!104 Upgrade to 8.0.35 for fix cves

From: @starlet-dx Reviewed-by: @wang--ge Signed-off-by: @wang--ge
2023-11-14 03:37:33 +00:00 · 2023-11-14 03:37:33 +00:00 · 16b5ca0d56
commit 16b5ca0d56
parent 6b399ac499 6a8a90fdb8
11 changed files with 17 additions and 98 deletions
--- a/CVE-2022-37434-1.patch
+++ b/CVE-2022-37434-1.patch
@ -1,35 +0,0 @@
-From a16f5c7b7c5353cda8c8235d9a6765c7fe3c1231 Mon Sep 17 00:00:00 2001
-From: starlet-dx <15929766099@163.com>
-Date: Tue, 16 May 2023 15:15:10 +0800
-Subject: [PATCH 1/1] Fix a bug when getting a gzip header extra field with
- inflate().
-
-If the extra field was larger than the space the user provided with
-inflateGetHeader(), and if multiple calls of inflate() delivered
-the extra header data, then there could be a buffer overflow of the
-provided space. This commit assures that provided space is not
-exceeded.
---
- extra/zlib/zlib-1.2.12/inflate.c | 5 +++--
- 1 file changed, 3 insertions(+), 2 deletions(-)
-
-diff --git a/extra/zlib/zlib-1.2.12/inflate.c b/extra/zlib/zlib-1.2.12/inflate.c
-index 7be8c636..7a728974 100644
--- a/extra/zlib/zlib-1.2.12/inflate.c
-+++ b/extra/zlib/zlib-1.2.12/inflate.c
-@@ -763,9 +763,10 @@ int flush;
-                 copy = state->length;
-                 if (copy > have) copy = have;
-                 if (copy) {
-+                    len = state->head->extra_len - state->length;
-                     if (state->head != Z_NULL &&
-                        state->head->extra != Z_NULL) {
-                        len = state->head->extra_len - state->length;
-+                        state->head->extra != Z_NULL &&
-+                        len < state->head->extra_max) {
-                         zmemcpy(state->head->extra + len, next,
-                                 len + copy > state->head->extra_max ?
-                                 state->head->extra_max - len : copy);
-- 
-2.30.0
-
--- a/CVE-2022-37434-2.patch
+++ b/CVE-2022-37434-2.patch
@ -1,32 +0,0 @@
-From 49a8fd61c4f8db9b8e9a50e70114cedc5842178e Mon Sep 17 00:00:00 2001
-From: starlet-dx <15929766099@163.com>
-Date: Tue, 16 May 2023 15:17:40 +0800
-Subject: [PATCH 1/1] Fix extra field processing bug that dereferences NULL
- state->head.
-
-The recent commit to fix a gzip header extra field processing bug
-introduced the new bug fixed here.
---
- extra/zlib/zlib-1.2.12/inflate.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/extra/zlib/zlib-1.2.12/inflate.c b/extra/zlib/zlib-1.2.12/inflate.c
-index 7a728974..2a3c4fe9 100644
--- a/extra/zlib/zlib-1.2.12/inflate.c
-+++ b/extra/zlib/zlib-1.2.12/inflate.c
-@@ -763,10 +763,10 @@ int flush;
-                 copy = state->length;
-                 if (copy > have) copy = have;
-                 if (copy) {
-                    len = state->head->extra_len - state->length;
-                     if (state->head != Z_NULL &&
-                         state->head->extra != Z_NULL &&
-                        len < state->head->extra_max) {
-+                        (len = state->head->extra_len - state->length) <
-+                            state->head->extra_max) {
-                         zmemcpy(state->head->extra + len, next,
-                                 len + copy > state->head->extra_max ?
-                                 state->head->extra_max - len : copy);
-- 
-2.30.0
-
--- a/mysql-arm32-timer.patch
+++ b/mysql-arm32-timer.patch
@ -1,14 +1,16 @@
--- mysql-8.0.24-bak/mysql-test/include/mtr_warnings.sql	2021-03-22 16:44:50.000000000 +0800
-+++ mysql-8.0.24/mysql-test/include/mtr_warnings.sql	2021-05-07 10:58:00.852352992 +0800
-@@ -304,6 +304,11 @@
-  ("Invalid systemd notify socket, cannot send: "),
+diff --git a/mysql-test/include/mtr_warnings.sql b/mysql-test/include/mtr_warnings.sql
+index 78b09285..b7153445 100644
+--- a/mysql-test/include/mtr_warnings.sql
+++ b/mysql-test/include/mtr_warnings.sql
+@@ -376,6 +376,11 @@ INSERT INTO global_suppressions VALUES
 
