Change-Id: I252db5ca5a01259f579d4b22f738a51d85119828
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/4692
Tested-by: gerrit-photon <photon-checkins@vmware.com>
Reviewed-by: Anish Swaminathan <anishs@vmware.com>
1 | 1 |
new file mode 100644 |
... | ... |
@@ -0,0 +1,117 @@ |
0 |
+diff --git a/sql/auth/auth_common.h b/sql/auth/auth_common.h |
|
1 |
+index b8a24ed1..023cf06e 100644 |
|
2 |
+--- a/sql/auth/auth_common.h |
|
3 |
+@@ -620,7 +620,8 @@ bool mysql_rename_user(THD *thd, List <LEX_USER> &list); |
|
4 |
+ bool set_and_validate_user_attributes(THD *thd, |
|
5 |
+ LEX_USER *Str, |
|
6 |
+ ulong &what_to_set, |
|
7 |
+- bool is_privileged_user); |
|
8 |
++ bool is_privileged_user, |
|
9 |
++ const char * cmd); |
|
10 |
+ |
|
11 |
+ /* sql_auth_cache */ |
|
12 |
+ int wild_case_compare(CHARSET_INFO *cs, const char *str,const char *wildstr); |
|
13 |
+diff --git a/sql/auth/sql_authorization.cc b/sql/auth/sql_authorization.cc |
|
14 |
+index ef5aeb33..910216d9 100644 |
|
15 |
+--- a/sql/auth/sql_authorization.cc |
|
16 |
+@@ -1321,7 +1321,8 @@ int mysql_table_grant(THD *thd, TABLE_LIST *table_list, |
|
17 |
+ } |
|
18 |
+ |
|
19 |
+ if (set_and_validate_user_attributes(thd, Str, what_to_set, |
|
20 |
+- is_privileged_user)) |
|
21 |
++ is_privileged_user, |
|
22 |
++ revoke_grant?"REVOKE":"GRANT")) |
|
23 |
+ { |
|
24 |
+ result= TRUE; |
|
25 |
+ continue; |
|
26 |
+@@ -1636,7 +1637,8 @@ bool mysql_routine_grant(THD *thd, TABLE_LIST *table_list, bool is_proc, |
|
27 |
+ } |
|
28 |
+ |
|
29 |
+ if (set_and_validate_user_attributes(thd, Str, what_to_set, |
|
30 |
+- is_privileged_user)) |
|
31 |
++ is_privileged_user, |
|
32 |
++ revoke_grant?"REVOKE":"GRANT")) |
|
33 |
+ { |
|
34 |
+ result= TRUE; |
|
35 |
+ continue; |
|
36 |
+@@ -1887,7 +1889,8 @@ bool mysql_grant(THD *thd, const char *db, List <LEX_USER> &list, |
|
37 |
+ } |
|
38 |
+ |
|
39 |
+ if (set_and_validate_user_attributes(thd, Str, what_to_set, |
|
40 |
+- is_privileged_user)) |
|
41 |
++ is_privileged_user, |
|
42 |
++ revoke_grant?"REVOKE":"GRANT")) |
|
43 |
+ { |
|
44 |
+ result= TRUE; |
|
45 |
+ continue; |
|
46 |
+diff --git a/sql/auth/sql_user.cc b/sql/auth/sql_user.cc |
|
47 |
+index bb8f5dc8..f1fdca64 100644 |
|
48 |
+--- a/sql/auth/sql_user.cc |
|
49 |
+@@ -396,6 +396,7 @@ err: |
|
50 |
+ @param what_to_set User attributes |
|
51 |
+ @param is_privileged_user Whether caller has CREATE_USER_ACL |
|
52 |
+ or UPDATE_ACL over mysql.* |
|
53 |
++ @param cmd Command information |
|
54 |
+ |
|
55 |
+ @retval 0 ok |
|
56 |
+ @retval 1 ERROR; |
|
57 |
+@@ -404,7 +405,8 @@ err: |
|
58 |
+ bool set_and_validate_user_attributes(THD *thd, |
|
59 |
+ LEX_USER *Str, |
|
60 |
+ ulong &what_to_set, |
|
61 |
+- bool is_privileged_user) |
|
62 |
++ bool is_privileged_user, |
|
63 |
++ const char * cmd) |
|
64 |
+ { |
|
65 |
+ bool user_exists= false; |
|
66 |
+ ACL_USER *acl_user; |
|
67 |
+@@ -573,6 +575,17 @@ bool set_and_validate_user_attributes(THD *thd, |
|
68 |
+ inbuflen)) |
|
69 |
+ { |
|
70 |
+ plugin_unlock(0, plugin); |
