From unknown Sun Jun 15 08:57:01 2025 X-Loop: help-debbugs@gnu.org Subject: bug#47257: mariadb is vulnerable to CVE-2021-27928 (RCE) Resent-From: =?UTF-8?Q?L=C3=A9o?= Le Bouter Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Fri, 19 Mar 2021 10:26:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 47257 X-GNU-PR-Package: guix X-GNU-PR-Keywords: To: 47257@debbugs.gnu.org X-Debbugs-Original-To: bug-guix@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.161614954618369 (code B ref -1); Fri, 19 Mar 2021 10:26:02 +0000 Received: (at submit) by debbugs.gnu.org; 19 Mar 2021 10:25:46 +0000 Received: from localhost ([127.0.0.1]:48871 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lNCKA-0004mC-FZ for submit@debbugs.gnu.org; Fri, 19 Mar 2021 06:25:46 -0400 Received: from lists.gnu.org ([209.51.188.17]:50662) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lNCK8-0004m5-In for submit@debbugs.gnu.org; Fri, 19 Mar 2021 06:25:44 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:50446) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lNCK7-0006hu-3x for bug-guix@gnu.org; Fri, 19 Mar 2021 06:25:44 -0400 Received: from mail.zaclys.net ([178.33.93.72]:34781) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lNCK4-000792-3T for bug-guix@gnu.org; Fri, 19 Mar 2021 06:25:42 -0400 Received: from guix-xps.local (lsl43-1_migr-78-195-19-20.fbx.proxad.net [78.195.19.20] (may be forged)) (authenticated bits=0) by mail.zaclys.net (8.14.7/8.14.7) with ESMTP id 12JAPZPw023317 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO) for ; Fri, 19 Mar 2021 11:25:36 +0100 DMARC-Filter: OpenDMARC Filter v1.3.2 mail.zaclys.net 12JAPZPw023317 Authentication-Results: mail.zaclys.net; dmarc=fail (p=reject dis=none) header.from=zaclys.net Authentication-Results: mail.zaclys.net; spf=fail smtp.mailfrom=lle-bout@zaclys.net DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zaclys.net; s=default; t=1616149536; bh=1puOrrZCiHA8ILuIcfUwMaf9bq1QdKgqIlxQQejx6NY=; h=Subject:From:To:Date:From; b=mX5vzP0e61HvujFj+Nksb+9o1VHfMGQY93ggIkKs5ajMgo7Q5H786X0dZf4fC6UIg cltCEoGVKs+90YkO0jOYI6JZi2wijckltqLQCRSM9bz9q5eiN07gkKm6TescRpwD1n zhF5JIgqY/D3xTEPA9YmBZBcpSXf9fhCTefrni54= Message-ID: <7d6d60c61fc372f62125ef5a36bc22956db5907e.camel@zaclys.net> From: =?UTF-8?Q?L=C3=A9o?= Le Bouter Date: Fri, 19 Mar 2021 11:25:31 +0100 Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="=-HV4jQBhGNbmjzWfMKcxr" User-Agent: Evolution 3.34.2 MIME-Version: 1.0 Received-SPF: pass client-ip=178.33.93.72; envelope-from=lle-bout@zaclys.net; helo=mail.zaclys.net X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: -1.3 (-) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -2.3 (--) --=-HV4jQBhGNbmjzWfMKcxr Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable CVE-2021-27928 04:15 A remote code execution issue was discovered in MariaDB 10.2 before 10.2.37, 10.3 before 10.3.28, 10.4 before 10.4.18, and 10.5 before 10.5.9; Percona Server through 2021-03-03; and the wsrep patch through 2021-03-03 for MySQL. An untrusted search path leads to eval injection, in which a database SUPER user can execute OS commands after modifying wsrep_provider and wsrep_notify_cmd. NOTE: this does not affect an Oracle product. =46rom https://jira.mariadb.org/browse/MDEV-25179 it looks like 10.5.9 fixes it for us since we package 10.5.8 currently. However: $ ./pre-inst-env guix refresh -l mariadb Building the following 552 packages would ensure 1047 dependent packages are rebuilt: [..] Is it possible to graft mariadb you think? I am thinking this issue doesnt need updating of the "lib" output which is what's causing the high number of dependents AIUI. I am not sure we could actually update individual outputs right now though. Might be a good idea to split the packages for the future. L=C3=A9o --=-HV4jQBhGNbmjzWfMKcxr Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEFIvLi9gL+xax3g6RRaix6GvNEKYFAmBUfBsACgkQRaix6GvN EKZ48xAAg7TTA36nGY+2YV64wogSp0LpXk3kJwoRom9/LSnPuy0JZKo7Z7V8vJyN