-  /*
+  ("'mysql_native_password' is deprecated and will be removed in a future release."),
+ 
+ /*
 +   ARM32 don't support timers and get this warning in every test.
 + */
 + ("The CYCLE timer is not available. WAIT events in the performance_schema will not be timed."),
 +
-+ /*
-    Manifest file processing
-  */
-  ("Manifest file '.*' is not read-only. For better security, please make sure that the file is read-only."),
+  ("THE_LAST_SUPPRESSION");
+ 
+ 
--- a/mysql-boost-8.0.30.tar.gz.ad
+++ b/mysql-boost-8.0.30.tar.gz.ad
--- a/mysql-boost-8.0.35.tar.gz
+++ b/mysql-boost-8.0.35.tar.gz
--- a/mysql-boost-8.0.35.tar.gz.aa
+++ b/mysql-boost-8.0.35.tar.gz.aa
--- a/mysql-boost-8.0.35.tar.gz.ab
+++ b/mysql-boost-8.0.35.tar.gz.ab
--- a/mysql-boost-8.0.35.tar.gz.ac
+++ b/mysql-boost-8.0.35.tar.gz.ac
--- a/mysql-boost-8.0.35.tar.gz.ad
+++ b/mysql-boost-8.0.35.tar.gz.ad
--- a/mysql-fix-includes-robin-hood.patch
+++ b/mysql-fix-includes-robin-hood.patch
@ -1,13 +0,0 @@
-# Prevents fails when compiling with gcc11 (Fedora 34)
-# Upstream PR: https://github.com/mysql/mysql-server/pull/323
-
--- mysql-8.0.23/extra/robin-hood-hashing/robin_hood.h.old	2021-02-04 17:15:31.034997221 +0100
-+++ mysql-8.0.23/extra/robin-hood-hashing/robin_hood.h	2021-02-04 17:15:50.781372066 +0100
-@@ -48,6 +48,7 @@
- #include <string>
- #include <type_traits>
- #include <utility>
-+#include <limits>
- #if __cplusplus >= 201703L
- #    include <string_view>
- #endif
--- a/mysql.spec
+++ b/mysql.spec
@ -29,8 +29,8 @@
 %bcond_without conflicts
 %global sameevr   %{?epoch:%{epoch}:}%{version}-%{release}
 Name:                mysql
-Version:             8.0.30
-Release:             4
+Version:             8.0.35
+Release:             1
 Summary:             MySQL client programs and shared libraries
 URL:                 http://www.mysql.com
 License:             GPLv2 with exceptions and LGPLv2 and BSD
@ -59,12 +59,9 @@ Patch5:              %{pkgnamepatch}-paths.patch
 Patch52:             %{pkgnamepatch}-sharedir.patch
 Patch55:             %{pkgnamepatch}-rpath.patch
 Patch75:             %{pkgnamepatch}-arm32-timer.patch
-Patch80:             %{pkgnamepatch}-fix-includes-robin-hood.patch
 Patch81:             disable-moutline-atomics-for-aarch64.patch
 Patch115:            boost-1.58.0-pool.patch
 Patch125:            boost-1.57.0-mpl-print.patch
-Patch126:            CVE-2022-37434-1.patch
-Patch127:            CVE-2022-37434-2.patch
 %ifarch riscv64
 Patch128:            riscv-lock-free.patch
 %endif
@ -218,7 +215,7 @@ The package provides Docs for development of MySQL applications.

 %prep
 cd ../SOURCES
-cat %{SOURCE32} %{SOURCE33} %{SOURCE34} %{SOURCE35} | tar xj
+cat %{SOURCE32} %{SOURCE33} %{SOURCE34} %{SOURCE35} > %{SOURCE0}
 cd ..
 %setup -q -n mysql-%{version}
 %patch1 -p1
@ -228,10 +225,7 @@ cd ..
 %patch52 -p1
 %patch55 -p1
 %patch75 -p1
-%patch80 -p1
 %patch81 -p1
-%patch126 -p1
-%patch127 -p1
 pushd boost/boost_$(echo %{boost_bundled_version}| tr . _)
 %patch115 -p0
 %patch125 -p1
@ -553,6 +547,9 @@ fi
 %{_mandir}/man1/mysql_config.1*

 %changelog
+* Tue Nov 07 2023 yaoxin <yao_xin001@hoperun.com> - 8.0.35-1
+- Upgrade to 8.0.35 for fix cves
+
 * Mon Jul 17 2023 misaka00251 <liuxin@iscas.ac.cn> - 8.0.30-4
 - Import patch from Ubuntu to fix build on riscv64