Current status

Number of commits found XX: 22

fix distinfo

Sponsored by:	Netzkommune GmbH

databases/mysq57-{client, server}: Update to latest release 5.7.32

Full Changelog: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-32.html

Sponsored by:	Netzkommune GmbH

databases/mysq57-{client, server}: Update to latest release 5.7.31

Full Changelog: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-31.html

Submitted by:	fluffy
MFH:		2020Q3
Security:	0ed71663-c369-11ea-b53c-d4c9ef517024
Sponsored by:	Netzkommune GmbH

databases/mysq56-{client, server}: Update to latest release 5.7.30

Bugs Fixed:
- InnoDB: The row_upd_clust_rec_by_insert function, which marks a clustered
index record as deleted and inserts an updated version of the record into the
clustered index, passed an incorrect n_ext value (the total number of external
fields) to lower level functions, causing an assertion failure.
- InnoDB: An operation performed with the innodb_buffer_pool_evict debug
variable set to uncompressed caused an assertion failure.
- InnoDB: An add column operation caused an assertion failure. The failure was
due to a dangling pointer.
- nnoDB: Updating certain InnoDB system variables that take string values raised
invalid read errors during Valgrind testing.
- InnoDB: An insert statement on a table with a spatial index raised a record
type mismatch assertion due to a tuple corruption.
- InnoDB: A function that calculates undo log record size could calculate an
incorrect length value in the case of a corrupted undo log record, resulting in
a malloc failure. Assertion code was added to detect incorrect calculations.
- Replication: While an SQL statement was in the process of being rewritten for
the binary log so that sensitive information did not appear in plain text, if a
SHOW PROCESSLIST statement was used to inspect the query, the query could become
corrupted when it was written to the binary log, causing replication to stop.
The process of rewriting the query is now kept private, and the query thread is
updated only when rewriting is complete.
- Replication: When a GRANT or REVOKE statement is only partially executed, an
incident event is logged in the binary log, which makes the replication slave's
applier thread stop so that the slave can be reconciled manually with the
master. Previously, if a failed GRANT or REVOKE statement was the first
statement executed in the session, no GTID was applied to the incident event
(because the cache manager did not yet exist for the session), causing an error
on the replication slave. Also, no incident event was logged in the situation
where a GRANT statement created a user but then failed because the privileges
had been specified incorrectly, again causing an error on the replication slave.
Both these issues have now been fixed.
- Replication: When a replication slave has a generated column that the master
does not have in that table, with a secondary index on the generated column, the
generated expression should be evaluated and the value stored by the storage
engine in the secondary index. When row-based binary logging is in use, the
replication slave assigns default values to any fields that are not in the
master's definition of the table. In the case of a generated column, which does
not have a default value, the slave was previously assigning a null or a zero
value to the column. This value was then stored by the storage engine in the
secondary index, causing both the table and the index to become corrupted. To
fix this issue, generated columns in a table on a replication slave are now
re-evaluated before the values are sent to the storage engine.
- Replication: In the event of an unplanned disconnection of a replication slave
from the master, the reference to the master's dump thread might not be removed
from the list of registered slaves, in which case statements that accessed the
list of slaves would fail. The issue has now been fixed.
- Replication: With the settings binlog_format=MIXED,
tx_isolation=READ-COMMITTED, and binlog_row_image=FULL, an INSERT ... SELECT
query involving a transactional storage engine omitted any columns with a null
value from the row image written to the binary log. This happened because when
processing INSERT ... SELECT statements, the columns were marked for inserts
before the binary logging format was selected. The issue has now been fixed.