cYiwvTKjSLm01UqNvsJ4fmoz6+H/LdEfNvTI2INQKZmMjxnBpfmT1dEAa2nfeh+0 160bBxHofksBSuDddLEeeJD+GtUZYpIbm1dRr0KZvOwvqWML3v4HZGfxv/QO+aCL mdtqU9L15bMbbL3GzE4ok1+hevIuPiHTEPOmdlHpOp5EFPi0q+cWmvFc8m5Z+m94 FV9RjdMayV0Ho4rrw7JGHy0viZf5c8kiCArdGmBdUE1XMTNsdJa3DWzN3oPwjRS/ mMvPeSdhC//rxCoQLyRCADUBmOucgqZ6RotH3+SIw0jisQhvKt1hF0TvzQhOdNCX 1CAJoZ3QwsiQrUeui//Ka/lbywkhBwMtbPXxiEM8o/pSHjJcMKZzX+a7e473zbq2 amkvNsfaRDXuExdrG1JYM2p9i7zbpxLvn361ZUCwBIE4PR0sG5XgGHqTZwhp7xyf 0LTH2FHRGkqMQOUlimIETu8F8u3TLyTploojmuWsP2ZgmK99axb02b8mOBwnsDau pugfhYnq5KkcnVy95JEQZnVNiCqNZV6vm90R3U0wUIBzLZBO1me1Qc6P+3cKXPnS WxwqkUQnvc5V/RFUURTBsu9llwaIp0Kp4tmFLKmGx1fJCQQTq34= =Tbur -----END PGP SIGNATURE----- --=-HV4jQBhGNbmjzWfMKcxr-- From debbugs-submit-bounces@debbugs.gnu.org Fri Mar 19 06:30:24 2021 Received: (at control) by debbugs.gnu.org; 19 Mar 2021 10:30:24 +0000 Received: from localhost ([127.0.0.1]:48894 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lNCOe-0005Jj-Cl for submit@debbugs.gnu.org; Fri, 19 Mar 2021 06:30:24 -0400 Received: from mail.zaclys.net ([178.33.93.72]:46291) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lNCOc-0005By-Dy for control@debbugs.gnu.org; Fri, 19 Mar 2021 06:30:22 -0400 Received: from guix-xps.local (lsl43-1_migr-78-195-19-20.fbx.proxad.net [78.195.19.20] (may be forged)) (authenticated bits=0) by mail.zaclys.net (8.14.7/8.14.7) with ESMTP id 12JAUG3b023786 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO) for ; Fri, 19 Mar 2021 11:30:16 +0100 DMARC-Filter: OpenDMARC Filter v1.3.2 mail.zaclys.net 12JAUG3b023786 Authentication-Results: mail.zaclys.net; dmarc=fail (p=reject dis=none) header.from=zaclys.net Authentication-Results: mail.zaclys.net; spf=fail smtp.mailfrom=lle-bout@zaclys.net DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zaclys.net; s=default; t=1616149816; bh=nRi88GB7SaremcxxnP+63crvHG78dwuxH7K+WwTxqHk=; h=Subject:From:To:Date:From; b=rPfij7+khWsvc5p2idQCc6yjhTZA5RJqTQSsEoHV70Fhs/4OB1jstAeZq4o0RyY/5 eZ3Q7L+/bs+s65ekOjDvHUlndYrI8Fqwlbw4oN7O6dCj/bz7nv0K/QNQzY8cjMutt9 qfivYamRYmfTIujVK9B6PP2qh1fCZEN8GVjCGSMc= Message-ID: Subject: From: =?ISO-8859-1?Q?L=E9o?= Le Bouter To: control@debbugs.gnu.org Date: Fri, 19 Mar 2021 11:30:16 +0100 Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="=-VyrbwxKBt9/XGAvE2aaZ" User-Agent: Evolution 3.34.2 MIME-Version: 1.0 X-Spam-Score: 2.8 (++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: tags 47257 + security quit Content analysis details: (2.8 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record 2.0 BLANK_SUBJECT Subject is present but empty 0.8 BODY_EMPTY No body text in message X-Debbugs-Envelope-To: control X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 1.8 (+) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: tags 47257 + security quit Content analysis details: (1.8 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record -1.0 MAILING_LIST_MULTI Multiple indicators imply a widely-seen list manager 2.0 BLANK_SUBJECT Subject is present but empty 0.8 BODY_EMPTY No body text in message --=-VyrbwxKBt9/XGAvE2aaZ Content-Type: text/plain Content-Transfer-Encoding: quoted-printable tags 47257 + security quit --=-VyrbwxKBt9/XGAvE2aaZ Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEFIvLi9gL+xax3g6RRaix6GvNEKYFAmBUfTgACgkQRaix6GvN EKaTjxAAnTsXmN7Q6d++/MXg2Wh35jdyfcMFLnV7xF85KxsOZFRd5gNgrEKD4nzS AZrW//baBYsks6gbjUrjvi5zyaR/iiLNU0c+8vhJeVdvbFBl8SS0TTavlnx7SUlE zJxpoOKeMO1YNW0YU1fRUp0ZQzyZNF7Km2XD7ajduFCEOeDDLnO8uxmpmA97h4rZ +oTo7I1OGge6D6F10OKkO0ZEJ66o70aUtVC0JJJHpDmKnQPCs+KO+zhdGqoSfMBd pDsCirRCD/4STJKpxV9KXdzC6JdwPImDPjnu3DWz32q2oFvLlZ5OGYSZl3bfJFlq YLOZSCez9JQmLoWx4RBVRspMC+Yaek5OWsP0ELINOvNYnM8eesrkqYN58Q5BOdTM jTZihGVy1qWApjVmR9F1ayYiH2Rv4QB+/OUJlyIQIDYNKBR0WaCX6PKzMNxHHcr/ 2ZoE8Jxd7jeo/PUuFJ/bHkTzwgV7Ky1KxAMBLF3s5BTQygzg8mq1rejIWVYh1GfY QO/6XSEe2NMTIVmex0S11poqGsSuBdGVvB19DvXqjGZdGlmkRnj1eeLAmfymaow/ u5s0e2TnpaIsXl8mL5rXYQ8lCbejK4DuwmDmJTDbwRGVduQZQC2odi29sdDVhSWz 6Vna3CaFGWyb/3UyYPjt3nkHLTra7xC/pKX/033RIdmGa82kO1U= =XF1A -----END PGP SIGNATURE----- --=-VyrbwxKBt9/XGAvE2aaZ-- From unknown Sun Jun 15 08:57:01 2025 X-Loop: help-debbugs@gnu.org Subject: bug#47257: mariadb is vulnerable to CVE-2021-27928 (RCE) Resent-From: Julien Lepiller Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Fri, 19 Mar 2021 11:16:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 47257 X-GNU-PR-Package: guix X-GNU-PR-Keywords: security To: lle-bout@zaclys.net, 47257@debbugs.gnu.org X-Debbugs-Original-To: =?UTF-8?Q?L=C3=A9o?