upgrade mysql to 8.0.23, fix cves

2021-03-12 12:36:45 +08:00 · 2021-03-12 12:36:45 +08:00 · 51abe1168d
commit 51abe1168d
parent 7d4eef7934
4 changed files with 131 additions and 9 deletions
--- a/disable-moutline-atomics-for-aarch64.patch
+++ b/disable-moutline-atomics-for-aarch64.patch
@ -0,0 +1,37 @@
+From 3603a7c5191c98e86e3b769c5877d17fd18bf39b Mon Sep 17 00:00:00 2001
+From: maminjie <maminjie1@huawei.com>
+Date: Fri, 26 Feb 2021 14:58:05 +0800
+Subject: [PATCH] disable moutline-atomics for aarch64
+
+---
+ CMakeLists.txt | 13 +++++++-------
+ 1 file changed, 7 insertions(+), 7 deletions(-)
+
+diff --git a/CMakeLists.txt b/CMakeLists.txt
+index df69eb90..94557fc9 100644
+--- a/CMakeLists.txt
+++ b/CMakeLists.txt
+@@ -938,13 +938,13 @@ ENDIF()
+ # The -moutline-atomics switch enables run-time detection of LSE support.
+ # There are compilers (gcc 9.3.1 for example) which support this switch, but
+ # do not enable it by default, even though it seems to help. So, we force it.
+-IF(CMAKE_SYSTEM_PROCESSOR STREQUAL "aarch64")
+-  MY_CHECK_CXX_COMPILER_FLAG( "-moutline-atomics" HAVE_OUTLINE_ATOMICS)
+-  IF(HAVE_OUTLINE_ATOMICS)
+-    STRING_APPEND(CMAKE_C_FLAGS   " -moutline-atomics")
+-    STRING_APPEND(CMAKE_CXX_FLAGS " -moutline-atomics")
+-  ENDIF()
+-ENDIF()
+#IF(CMAKE_SYSTEM_PROCESSOR STREQUAL "aarch64")
+#  MY_CHECK_CXX_COMPILER_FLAG( "-moutline-atomics" HAVE_OUTLINE_ATOMICS)
+#  IF(HAVE_OUTLINE_ATOMICS)
+#    STRING_APPEND(CMAKE_C_FLAGS   " -moutline-atomics")
+#    STRING_APPEND(CMAKE_CXX_FLAGS " -moutline-atomics")
+#  ENDIF()
+#ENDIF()
+ 
+ IF(LINUX)
+   OPTION(LINK_RANDOMIZE "Randomize the order of all symbols in the binary" OFF)
+-- 
+2.23.0
+
--- a/mysql-fix-includes-robin-hood.patch
+++ b/mysql-fix-includes-robin-hood.patch
@ -0,0 +1,13 @@
+# Prevents fails when compiling with gcc11 (Fedora 34)
+# Upstream PR: https://github.com/mysql/mysql-server/pull/323
+
+--- mysql-8.0.23/extra/robin-hood-hashing/robin_hood.h.old	2021-02-04 17:15:31.034997221 +0100
+++ mysql-8.0.23/extra/robin-hood-hashing/robin_hood.h	2021-02-04 17:15:50.781372066 +0100
+@@ -48,6 +48,7 @@
+ #include <string>
+ #include <type_traits>
+ #include <utility>
+#include <limits>
+ #if __cplusplus >= 201703L
+ #    include <string_view>
+ #endif
--- a/mysql-main-cast.patch
+++ b/mysql-main-cast.patch
@ -0,0 +1,48 @@
+commit 68730acd9ae7ae8b2fcd25b5ccd18d47038d00b9
+Author: Catalin Besleaga <catalin.besleaga@oracle.com>
+Date:   Mon Jan 4 14:32:05 2021 +0100
+
+    WL#14015: Follow-up: fixed unstable test
+
+    Change-Id: I11f352168902c6689981131cfda3a87ba924941c
