-* ports, but the mysqlbug.sh script has not changed in the 4.1 or 5.0 tree, so it should work with those ports, too. Of course, it's your call as maintainer to decide whether to globally bump the PORTREVISION, or only bump it for the -client ports :) G'luck, Peter --=20 Peter Pentchev roam@ringlet.net roam@sbnd.net roam@FreeBSD.org PGP key: http://people.FreeBSD.org/~roam/roam.key.asc Key fingerprint FDBA FD79 C26F 3C51 C95E DF9E ED18 B68D 1619 4553 This inert sentence is my body, but my soul is alive, dancing in the sparks= of your brain. Index: ports/databases/mysql40-server/Makefile =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /home/ncvs/ports/databases/mysql40-server/Makefile,v retrieving revision 1.184 diff -u -r1.184 Makefile --- ports/databases/mysql40-server/Makefile 14 Mar 2004 06:16:09 -0000 1.184 +++ ports/databases/mysql40-server/Makefile 17 May 2004 09:31:55 -0000 @@ -7,7 +7,7 @@ =20 PORTNAME?=3D mysql PORTVERSION=3D 4.0.18 -PORTREVISION?=3D 1 +PORTREVISION?=3D 2 CATEGORIES=3D databases MASTER_SITES=3D ftp://planetmirror.com/pub/mysql/Downloads/MySQL-4.0/ \ http://www.softagency.co.jp/MySQL/Downloads/MySQL-4.0/ \ Index: ports/databases/mysql40-server/files/patch-scripts::mysqlbug.sh =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: ports/databases/mysql40-server/files/patch-scripts::mysqlbug.sh diff -N ports/databases/mysql40-server/files/patch-scripts::mysqlbug.sh --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ ports/databases/mysql40-server/files/patch-scripts::mysqlbug.sh 17 May = 2004 09:30:32 -0000 @@ -0,0 +1,15 @@ +=3D=3D=3D=3D=3D scripts/mysqlbug.sh 1.4 vs 1.4.1.1 =3D=3D=3D=3D=3D +--- scripts/mysqlbug.sh Fri Jan 19 02:46:12 2001 ++++ scripts/mysqlbug.sh Wed Mar 24 21:27:05 2004 +@@ -252,9 +252,9 @@ + if cmp -s $TEMP $TEMP.x + then + echo "File not changed, no bug report submitted." +- cp $TEMP /tmp/failed-mysql-bugreport ++ mv -f $TEMP /tmp/failed-mysql-bugreport + echo "The raw bug report exists in /tmp/failed-mysql-bugreport" +- echo "If you use this remember that the first lines of the report now i= s a lie.." ++ echo "If you use this remember that the first lines of the report are n= ow a lie.." + exit 1 + fi +=20 --IrhDeMKUP4DT/M7F Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQFAqI5J7Ri2jRYZRVMRAoiAAJwIoxDTN89l9qHcJuBMNzGXtI/GIQCeN2PF rALpJbZeR+HrwXAG+hQLgZs= =uWpA -----END PGP SIGNATURE----- --IrhDeMKUP4DT/M7F--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040517100457.GE979>