Full Changelog: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-30.html

MFH:		2020Q2
Security:	21d59ea3-8559-11ea-a5e2-d4c9ef517024 (MySQL - Server)
Security:	622b5c47-855b-11ea-a5e2-d4c9ef517024 (MySQL - Client)
Sponsored by:	Netzkommune GmbH

databases/mysq56-{client, server}: Update to latest release 5.7.29

Bugs Fixed:
- InnoDB: os_file_get_parent_dir warnings were encountered when compiling MySQL
with GCC 9.2.0.
- InnoDB: An internal function (btr_push_update_extern_fields()) used to fetch
newly added externally stored fields and update them during a pessimistic update
or when going back to a previous version of a record was no longer required.
Newly added externally stored fields are updated by a different function. Also,
the method used to determine the number of externally stored fields was
corrected.
- InnoDB: A comparison function found two records to be equal when attempting to
merge non-leaf pages of a spatial index. The function was unable to handle this
unexpected condition, which resulted in a long semaphore wait and an eventual
assertion failure.
- Replication: A memory leak could occur when a failed replication group member
tried to rejoin a minority group and was disallowed from doing so.
- Docker packages were missing the LDAP authentication plugins.

More Infos: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-29.html

Approved by:	mmokhi (maintainer, implicit)
MFH:		2020Q1
Security:	a6cf65ad-37d2-11ea-a1c7-b499baebfeaf
Sponsored by:	Netzkommune GmbH

Update to 5.7.28

Changelog: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-28.html

PR:		241920
Approved by:	mmokhi (maintainer, implicit)
Sponsored by:	Netzkommune GmbH

databases/mysq56-{client, server}: Update to latest release 5.7.27

This update includes security fixes on issues that are
mentioned on upstream critical patch report.
Further info:
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html#AppendixMSQL

PR:		239271
Submitted by:	Greg Veldman <freebsd@gregv.net>
Reported by:	Markus Kohlmeyer <rootservice@gmail.com>
Sponsored by:	Platform.sh

databases/mysql57-{client, server}: Update to latest release 5.7.26
This update includes:
Bugfix:
- InnoDB: Optimized internal temporary tables did not support
    in-place UPDATE operations
- InnoDB: A function called by a CREATE TABLE thread attempted access after
free()
- InnoDB: The INDEX_LENGTH value in INFORMATION_SCHEMA.TABLES
    was not updated when adding an index
- The authentication_ldap_simple plugin could enforce authentication incorrectly
More info: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-26.html

Security Fix:
CVE-2019-2632, CVE-2019-1559, CVE-2018-3123, and other fixes.
More info:
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixMSQL

PR:		237399
Reported by:	Brent Busby <brent@jfi.uchicago.edu>
Sponsored by:	The FreeBSD Foundation

databases/mysql57-{client, server}: Update to latest release 5.7.25
This update (released on Jan 21st) includes:
Deprecation:
  -Tools resolveip and resolve_stack_dump utilities are now deprecated.
    (Will be removed on MySQL8.0).
Bugfix:
  -Fix a memory leak caused by a dangling pointer. (Bug #28693568)
  -Fix mishandling of SIGHUP by server could result in a server exit.
    (Bug #27966483, Bug #90742).
  -Correct potential incorrect out-of-memory checks performed by parser.
    (Bug #25633994).

More info from upstream:
  https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-25.html

PR:		234983
Reported by:	 Markus Kohlmeyer < rootservice@gmail.com >
Sponsored by:	The FreeBSD Foundation

databases/mysql57-{client, server}: Update to 5.7.24
Delete merged-to-upstream FreeBSD patches, edit half-merged ones.

Upstream bugfixes:
    Regression of Bug #27753193 (segfault on ALTER TABLE adding primary key,
InnoDB)
    Query interruption during a lock wait caused an error: Bug #28068293
    Raised assertion during an OPTIMIZE TABLE operation for InnoDB: Bug
#27753193
More info on update:
https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-24.html

PR:		232685
Reported by:	Markus Kohlmeyer <rootservice@gmail.com>
Sponsored by:	The FreeBSD Foundation

mysql57-{client, server}: Update ports to 5.7.23
This update includes Oracle Critical Patch Advisory published on July 2018
More info:
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html#AppendixMSQL