+
+diff --git a/mysql-test/r/cast.result b/mysql-test/r/cast.result
+index af82329a9c5..4d81ef111cb 100644
+--- a/mysql-test/r/cast.result
+++ b/mysql-test/r/cast.result
+@@ -1747,6 +1747,7 @@ CAST("2020extra" AS YEAR)
+ 2020
+ Warnings:
+ Warning	1292	Truncated incorrect YEAR value: '2020extra'
+SET timestamp = UNIX_TIMESTAMP('2020-12-22 03:30:00');
+ SELECT CAST(TIMESTAMP'2010-01-01 00:00' AS YEAR);
+ CAST(TIMESTAMP'2010-01-01 00:00' AS YEAR)
+ 2010
+@@ -1764,6 +1765,7 @@ CAST(TIME'08:09:10' AS YEAR)
+ SELECT CAST(TIME'00:00:00' AS YEAR);
+ CAST(TIME'00:00:00' AS YEAR)
+ 2020
+SET timestamp = DEFAULT;
+ SELECT CAST(ST_PointFromText('POINT(10 10)') AS YEAR);
+ ERROR HY000: Incorrect arguments to cast_as_year
+ CREATE TABLE t AS SELECT CAST("2010" AS YEAR);
+diff --git a/mysql-test/t/cast.test b/mysql-test/t/cast.test
+index 1a1f512fca7..a74d79ad91f 100644
+--- a/mysql-test/t/cast.test
+++ b/mysql-test/t/cast.test
+@@ -799,6 +799,7 @@ SELECT CAST("extra" AS YEAR);
+ SELECT CAST("22extra" AS YEAR);
+ SELECT CAST("2020extra" AS YEAR);
+
+SET timestamp = UNIX_TIMESTAMP('2020-12-22 03:30:00');
+ #date[time] values
+ SELECT CAST(TIMESTAMP'2010-01-01 00:00' AS YEAR);
+ SET SQL_MODE = "";
+@@ -807,6 +808,7 @@ SET SQL_MODE = default;
+ SELECT CAST(TIMESTAMP'2010-01-01 08:09:10' AS YEAR);
+ SELECT CAST(TIME'08:09:10' AS YEAR);
+ SELECT CAST(TIME'00:00:00' AS YEAR);
+SET timestamp = DEFAULT;
+
+ #geometry values
+ --error ER_WRONG_ARGUMENTS
--- a/mysql.spec
+++ b/mysql.spec
@ -6,12 +6,15 @@
 %global pkgnamepatch mysql
 %global boost_bundled_version 1.73.0
 Name:              mysql
-Version:           8.0.22
-Release:           3
+Version:           8.0.23
+Release:           1
 License:           GPLv2 with exceptions and LGPLv2 and BSD
 Summary:           The world's most popular open source database
 URL:               http://www.mysql.com/
 Source0:           https://cdn.mysql.com/archives/%{name}-8.0/%{name}-boost-%{version}.tar.gz 
+Source1:           %{name}-boost-%{version}.tar.gz.aa
+Source2:           %{name}-boost-%{version}.tar.gz.ab
+Source3:           %{name}-boost-%{version}.tar.gz.ac
 Patch0:0000-mysql-add-fstack-protector-strong.patch
 Patch1:%{pkgnamepatch}-install-test.patch
 Patch3:%{pkgnamepatch}-file-contents.patch
@ -23,8 +26,11 @@ Patch9:%{pkgnamepatch}-arm32-timer.patch
 Patch10:%{pkgnamepatch}-gcc11.patch
 Patch11:boost-1.58.0-pool.patch
 Patch12:boost-1.57.0-mpl-print.patch
+Patch13:%{pkgnamepatch}-main-cast.patch
+Patch14:%{pkgnamepatch}-fix-includes-robin-hood.patch
+Patch15:disable-moutline-atomics-for-aarch64.patch

