Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--00000_index.txt10
-rw-r--r--07342_all_mysql_auth_bypass-5.1.62.patch29
-rw-r--r--07342_all_mysql_auth_bypass-5.5.22.patch17
3 files changed, 56 insertions, 0 deletions
diff --git a/00000_index.txt b/00000_index.txt
index d5cd020..bafb35f 100644
--- a/00000_index.txt
+++ b/00000_index.txt
@@ -767,6 +767,16 @@
@pn mariadb
@@ Gentoo Bug #344031: Fix new TEXTRELs
+@patch 07342_all_mysql_auth_bypass-5.1.62.patch
+@ver 5.01.62.00 to 5.01.62.99
+@pn mysql
+@@ Upstream bug #64884: auth bypass
+
+@patch 07342_all_mysql_auth_bypass-5.5.22.patch
+@ver 5.05.22.00 to 5.05.22.99
+@pn mysql
+@@ Upstream bug #64884: auth bypass
+
@patch 10010_all_show_patches-percona-5.0.75-b12.patch
@ver 5.00.75.00 to 5.00.76.99
@pn mysql-community
diff --git a/07342_all_mysql_auth_bypass-5.1.62.patch b/07342_all_mysql_auth_bypass-5.1.62.patch
new file mode 100644
index 0000000..63cecf1
--- /dev/null
+++ b/07342_all_mysql_auth_bypass-5.1.62.patch
@@ -0,0 +1,29 @@
+Security bug http://bugs.mysql.com/bug.php?id=64884
+Already fixed in MariaDB 5.1.62+/5.5.23+
+
+Depends on the result of check_scramble being cast to char directly.
+
+diff -Nuar mysql.orig/libmysql/password.c mysql/libmysql/password.c
+--- mysql.orig/libmysql/password.c 2012-04-21 10:58:15.485424022 -0700
++++ mysql/libmysql/password.c 2012-04-21 10:57:34.077773190 -0700
+@@ -531,7 +531,7 @@
+ mysql_sha1_reset(&sha1_context);
+ mysql_sha1_input(&sha1_context, buf, SHA1_HASH_SIZE);
+ mysql_sha1_result(&sha1_context, hash_stage2_reassured);
+- return memcmp(hash_stage2, hash_stage2_reassured, SHA1_HASH_SIZE);
++ return test(memcmp(hash_stage2, hash_stage2_reassured, SHA1_HASH_SIZE));
+ }
+
+
+diff -Nuar mysql.orig/sql/password.c mysql/sql/password.c
+--- mysql.orig/sql/password.c 2012-04-21 10:58:18.941478337 -0700
++++ mysql/sql/password.c 2012-04-21 10:57:50.318028470 -0700
+@@ -531,7 +531,7 @@
+ mysql_sha1_reset(&sha1_context);
+ mysql_sha1_input(&sha1_context, buf, SHA1_HASH_SIZE);
+ mysql_sha1_result(&sha1_context, hash_stage2_reassured);
+- return memcmp(hash_stage2, hash_stage2_reassured, SHA1_HASH_SIZE);
++ return test(memcmp(hash_stage2, hash_stage2_reassured, SHA1_HASH_SIZE));
+ }
+
+
diff --git a/07342_all_mysql_auth_bypass-5.5.22.patch b/07342_all_mysql_auth_bypass-5.5.22.patch
new file mode 100644
index 0000000..84e306a
--- /dev/null
+++ b/07342_all_mysql_auth_bypass-5.5.22.patch
@@ -0,0 +1,17 @@
+Security bug http://bugs.mysql.com/bug.php?id=64884
+Already fixed in MariaDB 5.1.62+/5.5.23+
+
+Depends on the result of check_scramble being cast to char directly.
+
+diff -Nuar mysql.orig/sql/password.c mysql/sql/password.c
+--- mysql.orig/sql/password.c 2012-03-02 11:44:47.000000000 -0800
++++ mysql/sql/password.c 2012-04-21 10:59:39.502744613 -0700
+@@ -531,7 +531,7 @@
+ mysql_sha1_reset(&sha1_context);
+ mysql_sha1_input(&sha1_context, buf, SHA1_HASH_SIZE);
+ mysql_sha1_result(&sha1_context, hash_stage2_reassured);
+- return memcmp(hash_stage2, hash_stage2_reassured, SHA1_HASH_SIZE);
++ return test(memcmp(hash_stage2, hash_stage2_reassured, SHA1_HASH_SIZE));
+ }
+
+