PR:		229860
Submitted by:	Dani <i.dani@outlook.com<
Reported by:	Markus Kohlmeyer <rootservice@gmail.com>
Reviewed by:	brnrd , koobs
Sponsored by:	The FreeBSD Foundation

mysql57-{client, server}: Update port to 5.7.22
This update includes fixes for multiple CVEs including:
    CVE-2018-2755 in replication component, MySQL protocol
    CVE-2018-2805 in GIS extention
    CVE-2018-2782 in InnoDB
    and more info on
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixMSQL

PR:		227621
Reported by:	Markus Kohlmeyer <rootservice@gmail.com>
Sponsored by:	Netzkommune GmbH

databases/mysql56-{client, server}: Update to 5.7.21
This update fixes bugs like CVE-2018-2696, CVE-2018-2562, CVE-2018-2640,
CVE-2018-2668, CVE-2017-3737 (and more) in MySQL protocol by upstream.

Delete local patches (CMake plugin macros) that are merged by upstream.

PR:		225195
Sponsored by:	Netzkommune GmbH

databases/mysql57: Update to 5.7.20

Approved by:	ports-secteam (with hat)
MFH:		2017Q4
Security:	c41bedfd-b3f9-11e7-ac58-b499baebfeaf

databases/mysql57-{client/server}: Update to 5.7.19
ChangeLog for this update:
https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-19.html

PR:		220849
Reviewed by:	mat (mentor)
Approved by:	mat (mentor)
Sponsored by:	Netzkommune GmbH
Differential Revision:	https://reviews.freebsd.org/D11656

databases/mysql57-{server client}: Update to latest 5.7.18 release
Fix some no-longer-valid (but needed) patches.

Reviewed by:	feld, mat (mentors)
Approved by:	feld (mentor)
Differential Revision:	https://reviews.freebsd.org/D10392

update mysql57 ports to 5.7.17

 Changelog: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-17.html

PR:		215711
Submitted by:	Mahdi Mokhtari <mokhi64@gmail.com> (maintainer)
Reviewed by:	matthew
Approved by:	matthew (mentor)
Differential Revision:	https://reviews.freebsd.org/D9027

Update to upstream version 5.7.15; fixes zero-day remote vuln CVE-2016-6662

PR:		212690
Submitted by:	mokhi64@gmail.com (maintainer)
MFH:		2016Q3
Security:	CVE 2016-6662

databases/mysql57-{server|client}: 5.7.12 -> 5.7.13

Changes:
  http://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-13.html

PR:		210042
Approved by:	Mahdi Mokhtari <mokhi64@gmail.com> (maintainer)

Update to 5.7.12, fixing 31 partially critical vulnerabilities

List of vulnerabilities is documented on:
http://vuxml.freebsd.org/freebsd/8c2b2f11-0ebe-11e6-b55e-b499baebfeaf.html
CVE IDs see below.

PR:		206998
Submitted by:	mokhi64@gmail.com (maintainer)
Reviewed by:	rootservice@gmail.com
Approved by:	mokhi64@gmail.com (maintainer)
MFH:		2016Q2
Security:	CVE-2016-0705
		CVE-2016-0639
		CVE-2015-3194
		CVE-2016-0640

(Only the first 15 lines of the commit message are shown above )

databases/mysql57-client, databases/mysql57-server:
	change all files that were missed in the last commit

PR:		204607

New ports: databases/mysql57-client, databases/mysql57-server

The next major release of mysql.

MySQL is a very fast, multi-threaded, multi-user and robust SQL
(Structured Query Language) database server.

WWW: http://www.mysql.com/

PR:		204607
Submitted by:	mokhi64@gmail.com
Reviewed by:	koobs, brnrd
Approved by:	mat

Number of commits found XX: 22

14 vulnerabilities affecting 97 ports have been reported in the past 14 days

^* - modified, not new

All vulnerabilities

Last updated:
2021-03-04 09:54:53