= Le Bouter , =?UTF-8?Q?L=C3=A9o?= Le Bouter via Bug reports for GNU Guix , 47257@debbugs.gnu.org Received: via spool by submit@debbugs.gnu.org id=B.16161525517393 (code B ref -1); Fri, 19 Mar 2021 11:16:02 +0000 Received: (at submit) by debbugs.gnu.org; 19 Mar 2021 11:15:51 +0000 Received: from localhost ([127.0.0.1]:48929 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lND6c-0001vA-NU for submit@debbugs.gnu.org; Fri, 19 Mar 2021 07:15:51 -0400 Received: from lists.gnu.org ([209.51.188.17]:40364) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lND6b-0001v3-5u for submit@debbugs.gnu.org; Fri, 19 Mar 2021 07:15:49 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:33026) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lND6a-0005d3-W1 for bug-guix@gnu.org; Fri, 19 Mar 2021 07:15:49 -0400 Received: from lepiller.eu ([2a00:5884:8208::1]:34516) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lND6U-0003d3-IW for bug-guix@gnu.org; Fri, 19 Mar 2021 07:15:48 -0400 Received: from lepiller.eu (localhost [127.0.0.1]) by lepiller.eu (OpenSMTPD) with ESMTP id c171f411; Fri, 19 Mar 2021 11:15:40 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=lepiller.eu; h=date :in-reply-to:references:mime-version:content-type :content-transfer-encoding:subject:to:from:message-id; s=dkim; bh=UEkuNXvWY+NBDKGWwtvOVBR9H4b/uNeOMOM2tEH/BMI=; b=jNSjfo+ddq8R VHA60W9eFVMvqxzYklbXNP2WeA85ZtLR3dc45MKLBPdWzUgIjPlhIfIEllB5yfKA dVIm4Zc2tNLXZwlvqNi9fSITz3JBBI82qU/dVXilA+M7WYiwGjZQ5t7tz7zm6f7a fb2mMwvjHt/C79IWqLHuAsbH3rmPRTO3+CtUuoBGuG2JOvjqpaTBFvYX3aOODE4h Jihuot+DRxWAwzJFNDB+Btm61fdn+xs74wWtAv5DRFdfVzE7TzYpEe5rwxQZr7/6 Hwag0ucxJzXFhM8toKtqM1AaKul8got6Vv6sf3Yaxo0l2vhTX0pcAlL4vAaMmfl9 3rr0KQ5Oiw== Received: by lepiller.eu (OpenSMTPD) with ESMTPSA id 730a576c (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256:NO); Fri, 19 Mar 2021 11:15:40 +0000 (UTC) Date: Fri, 19 Mar 2021 07:15:33 -0400 User-Agent: K-9 Mail for Android In-Reply-To: <7d6d60c61fc372f62125ef5a36bc22956db5907e.camel@zaclys.net> References: <7d6d60c61fc372f62125ef5a36bc22956db5907e.camel@zaclys.net> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----0KPKK8BP7CZ2R9OXF7YPO8PA9298CQ" Content-Transfer-Encoding: 7bit From: Julien Lepiller Message-ID: <65A2F9EE-030F-4174-95B0-4A862188EA3D@lepiller.eu> Received-SPF: pass client-ip=2a00:5884:8208::1; envelope-from=julien@lepiller.eu; helo=lepiller.eu X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: -1.3 (-) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -2.3 (--) ------0KPKK8BP7CZ2R9OXF7YPO8PA9298CQ Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable You need to graft: when building a package, the output hash depends on the = inputs, sources and instructions, so even if the content of the lib output = does not change, its store path does, leading to a rebuild=2E Le 19 mars 2021 06:25:31 GMT-04:00, "L=C3=A9o Le Bouter via Bug reports fo= r GNU Guix" a =C3=A9crit : >CVE-2021-27928 04:15 >A remote code execution issue was discovered in MariaDB 10=2E2 before >10=2E2=2E37, 10=2E3 before 10=2E3=2E28, 10=2E4 before 10=2E4=2E18, and 10= =2E5 before >10=2E5=2E9; Percona Server through 2021-03-03; and the wsrep patch throug= h >2021-03-03 for MySQL=2E An untrusted search path leads to eval injection, >in which a database SUPER user can execute OS commands after modifying >wsrep_provider and wsrep_notify_cmd=2E NOTE: this does not affect an >Oracle product=2E > >>From https://jira=2Emariadb=2Eorg/browse/MDEV-25179 it looks like 10=2E5= =2E9 >fixes it for us since we package 10=2E5=2E8 currently=2E > >However: > >$ =2E/pre-inst-env guix refresh -l mariadb >Building the following 552 packages would ensure 1047 dependent >packages are rebuilt: >[=2E=2E] > >Is it possible to graft mariadb you think? I am thinking this issue >doesnt need updating of the "lib" output which is what's causing the >high number of dependents AIUI=2E I am not sure we could actually update >individual outputs right now though=2E Might be a good idea to split the >packages for the future=2E > >L=C3=A9o ------0KPKK8BP7CZ2R9OXF7YPO8PA9298CQ Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable You need to graft: when building a package, the ou= tput hash depends on the inputs, sources and instructions, so even if the c= ontent of the lib output does not change, its store path does, leading to a= rebuild=2E

Le 19 mars 2021 06:25:31 GMT-= 04:00, "L=C3=A9o Le Bouter via Bug reports for GNU Guix" <bug-guix@gnu= =2Eorg> a =C3=A9crit :
CVE-2021-27928	04:15
A remote code execution issu=
e was discovered in MariaDB 10=2E2 before
10=2E2=2E37, 10=2E3 before 10=
=2E3=2E28, 10=2E4 before 10=2E4=2E18, and 10=2E5 before
10=2E5=2E9; Perc=
ona Server through 2021-03-03; and the wsrep patch through
2021-03-03 fo=
r MySQL=2E An untrusted search path leads to eval injection,
in which a =
database SUPER user can execute OS commands after modifying
wsrep_provid=
er and wsrep_notify_cmd=2E NOTE: this does not affect an
Oracle product=
=2E

From =
https://jira=2Emariadb=2Eorg/browse/MDEV-25179 it looks like 10=2E5=2E9=

fixes it for us since we package 10=2E5=2E8 currently=2E

However=
:

$ =2E/pre-inst-env guix refresh -l mariadb
Building the followi=
ng 552 packages would ensure 1047 dependent
packages are rebuilt:
[=
=2E=2E]

Is it possible to graft mariadb you think? I am thinking thi=
s issue
doesnt need updating of the "lib" output which is what's causing=
 the
high number of dependents AIUI=2E I am not sure we could actually u=
pdate
individual outputs right now though=2E Might be a good idea to spl=
it the
packages for the future=2E

L=C3=A9o
=
------0KPKK8BP7CZ2R9OXF7YPO8PA9298CQ-- From unknown Sun Jun 15 08:57:01 2025 X-Loop: help-debbugs@gnu.org Subject: bug#47257: [PATCH 1/1] gnu: mariadb: Update to 10.5.9 [fixes CVE-2021-27928]. Resent-From: =?UTF-8?Q?L=C3=A9o?= Le Bouter Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Fri, 19 Mar 2021 11:37:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 47257 X-GNU-PR-Package: guix X-GNU-PR-Keywords: security To: 47257@debbugs.gnu.org Cc: =?UTF-8?Q?L=C3=A9o?= Le Bouter Received: via spool by 47257-submit@debbugs.gnu.org id=B47257.161615376417726 (code B ref 47257); Fri, 19 Mar 2021 11:37:01 +0000 Received: (at 47257) by debbugs.gnu.org; 19 Mar 2021 11:36:04 +0000 Received: from localhost ([127.0.0.1]:48948 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lNDQB-0004bp-B3 for submit@debbugs.gnu.org; Fri, 19 Mar 2021 07:36:04 -0400 Received: from mail.zaclys.net ([178.33.93.72]:44217) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lNDQ8-0004bE-AG for 47257@debbugs.gnu.org; Fri, 19 Mar 2021 07:36:01 -0400 Received: from localhost.localdomain (lsl43-1_migr-78-195-19-20.fbx.proxad.net [78.195.19.20] (may be forged)) (authenticated bits=0) by mail.zaclys.net (8.14.7/8.14.7) with ESMTP id 12JBZp2Q030120 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Fri, 19 Mar 2021 12:35:54 +0100 DMARC-Filter: OpenDMARC Filter v1.3.2 mail.zaclys.net 12JBZp2Q030120 Authentication-Results: mail.zaclys.net; dmarc=fail (p=reject dis=none) header.from=zaclys.net Authentication-Results: mail.zaclys.net; spf=fail smtp.mailfrom=lle-bout@zaclys.net DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zaclys.net; s=default; t=1616153754; bh=qWUp8GnQdIYHEw/DSf/GhUJTwLiKfItHRgUVGPS+JQ8=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=OGVJcTNrMS2z2na9UAaHybGAIzd8UQji21CmDBNMcyhycyHgs8luJ3FtX1DvsOpXP griXXVhRKuD1JxOE2nrfBtSnL8ObCEaQTKla62mty2DuVmJOru7LT9Nj3yTPl2mcNB tiC9yGMyq5Zi7dWvgB/buj5xMiFabdos4TB0n/XU= From: =?UTF-8?Q?L=C3=A9o?