-BuildRequires:     cmake openssl-devel ncurses-devel libtirpc-devel rpcgen 
+BuildRequires:     cmake openssl-devel ncurses-devel libtirpc-devel rpcgen libcurl-devel make
 
 Requires:          libatomic >= 1.2.0 libstdc++ >= 7.3.0 ncurses libtirpc openssl ldconfig

@ -43,6 +49,9 @@ the GPL. See the chapter "Licensing and Support" in the manual for
 further info.

 %prep
+cd ../SOURCES
+cat %{SOURCE1} %{SOURCE2} %{SOURCE3} | tar xj
+cd ..
 %setup -q -n %{name}-%{version}
 %patch0 -p1
 %patch1 -p1
@ -53,6 +62,9 @@ further info.
 %patch8 -p1
 %patch9 -p1
 %patch10 -p1
+%patch13 -p1
+%patch14 -p1
+%patch15 -p1
 pushd boost/boost_$(echo %{boost_bundled_version}| tr . _)
 %patch11 -p0
 %patch12 -p1
@ -86,8 +98,8 @@ if [ -f %{_prefix}/local/%{name}/support-files/mysql.server > /dev/null 2>&1 ]
 fi

 if [ -e %{_prefix}/local/%{name}/lib/private ];then
-	echo "%{_prefix}/local/%{name}/lib/private" > %{_sysconfdir}/ld.so.conf.d/%{name}.conf
-   	ldconfig 
+    echo "%{_prefix}/local/%{name}/lib/private" > %{_sysconfdir}/ld.so.conf.d/%{name}.conf
+    ldconfig
 fi

 %preun
@ -97,13 +109,17 @@ fi
 if [ -f %{_initddir}/mysql ];then
    mv %{_initddir}/mysql %{_initddir}/mysql.rpmold
 fi
-if [ -f %{_sysconfdir}/ld.so.conf.d/%{name}.conf ];then
+if [ "$1" = 0 ];then
+    if [ -f %{_sysconfdir}/ld.so.conf.d/%{name}.conf ];then
 	rm -f %{_sysconfdir}/ld.so.conf.d/%{name}.conf
-	ldconfig 
+	ldconfig
+    fi
 fi

 %postun
-userdel -r %{name} &>/dev/null
+if [ "$1" = 0 ];then
+    userdel -r %{name} &>/dev/null
+fi

 %files
 %dir %{_prefix}/local/%{name}
@ -112,11 +128,19 @@ userdel -r %{name} &>/dev/null
 %exclude /usr/lib/debug

 %changelog
+* Wed Mar 10 2021 wangxiao <wangxiao65@huawei.com> 8.0.23-1
+- Upgrade mysql to 8.0.23, fix CVES: CVE-2021-1998 CVE-2021-2002
+  CVE-2021-2010 CVE-2021-2011 CVE-2021-2016 CVE-2021-2021 CVE-2021-2022
+  CVE-2021-2024 CVE-2021-2031 CVE-2021-2032 CVE-2021-2036 CVE-2021-2038
+  CVE-2021-2046 CVE-2021-2048 CVE-2021-2056 CVE-2021-2058 CVE-2021-2060
+  CVE-2021-2061 CVE-2021-2065 CVE-2021-2070 CVE-2021-2072 CVE-2021-2076
+  CVE-2021-2081 CVE-2021-2087 CVE-2021-2088 CVE-2021-2122
+
 * Tue Dec 1  2020 weishengjing <weishengjing1@huawei.com> 8.0.22-3
 - modify symbol issues of spec

 * Mon Nov 30 2020 weishengjing <weishengjing1@huawei.com> 8.0.22-2
- add libprotobuf-lite.so to /usr/lib64  
+- add libprotobuf-lite.so to /usr/lib64

 * Wed Nov 18 2020 weishengjing <weishengjing1@huawei.com> 8.0.22-1
 - New version 8.0.22 fix CVES: CVE-2020-14852 CVE-2020-14794 CVE-2020-14775