packages/mysql
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update to 8.0.37 for fix CVEs

Browse Source
This commit is contained in:
wk333 2024-06-12 16:13:05 +08:00
parent 5a18125a67
commit e696df31dc
8 changed files with 89 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
RPM-GPG-KEY-mysql-2023 Normal file
View File

@ -0,0 +1,52 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBGU2rNoBEACSi5t0nL6/Hj3d0PwsbdnbY+SqLUIZ3uWZQm6tsNhvTnahvPPZ
BGdl99iWYTt2KmXp0KeN2s9pmLKkGAbacQP1RqzMFnoHawSMf0qTUVjAvhnI4+qz
MDjTNSBq9fa3nHmOYxownnrRkpiQUM/yD7/JmVENgwWb6akZeGYrXch9jd4XV3t8
OD6TGzTedTki0TDNr6YZYhC7jUm9fK9Zs299pzOXSxRRNGd+3H9gbXizrBu4L/3l
UrNf//rM7OvV9Ho7u9YYyAQ3L3+OABK9FKHNhrpi8Q0cbhvWkD4oCKJ+YZ54XrOG
0YTg/YUAs5/3//FATI1sWdtLjJ5pSb0onV3LIbarRTN8lC4Le/5kd3lcot9J8b3E
MXL5p9OGW7wBfmNVRSUI74Vmwt+v9gyp0Hd0keRCUn8lo/1V0YD9i92KsE+/IqoY
Tjnya/5kX41jB8vr1ebkHFuJ404+G6ETd0owwxq64jLIcsp/GBZHGU0RKKAo9DRL
H7rpQ7PVlnw8TDNlOtWt5EJlBXFcPL+NgWbqkADAyA/XSNeWlqonvPlYfmasnAHA
pMd9NhPQhC7hJTjCiAwG8UyWpV8Dj07DHFQ5xBbkTnKH2OrJtguPqSNYtTASbsWz
09S8ujoTDXFT17NbFM2dMIiq0a4VQB3SzH13H2io9Cbg/TzJrJGmwgoXgwARAQAB
tDZNeVNRTCBSZWxlYXNlIEVuZ2luZWVyaW5nIDxteXNxbC1idWlsZEBvc3Mub3Jh
Y2xlLmNvbT6JAlQEEwEIAD4WIQS8pDQXw7SF3RKOxtS3s7eIqNN4XAUCZTas2gIb
AwUJA8JnAAULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRC3s7eIqNN4XLzoD/9P
lpWtfHlI8eQTHwGsGIwFA+fgipyDElapHw3MO+K9VOEYRZCZSuBXHJe9kjGEVCGU
DrfImvgTuNuqYmVUV+wyhP+w46W/cWVkqZKAW0hNp0TTvu3eDwap7gdk80VF24Y2
Wo0bbiGkpPiPmB59oybGKaJ756JlKXIL4hTtK3/hjIPFnb64Ewe4YLZyoJu0fQOy
A8gXuBoalHhUQTbRpXI0XI3tpZiQemNbfBfJqXo6LP3/LgChAuOfHIQ8alvnhCwx
hNUSYGIRqx+BEbJw1X99Az8XvGcZ36VOQAZztkW7mEfH9NDPz7MXwoEvduc61xwl
MvEsUIaSfn6SGLFzWPClA98UMSJgF6sKb+JNoNbzKaZ8V5w13msLb/pq7hab72HH
99XJbyKNliYj3+KA3q0YLf+Hgt4Y4EhIJ8x2+g690Np7zJF4KXNFbi1BGloLGm78
akY1rQlzpndKSpZq5KWw8FY/1PEXORezg/BPD3Etp0AVKff4YdrDlOkNB7zoHRfF
HAvEuuqti8aMBrbRnRSG0xunMUOEhbYS/wOOTl0g3bF9NpAkfU1Fun57N96Us2T9
gKo9AiOY5DxMe+IrBg4zaydEOovgqNi2wbU0MOBQb23Puhj7ZCIXcpILvcx9ygjk
ONr75w+XQrFDNeux4Znzay3ibXtAPqEykPMZHsZ2sbkCDQRlNqzaARAAsdvBo8WR
qZ5WVVk6lReD8b6Zx83eJUkV254YX9zn5t8KDRjYOySwS75mJIaZLsv0YQjJk+5r
t10tejyCrJIFo9CMvCmjUKtVbgmhfS5+fUDRrYCEZBBSa0Dvn68EBLiHugr+SPXF
6o1hXEUqdMCpB6oVp6X45JVQroCKIH5vsCtw2jU8S2/IjjV0V+E/zitGCiZaoZ1f
6NG7ozyFep1CSAReZu/sssk0pCLlfCebRd9Rz3QjSrQhWYuJa+eJmiF4oahnpUGk
txMD632I9aG+IMfjtNJNtX32MbO+Se+cCtVc3cxSa/pR+89a3cb9IBA5tFF2Qoek
hqo/1mmLi93Xn6uDUhl5tVxTnB217dBT27tw+p0hjd9hXZRQbrIZUTyh3+8EMfmA
jNSIeR+th86xRd9XFRr9EOqrydnALOUr9cT7TfXWGEkFvn6ljQX7f4RvjJOTbc4j
JgVFyu8K+VU6u1NnFJgDiNGsWvnYxAf7gDDbUSXEuC2anhWvxPvpLGmsspngge4y
l+3nv+UqZ9sm6LCebR/7UZ67tYz3p6xzAOVgYsYcxoIUuEZXjHQtsYfTZZhrjUWB
J09jrMvlKUHLnS437SLbgoXVYZmcqwAWpVNOLZf+fFm4IE5aGBG5Dho2CZ6ujngW
9Zkn98T1d4N0MEwwXa2V6T1ijzcqD7GApZUAEQEAAYkCPAQYAQgAJhYhBLykNBfD
tIXdEo7G1Lezt4io03hcBQJlNqzaAhsMBQkDwmcAAAoJELezt4io03hcXqMP/01a
PT3A3Sg7oTQoHdCxj04ELkzrezNWGM+YwbSKrR2LoXR8zf2tBFzc2/Tl98V0+68f
/eCvkvqCuOtq4392Ps23j9W3r5XG+GDOwDsx0gl0E+Qkw07pwdJctA6efsmnRkjF
2YVO0N9MiJA1tc8NbNXpEEHJZ7F8Ri5cpQrGUz/AY0eae2b7QefyP4rpUELpMZPj
c8Px39Fe1DzRbT+5E19TZbrpbwlSYs1iCzS5YGFmpCRyZcLKXo3zS6N22+82cnRB
SPPipiO6WaQawcVMlQO1SX0giB+3/DryfN9VuIYd1EWCGQa3O0MVu6o5KVHwPgl9
R1P6xPZhurkDpAd0b1s4fFxin+MdxwmG7RslZA9CXRPpzo7/fCMW8sYOH15DP+Yf
UckoEreBt+zezBxbIX2CGGWEV9v3UBXadRtwxYQ6sN9bqW4jm1b41vNA17b6CVH6
sVgtU3eN+5Y9an1e5jLD6kFYx+OIeqIIId/TEqwS61csY9aav4j4KLOZFCGNU0FV
ji7NQewSpepTcJwfJDOzmtiDP4vol1ApJGLRwZZZ9PB6wsOgDOoP6sr0YrDI/NNX
2RyXXbglnQ1yJZVSH3/3eo6knG2qTthUKHCRDNKdy9Qqc1x4WWWtSRjh+zX8AvJK
2q1rVLH2/3ilxe9wcAZUlaj3id3TxquAlud4lWDz
=h5nH
-----END PGP PUBLIC KEY BLOCK-----