= Le Bouter Date: Fri, 19 Mar 2021 12:35:37 +0100 Message-Id: <20210319113537.18290-2-lle-bout@zaclys.net> X-Mailer: git-send-email 2.31.0 In-Reply-To: <20210319113537.18290-1-lle-bout@zaclys.net> References: <20210319113537.18290-1-lle-bout@zaclys.net> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Score: 0.0 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) * gnu/packages/databases.scm (mariadb/fixed): New variable. (mariadb)[replacement]: Graft. --- gnu/packages/databases.scm | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) diff --git a/gnu/packages/databases.scm b/gnu/packages/databases.scm index 8be83f5cbe..6fdb22d7fb 100644 --- a/gnu/packages/databases.scm +++ b/gnu/packages/databases.scm @@ -734,6 +734,7 @@ Language.") (append (find-files "extra/wolfssl") (find-files "zlib"))) #t)))) + (replacement mariadb/fixed) (build-system cmake-build-system) (outputs '("out" "lib" "dev")) (arguments @@ -969,6 +970,38 @@ Language.") as a drop-in replacement of MySQL.") (license license:gpl2))) +(define mariadb/fixed + (package/inherit mariadb + (version "10.5.9") + (source (origin + (method url-fetch) + (uri (string-append "https://downloads.mariadb.com/MariaDB" + "/mariadb-" version "/source/mariadb-" + version ".tar.gz")) + (sha256 + (base32 + "1kv8226ydyh4nyfx432dxqdkbry92c92bwlc33f1y56yp2p1kas0")) + (modules '((guix build utils))) + (snippet + '(begin + ;; Delete bundled snappy and xz. + (delete-file-recursively "storage/tokudb/PerconaFT/third_party") + (substitute* "storage/tokudb/PerconaFT/CMakeLists.txt" + ;; This file checks that the bundled sources are present and + ;; declares build procedures for them. + (("^include\\(TokuThirdParty\\)") "")) + (substitute* "storage/tokudb/PerconaFT/ft/CMakeLists.txt" + ;; Don't attempt to use the procedures we just removed. + ((" build_lzma build_snappy") "")) + + ;; Preserve CMakeLists.txt for these. + (for-each (lambda (file) + (unless (string-suffix? "CMakeLists.txt" file) + (delete-file file))) + (append (find-files "extra/wolfssl") + (find-files "zlib"))) + #t)))))) + (define-public mariadb-connector-c (package (name "mariadb-connector-c") -- 2.31.0 From unknown Sun Jun 15 08:57:01 2025 X-Loop: help-debbugs@gnu.org Subject: bug#47257: [PATCH 0/1] gnu: mariadb: Update to 10.5.9 [fixes CVE-2021-27928]. References: <7d6d60c61fc372f62125ef5a36bc22956db5907e.camel@zaclys.net> In-Reply-To: <7d6d60c61fc372f62125ef5a36bc22956db5907e.camel@zaclys.net> Resent-From: =?UTF-8?Q?L=C3=A9o?= Le Bouter Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Fri, 19 Mar 2021 11:37:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 47257 X-GNU-PR-Package: guix X-GNU-PR-Keywords: security To: 47257@debbugs.gnu.org Cc: =?UTF-8?Q?L=C3=A9o?= Le Bouter Received: via spool by 47257-submit@debbugs.gnu.org id=B47257.161615376517735 (code B ref 47257); Fri, 19 Mar 2021 11:37:02 +0000 Received: (at 47257) by debbugs.gnu.org; 19 Mar 2021 11:36:05 +0000 Received: from localhost ([127.0.0.1]:48950 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lNDQD-0004by-8Z for submit@debbugs.gnu.org; Fri, 19 Mar 2021 07:36:05 -0400 Received: from mail.zaclys.net ([178.33.93.72]:37957) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lNDQ7-0004b8-5F for 47257@debbugs.gnu.org; Fri, 19 Mar 2021 07:36:02 -0400 Received: from localhost.localdomain (lsl43-1_migr-78-195-19-20.fbx.proxad.net [78.195.19.20] (may be forged)) (authenticated bits=0) by mail.zaclys.net (8.14.7/8.14.7) with ESMTP id 12JBZp2P030120 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Fri, 19 Mar 2021 12:35:52 +0100 DMARC-Filter: OpenDMARC Filter v1.3.2 mail.zaclys.net 12JBZp2P030120 Authentication-Results: mail.zaclys.net; dmarc=fail (p=reject dis=none) header.from=zaclys.net Authentication-Results: mail.zaclys.net; spf=fail smtp.mailfrom=lle-bout@zaclys.net DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zaclys.net; s=default; t=1616153752; bh=fec8fjfezcqPNyAV0FBJcAhLE7WUAjuqSlxlZLnIj/A=; h=From:To:Cc:Subject:Date:From; b=fVoQ8F9Qa8piQImYQboWqNuWq2nAJvi0/QV/s0WezD+iCND81t1wRO+x2w2vx16ue sgswHzEMD/rjoXy72brshu35FCUTosj7p4Fk9tbbDt5SJJXBhstrRIISbNjh8smLER UF6rn/s2nFqmNBkLGTgn116uSCJWSC6PAh1IoD2c= From: =?UTF-8?Q?L=C3=A9o?