|
71 |
++ |
|
72 |
++ /* |
|
73 |
++ generate_authentication_string may return error status |
|
74 |
++ without setting actual error. |
|
75 |
++ */ |
|
76 |
++ if (!thd->is_error()) |
|
77 |
++ { |
|
78 |
++ String error_user; |
|
79 |
++ append_user(thd, &error_user, Str, FALSE, FALSE); |
|
80 |
++ my_error(ER_CANNOT_USER, MYF(0), cmd, error_user.c_ptr_safe()); |
|
81 |
++ } |
|
82 |
+ return(1); |
|
83 |
+ } |
|
84 |
+ if (buflen) |
|
85 |
+@@ -758,7 +771,8 @@ bool change_password(THD *thd, const char *host, const char *user, |
|
86 |
+ thd->slave_thread) |
|
87 |
+ combo->uses_identified_by_clause= false; |
|
88 |
+ |
|
89 |
+- if (set_and_validate_user_attributes(thd, combo, what_to_set, true)) |
|
90 |
++ if (set_and_validate_user_attributes(thd, combo, what_to_set, |
|
91 |
++ true, "SET PASSWORD")) |
|
92 |
+ { |
|
93 |
+ result= 1; |
|
94 |
+ mysql_mutex_unlock(&acl_cache->lock); |
|
95 |
+@@ -1389,7 +1403,8 @@ bool mysql_create_user(THD *thd, List <LEX_USER> &list, bool if_not_exists) |
|
96 |
+ result= TRUE; |
|
97 |
+ continue; |
|
98 |
+ } |
|
99 |
+- if (set_and_validate_user_attributes(thd, user_name, what_to_update, true)) |
|
100 |
++ if (set_and_validate_user_attributes(thd, user_name, what_to_update, |
|
101 |
++ true, "CREATE USER")) |
|
102 |
+ { |
|
103 |
+ result= TRUE; |
|
104 |
+ continue; |
|
105 |
+@@ -1897,7 +1912,7 @@ bool mysql_alter_user(THD *thd, List <LEX_USER> &list, bool if_exists) |
|
106 |
+ continue; |
|
107 |
+ } |
|
108 |
+ if (set_and_validate_user_attributes(thd, user_from, what_to_alter, |
|
109 |
+- is_privileged_user)) |
|
110 |
++ is_privileged_user, "ALTER USER")) |
|
111 |
+ { |
|
112 |
+ result= true; |
|
113 |
+ continue; |
... | ... |
@@ -1,7 +1,7 @@ |
1 | 1 |
Summary: MySQL. |
2 | 2 |
Name: mysql |
3 | 3 |
Version: 5.7.20 |
4 |
-Release: 1%{?dist} |
|
4 |
+Release: 2%{?dist} |
|
5 | 5 |
License: GPLv2 |
6 | 6 |
Group: Applications/Databases |
7 | 7 |
Vendor: VMware, Inc. |
... | ... |
@@ -9,6 +9,7 @@ Distribution: Photon |
9 | 9 |
Url: http://www.mysql.com |
10 | 10 |
Source0: https://cdn.mysql.com//Downloads/MySQL-5.7/mysql-boost-%{version}.tar.gz |
11 | 11 |
%define sha1 mysql-boost=1fcbaea0d75d71a8a868f518b5b0afaaa18c5cda |
12 |
+Patch0: Fix-CVE-2018-2696.patch |
|
12 | 13 |
|
13 | 14 |
BuildRequires: cmake |
14 | 15 |
BuildRequires: openssl-devel |
... | ... |
@@ -27,6 +28,7 @@ Development headers for developing applications linking to maridb |
27 | 27 |
|
28 | 28 |
%prep |
29 | 29 |
%setup -q %{name}-boost-%{version} |
30 |
+%patch0 -p1 |
|
30 | 31 |
|
31 | 32 |
%build |
32 | 33 |
cmake . \ |
... | ... |
@@ -66,6 +68,8 @@ make test |
66 | 66 |
%{_libdir}/pkgconfig/mysqlclient.pc |
67 | 67 |
|
68 | 68 |
%changelog |
69 |
+* Thu Jan 25 2018 Divya Thaluru <dthaluru@vmware.com> 5.7.20-2 |
|
70 |
+- Added patch for CVE-2018-2696 |
|
69 | 71 |
* Wed Oct 25 2017 Xiaolin Li <xiaolinl@vmware.com> 5.7.20-1 |
70 | 72 |
- Update to version 5.7.20 |
71 | 73 |
* Fri Oct 13 2017 Alexey Makhalov <amakhalov@vmware.com> 5.7.18-3 |