BIN
mysql-boost-8.0.35.tar.gz.aa
View File

Binary file not shown.

BIN
mysql-boost-8.0.35.tar.gz.ab
View File

Binary file not shown.

BIN
mysql-boost-8.0.35.tar.gz.ac
View File

Binary file not shown.

BIN
mysql-boost-8.0.35.tar.gz.ad
View File

Binary file not shown.

0
mysql-boost-8.0.35.tar.gz → mysql-boost-8.0.37.tar.gz
View File

16
mysql-boost-8.0.37.tar.gz.asc Normal file
View File

@ -0,0 +1,16 @@
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEvKQ0F8O0hd0SjsbUt7O3iKjTeFwFAmYJokEACgkQt7O3iKjT
eFzuPA/8DIiNVe5c8dxp+rjGMrJ2DpoATskQ4l0amQ4uI9sN/OzImnJSe6PktPAw
Ct6emNlU733l7n71k+1LmS3eAY3b7c+6pa2+IPKKzGU0kBKYbJBc7SBzs8rNsh3Q
EelZ6Khy9ZNLZIVke8qp80m2Vn2T25fS8VpqV8U5Oo+WrVaek1/xtUeDyxgJL0yu
E/1xTztulVePN81z8sq1tLhHddfRt06yTzcOj/Iuq0tBao4AAMqHqYN4H69ztNBo
RUUjrFp95FM6GWvFzA8QoPxHat4JpC0Trnb9kXayNORiLb5y+Achsw9/Q30tCnQR
l2tteJkAJ2ZXrdCiFIB2U7SB+8IVO3JFYYLC+HNxdgf+fqPc97V+AsRSIXL2GslR
SnZ24Tn0w75ZmQvRsLlF2s+YIdA+sgsLG8rccXiQKT49C0zqbA2ah9sm7jKuqBIy
Hv5sqjzvho3h1O2wSCPrOXyLaXmg7smnjw0dYUZuX2VxhoOWeg6Y8OWka1a8RX9i
Xa10WAcccFmgYzK+MqblXnzJIrSbZBNCZ6tMPjc8ouTT5w0e9z4iaqJbGx45poLP
JHZnWh5KKxMVEZ+Suiuzhw0IWXUBjKLJwArenWBEk9oxeTHC6CiQBqfLqsSQd9sL
6efpNmoqrQj8TG/64UWlo86K7hxZdYfTp0dbfe/9IrpEks1PWCs=
=pODp
-----END PGP SIGNATURE-----