= Le Bouter Date: Fri, 19 Mar 2021 12:35:36 +0100 Message-Id: <20210319113537.18290-1-lle-bout@zaclys.net> X-Mailer: git-send-email 2.31.0 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Spam-Score: 0.0 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) I made a patch, please review and push if you think that's OK, I will otherwise push it myself after some time. The patch produces some test error, not sure if deterministic, looks related to networking disabled in build sandboxes, log: The servers were restarted 778 times Spent 6689.041 of 234 seconds executing testcases Failure: Failed 1/2711 tests, 99.96% were successful. Failing test(s): main.system_mysql_db The log files in var/log may give you some hint of what went wrong. If you want to report this error, please read first the documentation at http://dev.mysql.com/doc/mysql/en/mysql-test-suite.html 969 tests were skipped, 161 by the test itself. mysql-test-run: *** ERROR: there were failing test cases Error happened at lib/mtr_report.pm line 687. mtr_report::mtr_error("there were failing test cases") called at lib/mtr_report.pm line 556 mtr_report::mtr_report_stats("Failure", 1, ARRAY(0x19d75d0), ARRAY(0x1420d08)) called at /tmp/guix-build-mariadb-10.5.9.drv-0/mariadb-10.5.9/mysql-test/mysql-test-run.pl line 586 main::main() called at /tmp/guix-build-mariadb-10.5.9.drv-0/mariadb-10.5.9/mysql-test/mysql-test-run.pl line 387 command "./mtr" "--verbose" "--retry=3" "--testcase-timeout=40" "--suite-timeout=600" "--parallel" "48" "--skip-rpl" "--skip-test-list=unstable-tests" failed with status 1 builder for `/gnu/store/hk1awalxmnd7a7qz4v8r5h7bpxc4ig5b-mariadb-10.5.9.drv' failed with exit code 1 @ build-failed /gnu/store/hk1awalxmnd7a7qz4v8r5h7bpxc4ig5b-mariadb-10.5.9.drv - 1 builder for `/gnu/store/hk1awalxmnd7a7qz4v8r5h7bpxc4ig5b-mariadb-10.5.9.drv' failed with exit code 1 derivation '/gnu/store/hk1awalxmnd7a7qz4v8r5h7bpxc4ig5b-mariadb-10.5.9.drv' offloaded to 'www.proxmox-2.schmilblick.org' failed: build of `/gnu/store/hk1awalxmnd7a7qz4v8r5h7bpxc4ig5b-mariadb-10.5.9.drv' failed build of /gnu/store/hk1awalxmnd7a7qz4v8r5h7bpxc4ig5b-mariadb-10.5.9.drv failed View build log at '/var/log/guix/drvs/hk/1awalxmnd7a7qz4v8r5h7bpxc4ig5b-mariadb-10.5.9.drv.bz2'. guix build: error: build of `/gnu/store/hk1awalxmnd7a7qz4v8r5h7bpxc4ig5b-mariadb-10.5.9.drv' failed Léo Le Bouter (1): gnu: mariadb: Update to 10.5.9 [fixes CVE-2021-27928]. gnu/packages/databases.scm | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) -- 2.31.0 From unknown Sun Jun 15 08:57:01 2025 X-Loop: help-debbugs@gnu.org Subject: bug#47257: mariadb is vulnerable to CVE-2021-27928 (RCE) Resent-From: zimoun Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Fri, 19 Mar 2021 11:41:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 47257 X-GNU-PR-Package: guix X-GNU-PR-Keywords: security To: =?UTF-8?Q?L=C3=A9o?= Le Bouter , 47257@debbugs.gnu.org Received: via spool by 47257-submit@debbugs.gnu.org id=B47257.161615405518271 (code B ref 47257); Fri, 19 Mar 2021 11:41:02 +0000 Received: (at 47257) by debbugs.gnu.org; 19 Mar 2021 11:40:55 +0000 Received: from localhost ([127.0.0.1]:48955 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lNDUt-0004kd-66 for submit@debbugs.gnu.org; Fri, 19 Mar 2021 07:40:55 -0400 Received: from mail-wm1-f48.google.com ([209.85.128.48]:40768) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lNDUo-0004kJ-Sw for 47257@debbugs.gnu.org; Fri, 19 Mar 2021 07:40:54 -0400 Received: by mail-wm1-f48.google.com with SMTP id y124-20020a1c32820000b029010c93864955so7138852wmy.5 for <47257@debbugs.gnu.org>; Fri, 19 Mar 2021 04:40:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:subject:in-reply-to:references:date:message-id:mime-version :content-transfer-encoding; bh=rV7gS82r3f5ofvDazkQk6Yt1PSYrmKiG3P+kbQyxl1U=; b=W0gPYEjfttgdfeE8bolal4b8t0iSaYlprgu7xDiqKRw7AVxYEntVvFqdoZlxqb6pty