← Back to branch summary

~ubuntu-branches/ubuntu/lucid/mysql-dfsg-5.1/lucid-security

« back to all changes in this revision

Viewing changes to debian/patches/52_CVE-2009-4030.dpatch

  • Committer: Package Import Robot
  • Author(s): Marc Deslauriers
  • Date: 2012-02-22 22:33:55 UTC
  • mfrom: (1.1.5)
  • Revision ID: package-import@ubuntu.com-20120222223355-or06x1euyk8n0ldi
Tags: 5.1.61-0ubuntu0.10.04.1
https://launchpad.net/bugs/937869
* SECURITY UPDATE: Update to 5.1.61 to fix multiple security issues
  (LP: #937869)
  - http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html
  - CVE-2011-2262
  - CVE-2012-0075
  - CVE-2012-0112
  - CVE-2012-0113
  - CVE-2012-0114
  - CVE-2012-0115
  - CVE-2012-0116
  - CVE-2012-0117
  - CVE-2012-0118
  - CVE-2012-0119
  - CVE-2012-0120
  - CVE-2012-0484
  - CVE-2012-0485
  - CVE-2012-0486
  - CVE-2012-0487
  - CVE-2012-0488
  - CVE-2012-0489
  - CVE-2012-0490
  - CVE-2012-0491
  - CVE-2012-0492
  - CVE-2012-0493
  - CVE-2012-0494
  - CVE-2012-0495
  - CVE-2012-0496
* Dropped patches unnecessary with 5.1.61:
  - debian/patches/90_mysql_safer_strmov.dpatch
  - debian/patches/51_ssl_test_certs.dpatch
  - debian/patches/52_CVE-2009-4030.dpatch
  - debian/patches/53_CVE-2009-4484.dpatch
  - debian/patches/54_CVE-2008-7247.dpatch
  - debian/patches/55_CVE-2010-1621.dpatch
  - debian/patches/56_CVE-2010-1850.dpatch
  - debian/patches/57_CVE-2010-1849.dpatch
  - debian/patches/58_CVE-2010-1848.dpatch
  - debian/patches/59_CVE-2010-1626.dpatch
  - debian/patches/60_CVE-2010-2008.dpatch
  - debian/patches/60_CVE-2010-3677.dpatch
  - debian/patches/60_CVE-2010-3678.dpatch
  - debian/patches/60_CVE-2010-3679.dpatch
  - debian/patches/60_CVE-2010-3680.dpatch
  - debian/patches/60_CVE-2010-3681.dpatch
  - debian/patches/60_CVE-2010-3682.dpatch
  - debian/patches/60_CVE-2010-3683.dpatch
  - debian/patches/60_CVE-2010-3833.dpatch
  - debian/patches/60_CVE-2010-3834.dpatch
  - debian/patches/60_CVE-2010-3835.dpatch
  - debian/patches/60_CVE-2010-3836.dpatch
  - debian/patches/60_CVE-2010-3837.dpatch
  - debian/patches/60_CVE-2010-3838.dpatch
  - debian/patches/60_CVE-2010-3839.dpatch
  - debian/patches/60_CVE-2010-3840.dpatch
  - debian/patches/61_disable_longfilename_test.dpatch
  - debian/patches/62_alter_table_fix.dpatch
  - debian/patches/63_cherrypick-upstream-49479.dpatch
  - debian/patches/10_readline_build_fix.dpatch
* debian/mysql-client-5.1.docs: removed EXCEPTIONS-CLIENT file
* debian/mysql-server-5.1.docs,debian/libmysqlclient16.docs,
  debian/libmysqlclient-dev.docs: removed, no longer necessary.

Show diffs side-by-side

added added

removed removed

Lines of Context:
debian/patches/52_CVE-2009-4030.dpatch
1
 
#! /bin/sh /usr/share/dpatch/dpatch-run
2
 
# Description: fix privilege restriction bypass via incorrect calculation
3
 
#  of the mysql_unpacked_real_data_home value
4
 
# Origin: upstream, http://lists.mysql.com/commits/89940
5
 
# Bug: http://bugs.mysql.com/bug.php?id=32167
6
 
 
7
 
@DPATCH@
8
 
diff -urNad mysql-dfsg-5.1-5.1.41~/sql/mysqld.cc mysql-dfsg-5.1-5.1.41/sql/mysqld.cc
9
 
--- mysql-dfsg-5.1-5.1.41~/sql/mysqld.cc        2009-11-04 13:31:01.000000000 -0500
10
 
+++ mysql-dfsg-5.1-5.1.41/sql/mysqld.cc 2010-02-22 16:28:18.000000000 -0500
11
 
@@ -8651,14 +8651,8 @@
12
 
     pos[0]= FN_LIBCHAR;
13
 
     pos[1]= 0;
14
 
   }
15
 
-  convert_dirname(mysql_real_data_home,mysql_real_data_home,NullS);
16
 
-  my_realpath(mysql_unpacked_real_data_home, mysql_real_data_home, MYF(0));
17
 
-  mysql_unpacked_real_data_home_len= strlen(mysql_unpacked_real_data_home);
18
 
-  if (mysql_unpacked_real_data_home[mysql_unpacked_real_data_home_len-1] == FN_LIBCHAR)
19
 
-    --mysql_unpacked_real_data_home_len;
20
 
-
21
 
-
22
 
   convert_dirname(language,language,NullS);
23
 
+  convert_dirname(mysql_real_data_home,mysql_real_data_home,NullS);
24
 
   (void) my_load_path(mysql_home,mysql_home,""); // Resolve current dir
25
 
   (void) my_load_path(mysql_real_data_home,mysql_real_data_home,mysql_home);
26
 
   (void) my_load_path(pidfile_name,pidfile_name,mysql_real_data_home);
27
 
@@ -8666,6 +8660,12 @@
28
 
                                       get_relative_path(PLUGINDIR), mysql_home);
29
 
   opt_plugin_dir_ptr= opt_plugin_dir;
30
 
 
31
 
+  my_realpath(mysql_unpacked_real_data_home, mysql_real_data_home, MYF(0));
32
 
+  mysql_unpacked_real_data_home_len= 
33
 
+    (int) strlen(mysql_unpacked_real_data_home);
34
 
+  if (mysql_unpacked_real_data_home[mysql_unpacked_real_data_home_len-1] == FN_LIBCHAR)
35
 
+    --mysql_unpacked_real_data_home_len;
36
 
+
37
 
   char *sharedir=get_relative_path(SHAREDIR);
38
 
   if (test_if_hard_path(sharedir))
39
 
     strmake(buff,sharedir,sizeof(buff)-1);             /* purecov: tested */