32
mysql.spec
View File

@ -29,11 +29,11 @@
%bcond_without conflicts
%global sameevr %{?epoch:%{epoch}:}%{version}-%{release}
Name: mysql
Version: 8.0.35
Release: 3
Version: 8.0.37
Release: 1
Summary: MySQL client programs and shared libraries
URL: http://www.mysql.com
License: GPLv2 with exceptions and LGPLv2 and BSD-2-Clause
License: GPL-2.0-or-later AND LGPL-2.1-only AND BSL-1.0 AND GPL-1.0-or-later OR Artistic-1.0-Perl AND BSD-2-Clause
Source0: https://cdn.mysql.com/Downloads/MySQL-8.0/mysql-boost-%{version}.tar.gz
Source2: mysql_config_multilib.sh
Source3: my.cnf.in
@ -48,10 +48,8 @@ Source17: mysql-wait-stop.sh
Source18: mysql@.service.in
Source30: %{pkgnamepatch}.rpmlintrc
Source31: server.cnf.in
Source32: %{name}-boost-%{version}.tar.gz.aa
Source33: %{name}-boost-%{version}.tar.gz.ab
Source34: %{name}-boost-%{version}.tar.gz.ac
Source35: %{name}-boost-%{version}.tar.gz.ad
Source32: https://cdn.mysql.com/Downloads/MySQL-8.0/mysql-boost-%{version}.tar.gz.asc
Source33: https://repo.mysql.com/RPM-GPG-KEY-mysql-2023
Patch1: %{pkgnamepatch}-install-test.patch
Patch3: %{pkgnamepatch}-file-contents.patch
Patch4: %{pkgnamepatch}-scripts.patch
@ -84,7 +82,7 @@ BuildRequires: perl(Getopt::Long) perl(if) perl(IO::File) perl(IO::Handle)
BuildRequires: perl(IO::Socket::INET) perl(IPC::Open3) perl(JSON) perl(lib) perl(LWP::Simple)
BuildRequires: perl(Memoize) perl(Net::Ping) perl(POSIX) perl(Socket) perl(strict)
BuildRequires: perl(Sys::Hostname) perl(Test::More) perl(Time::HiRes) perl(Time::localtime)
BuildRequires: perl(warnings) systemd m4 chrpath
BuildRequires: perl(warnings) systemd m4 chrpath gnupg2 wget
Requires: bash coreutils grep %{name}-common%{?_isa} = %{sameevr}
Provides: bundled(boost) = %{boost_bundled_version}
%if %{with mysql_names}
@ -216,9 +214,10 @@ The package provides Docs for development of MySQL applications.
%prep
cd ../SOURCES
cat %{SOURCE32} %{SOURCE33} %{SOURCE34} %{SOURCE35} > %{SOURCE0}
cd ..
# download source0 and gpg check
wget -qO %{SOURCE0} https://user-repo.openeuler.openatom.cn/lfs-tar/mysql/mysql-boost-%{version}.tar.gz
gpg --import %{SOURCE33}
gpg --verify %{SOURCE32} %{SOURCE0}
%setup -q -n mysql-%{version}
%patch1 -p1
%patch3 -p1
@ -550,6 +549,17 @@ fi
%{_mandir}/man1/mysql_config.1*
%changelog
* Tue May 07 2024 wangkai <13474090681@163.com> - 8.0.37-1
- Update to 8.0.37 for fix CVEs(CVE-2024-20964,CVE-2024-20971,CVE-2024-20976,
CVE-2024-20973,CVE-2024-20978,CVE-2024-20981,CVE-2024-20962,CVE-2024-20977,
CVE-2024-20963,CVE-2024-20965,CVE-2024-20972,CVE-2024-20961,CVE-2024-20982,
CVE-2024-20970,CVE-2024-20967,CVE-2024-20984,CVE-2024-20974,CVE-2024-20966,
CVE-2024-20960,CVE-2024-20985,CVE-2024-20969,CVE-2024-21000,CVE-2024-21069,
CVE-2024-21009,CVE-2024-21087,CVE-2024-21047,CVE-2024-20998,CVE-2024-21013,
CVE-2024-21060,CVE-2024-21008,CVE-2024-21102,CVE-2024-21054,CVE-2024-21062,
CVE-2024-20994,CVE-2024-21096,CVE-2024-21061,CVE-2024-20993,CVE-2024-21055,
CVE-2024-21057,CVE-2023-6129)
* Fri Mar 22 2024 laokz <zhangkai@iscas.ac.cn> - 8.0.35-3
- Add riscv64 to fix-protobuf-version-22-and-up.patch