xV7HER0aOxXw8XPCrarAdxjamELUqdhkwcLjLIVW9WzxP+2QPQTclizwLh9GxT1wxPOx mUBKZX65JT76QAElLFdvZgAxDOiTOpgF8A8VDQFtDW+IhIluV6DEQFdGY9sQNuYJ1JUz adD4R7fG5gBLyPHS71RmjpKEf+AJJeKyoyIJVwd6RgnZ95hSrM+oYcRGMmPGSMVyFlQX WHGuxe45yMYq2Tjko2TG5zjJ0L6bwZ6owFSLW6T9p+ekL7VwnZxbR4C3Dkm6LhcFYkDc wwVg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:in-reply-to:references:date :message-id:mime-version:content-transfer-encoding; bh=rV7gS82r3f5ofvDazkQk6Yt1PSYrmKiG3P+kbQyxl1U=; b=mtc0a+4VhcCstp+HCly70PXHQ2Vnf+E2T+/tsEEH3VkpVMtie6Fmi8wunvBJjJTPvf F3ZsSJxsUB1g3NdnkEuMO+CNkhSM/I/l8dt4HOH15lYxP0x4c2uJUD1+GFGP9XbUnfGB C7uSf4BMsY3hr+4OdtlpgtHvZCjuNaZvJccGmvuNTTw5cn1096K8256q6A0OSKteiN/D jYU+6Wg/IQiWBYCxB1v4Z99Aej66A7+IgtkFYNDBcxl1ATTGWMn+sJPPyIfeb8tUL9vu W9cc9o/hYPHbQp/edOdjZyqYy8lrIUkKtw9alThOj5qmowXCoILbtcTra/Q803kW68OK HrRg== X-Gm-Message-State: AOAM530g26NTJRmZhqSF+0tPbV0Ll5jrvAUCykzA1ebLajf51ZT6vbGm B8Ghml9SjdaTqyL5gvsDPaq8Xcr7Bto= X-Google-Smtp-Source: ABdhPJyxfuGuNryxMvV0XM6J7KDjkQtzv5LU9mx/wUfI3MfDE4LTgG7eHZME+KgkEbJ/nikUCzRTwA== X-Received: by 2002:a1c:2016:: with SMTP id g22mr3329079wmg.137.1616154045089; Fri, 19 Mar 2021 04:40:45 -0700 (PDT) Received: from lili ([2a01:e0a:59b:9120:65d2:2476:f637:db1e]) by smtp.gmail.com with ESMTPSA id 18sm5865928wmj.21.2021.03.19.04.40.44 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 19 Mar 2021 04:40:44 -0700 (PDT) From: zimoun In-Reply-To: <7d6d60c61fc372f62125ef5a36bc22956db5907e.camel@zaclys.net> References: <7d6d60c61fc372f62125ef5a36bc22956db5907e.camel@zaclys.net> Date: Fri, 19 Mar 2021 12:35:11 +0100 Message-ID: <86r1kbl6kw.fsf@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: 0.0 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) Hi, On Fri, 19 Mar 2021 at 11:25, L=C3=A9o Le Bouter via Bug reports for GNU Gu= ix wrote: > Is it possible to graft mariadb you think? I am thinking this issue > doesnt need updating of the "lib" output which is what's causing the > high number of dependents AIUI. I am not sure we could actually update > individual outputs right now though. Might be a good idea to split the > packages for the future. Instead of grafting, I would fix first check the compatibility between mariadb and zstd. Because mariadb@10.5.8 does not build with zstd@1.4.9, at least on my machine. Other said, I seem better to do this fix as a whole on core-updates without any graft. Instead of grafting here and there; and not necessary small changes (zstd from 1.4.4 to 1.4.9, mariadb from 10.5.8 to 10.5.8). All the best, simon From unknown Sun Jun 15 08:57:01 2025 X-Loop: help-debbugs@gnu.org Subject: bug#47257: [PATCH 1/1] gnu: mariadb: Update to 10.5.9 [fixes CVE-2021-27928]. Resent-From: Mark H Weaver Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Sat, 20 Mar 2021 00:30:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 47257 X-GNU-PR-Package: guix X-GNU-PR-Keywords: security To: 47257@debbugs.gnu.org Cc: =?UTF-8?Q?L=C3=A9o?= Le Bouter X-Debbugs-Original-To: =?UTF-8?Q?L=C3=A9o?= Le Bouter via Bug reports for GNU Guix , 47257@debbugs.gnu.org Received: via spool by submit@debbugs.gnu.org id=B.161620019023401 (code B ref -1); Sat, 20 Mar 2021 00:30:02 +0000 Received: (at submit) by debbugs.gnu.org; 20 Mar 2021 00:29:50 +0000 Received: from localhost ([127.0.0.1]:51215 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lNPV0-00065M-4Q for submit@debbugs.gnu.org; Fri, 19 Mar 2021 20:29:50 -0400 Received: from lists.gnu.org ([209.51.188.17]:48980) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lNPUw-000656-Mh for submit@debbugs.gnu.org; Fri, 19 Mar 2021 20:29:46 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:36378) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lNPUw-0000cE-GD for bug-guix@gnu.org; Fri, 19 Mar 2021 20:29:46 -0400 Received: from world.peace.net ([64.112.178.59]:41720) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lNPUu-0007sf-GU for bug-guix@gnu.org; Fri, 19 Mar 2021 20:29:46 -0400 Received: from mhw by