mariadb: security bump to 10.2.26
New upstream release. Addresses:
CVE-2019-2805
CVE-2019-2740
CVE-2019-2739
CVE-2019-2737
CVE-2019-2758
Package updates:
- includes "THIRDPARTY" in PKG_LICENSE_FILES
- drops client_ed25519 as a dynamic plugin and install it with the lib
as per upstream decision
- refreshes patches
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
From Release Notes:
Security
MDEV-18686 - Add option to PAM authentication plugin to allow case insensitive username matching
bugfix - multi-update checked privileges on views incorrectly (commit 5057d4637525eadad438d25ee6a4870a4e6b384c)
MDEV-19276 - during connect, write error log warning for ER_DBACCESS_DENIED_ERROR, if log_warnings > 1
MDEV-17456 - Malicious SUPER user can possibly change audit log configuration without leaving traces.
Fixes for the following security vulnerabilities:
CVE-2019-2614
CVE-2019-2627
CVE-2019-2628
OpenWrt changes:
- added PKG_CPE_ID
- shortened default description to make "opkg info" output easier on the eyes
- refreshed patches
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
libedit changed its interface a while back. mariadb currently does not
recognize this interface and instead uses a static old readline version.
It does not link in the system readline due to licence incompatibility.
This commit adds a patch that enables mariadb to detect and use the
system libedit. The patch was sent upstream already ([1]).
[1] https://github.com/MariaDB/server/pull/1001
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Include fix from upstream for MDEV-17200. musl-1.1.20 segfaults when
pthread_detach() is called for already detached threads.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
From Release Notes:
- New variable innodb_log_optimize_ddl for avoiding delay due to page flushing and allowing concurrent backup
- InnoDB updated to 5.7.23
- ALTER TABLE fixes:
MDEV-14637 - Fix hang due to DDL with FOREIGN KEY or persistent statistics
MDEV-15953 - Alter InnoDB Partitioned Table Moves Files (which were originally not in the datadir) to the datadir
MDEV-16515 - InnoDB: Failing assertion: ++retries < 10000 in file dict0dict.cc line 2737
MDEV-16809 - Allow full redo logging for ALTER TABLE
- Temporary tables: MDEV-16713 - InnoDB hang with repeating log entry
- indexed virtual columns: MDEV-15855 - Deadlock between purge thread and DDL statement
- locking: MDEV-16664 - Change the default to innodb_lock_schedule_algorithm=fcfs
- Galera: MDEV-15822 - WSREP: BF lock wait long for trx
- Fixes for the following security vulnerabilities:
CVE-2018-3060
CVE-2018-3064
CVE-2018-3063
CVE-2018-3058
CVE-2018-3066
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Bump to 10.2.x release series which has support for OpenSSL 1.1.x.
- libmariadbclient was replaced by libmaria
- libmaria uses LGPL, hence license info updated
- upstream disabled xtradb engine, innodb is now default (cannot be
built as plugin anymore)
- complex charsets are now all included (size increase), as otherwise
compile fails
- patches adapted/refreshed
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
MariaDB is a drop-in replacement for MySQL. This commit adds a current
and stable version of MariaDB to the tree.
Quite a few ideas/patches were copied from Alpine Linux, Busybox Buildroot
and Debian.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
