#47257 - mariadb is vulnerable to CVE-2021-27928 (RCE)

Package	Source(s)		Maintainer(s)
guix		PTS Buildd Popcon

Message #16 received at 47257@debbugs.gnu.org (full text, mbox, reply):

Received: (at 47257) by debbugs.gnu.org; 19 Mar 2021 11:36:04 +0000
From debbugs-submit-bounces@debbugs.gnu.org Fri Mar 19 07:36:04 2021
Received: from localhost ([127.0.0.1]:48948 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1lNDQB-0004bp-B3
	for submit@debbugs.gnu.org; Fri, 19 Mar 2021 07:36:04 -0400
Received: from mail.zaclys.net ([178.33.93.72]:44217)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <lle-bout@zaclys.net>) id 1lNDQ8-0004bE-AG
 for 47257@debbugs.gnu.org; Fri, 19 Mar 2021 07:36:01 -0400
Received: from localhost.localdomain (lsl43-1_migr-78-195-19-20.fbx.proxad.net
 [78.195.19.20] (may be forged)) (authenticated bits=0)
 by mail.zaclys.net (8.14.7/8.14.7) with ESMTP id 12JBZp2Q030120
 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO);
 Fri, 19 Mar 2021 12:35:54 +0100
DMARC-Filter: OpenDMARC Filter v1.3.2 mail.zaclys.net 12JBZp2Q030120
Authentication-Results: mail.zaclys.net;
 dmarc=fail (p=reject dis=none) header.from=zaclys.net
Authentication-Results: mail.zaclys.net;
 spf=fail smtp.mailfrom=lle-bout@zaclys.net
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zaclys.net;
 s=default; t=1616153754;
 bh=qWUp8GnQdIYHEw/DSf/GhUJTwLiKfItHRgUVGPS+JQ8=;
 h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
 b=OGVJcTNrMS2z2na9UAaHybGAIzd8UQji21CmDBNMcyhycyHgs8luJ3FtX1DvsOpXP
 griXXVhRKuD1JxOE2nrfBtSnL8ObCEaQTKla62mty2DuVmJOru7LT9Nj3yTPl2mcNB
 tiC9yGMyq5Zi7dWvgB/buj5xMiFabdos4TB0n/XU=
From: Léo Le Bouter <lle-bout@zaclys.net>
To: 47257@debbugs.gnu.org
Subject: [PATCH 1/1] gnu: mariadb: Update to 10.5.9 [fixes CVE-2021-27928].
Date: Fri, 19 Mar 2021 12:35:37 +0100
Message-Id: <20210319113537.18290-2-lle-bout@zaclys.net>
X-Mailer: git-send-email 2.31.0
In-Reply-To: <20210319113537.18290-1-lle-bout@zaclys.net>
References: <20210319113537.18290-1-lle-bout@zaclys.net>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 47257
Cc: Léo Le Bouter <lle-bout@zaclys.net>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

* gnu/packages/databases.scm (mariadb/fixed): New variable.
(mariadb)[replacement]: Graft.
---
 gnu/packages/databases.scm | 33 +++++++++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)

diff --git a/gnu/packages/databases.scm b/gnu/packages/databases.scm
index 8be83f5cbe..6fdb22d7fb 100644
--- a/gnu/packages/databases.scm
+++ b/gnu/packages/databases.scm
@@ -734,6 +734,7 @@ Language.")
                             (append (find-files "extra/wolfssl")
                                     (find-files "zlib")))
                   #t))))
+    (replacement mariadb/fixed)
     (build-system cmake-build-system)
     (outputs '("out" "lib" "dev"))
     (arguments
@@ -969,6 +970,38 @@ Language.")
 as a drop-in replacement of MySQL.")
     (license license:gpl2)))
 
+(define mariadb/fixed
+  (package/inherit mariadb
+    (version "10.5.9")
+    (source (origin
+              (method url-fetch)
+              (uri (string-append "https://downloads.mariadb.com/MariaDB"
+                                  "/mariadb-" version "/source/mariadb-"
+                                  version ".tar.gz"))
+              (sha256
+               (base32
+                "1kv8226ydyh4nyfx432dxqdkbry92c92bwlc33f1y56yp2p1kas0"))
+              (modules '((guix build utils)))
+              (snippet
+               '(begin
+                  ;; Delete bundled snappy and xz.
+                  (delete-file-recursively "storage/tokudb/PerconaFT/third_party")
+                  (substitute* "storage/tokudb/PerconaFT/CMakeLists.txt"
+                    ;; This file checks that the bundled sources are present and
+                    ;; declares build procedures for them.
+                    (("^include\\(TokuThirdParty\\)") ""))
+                  (substitute* "storage/tokudb/PerconaFT/ft/CMakeLists.txt"
+                    ;; Don't attempt to use the procedures we just removed.
+                    ((" build_lzma build_snappy") ""))
+
+                  ;; Preserve CMakeLists.txt for these.
+                  (for-each (lambda (file)
+                              (unless (string-suffix? "CMakeLists.txt" file)
+                                (delete-file file)))
+                            (append (find-files "extra/wolfssl")
+                                    (find-files "zlib")))
+                  #t))))))
+
 (define-public mariadb-connector-c
   (package
     (name "mariadb-connector-c")
-- 
2.31.0

Display info messages

Send a report that this bug log contains spam.

debbugs.gnu.org maintainers <help-debbugs@gnu.org>. Last modified: Sun Dec 22 01:37:42 2024; Machine Name: wallace-server

GNU bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

#47257 mariadb is vulnerable to CVE-2021-27928 (RCE)