world.peace.net with esmtpsa (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1lNPUp-0002du-3r; Fri, 19 Mar 2021 20:29:39 -0400 From: Mark H Weaver In-Reply-To: <20210319113537.18290-2-lle-bout@zaclys.net> References: <20210319113537.18290-1-lle-bout@zaclys.net> <20210319113537.18290-2-lle-bout@zaclys.net> Date: Fri, 19 Mar 2021 20:28:04 -0400 Message-ID: <87blbemzww.fsf@netris.org> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Received-SPF: pass client-ip=64.112.178.59; envelope-from=mhw@netris.org; helo=world.peace.net X-Spam_score_int: -18 X-Spam_score: -1.9 X-Spam_bar: - X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: -1.3 (-) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -2.3 (--) Hi L=C3=A9o, L=C3=A9o Le Bouter via Bug reports for GNU Guix writes: > * gnu/packages/databases.scm (mariadb/fixed): New variable. > (mariadb)[replacement]: Graft. > --- > gnu/packages/databases.scm | 33 +++++++++++++++++++++++++++++++++ > 1 file changed, 33 insertions(+) > > diff --git a/gnu/packages/databases.scm b/gnu/packages/databases.scm > index 8be83f5cbe..6fdb22d7fb 100644 > --- a/gnu/packages/databases.scm > +++ b/gnu/packages/databases.scm > @@ -734,6 +734,7 @@ Language.") > (append (find-files "extra/wolfssl") > (find-files "zlib"))) > #t)))) > + (replacement mariadb/fixed) > (build-system cmake-build-system) > (outputs '("out" "lib" "dev")) > (arguments > @@ -969,6 +970,38 @@ Language.") > as a drop-in replacement of MySQL.") > (license license:gpl2))) >=20=20 > +(define mariadb/fixed > + (package/inherit mariadb Please don't use 'package/inherit' when the package you're defining is a replacement to the package you're inheriting from. It creates a package object with an infinite chain of grafts. I guess that the infinite chain gets truncated somewhere in the grafting machinery, but I seem to recall that this kind of thing has caused real problems in the past. 'package/inherit' is usually the right thing when defining other kinds of package variants, however. Thanks again for all of your recent work on improving our security. It is a great help. Regards, Mark From unknown Sun Jun 15 08:57:01 2025 X-Loop: help-debbugs@gnu.org Subject: bug#47257: [PATCH 1/1] gnu: mariadb: Update to 10.5.9 [fixes CVE-2021-27928]. Resent-From: Mark H Weaver Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Sat, 20 Mar 2021 00:45:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 47257 X-GNU-PR-Package: guix X-GNU-PR-Keywords: security To: =?UTF-8?Q?L=C3=A9o?= Le Bouter Cc: 47257@debbugs.gnu.org Received: via spool by 47257-submit@debbugs.gnu.org id=B47257.161620105424721 (code B ref 47257); Sat, 20 Mar 2021 00:45:01 +0000 Received: (at 47257) by debbugs.gnu.org; 20 Mar 2021 00:44:14 +0000 Received: from localhost ([127.0.0.1]:51222 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lNPiw-0006Qf-GO for submit@debbugs.gnu.org; Fri, 19 Mar 2021 20:44:14 -0400 Received: from world.peace.net ([64.112.178.59]:59422) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lNPiu-0006QS-Vi for 47257@debbugs.gnu.org; Fri, 19 Mar 2021 20:44:13 -0400 Received: from mhw by world.peace.net with esmtpsa (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1lNPip-0003hv-3D; Fri, 19 Mar 2021 20:44:07 -0400 From: Mark H Weaver In-Reply-To: <87blbemzww.fsf@netris.org> References: <20210319113537.18290-1-lle-bout@zaclys.net> <20210319113537.18290-2-lle-bout@zaclys.net> <87blbemzww.fsf@netris.org> Date: Fri, 19 Mar 2021 20:42:33 -0400 Message-ID: <878s6imz8r.fsf@netris.org> MIME-Version: 1.0 Content-Type: text/plain X-Spam-Score: 0.0 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) Mark H Weaver writes: > 'package/inherit' is usually the right thing when defining other kinds > of package variants, however. One addendum to this guideline: if the package variant you're defining overrides the 'source' field[*], it's probably pointless to use 'package/inherit', because the fixes embodied in the original package's replacement would most likely be lost anyway. [*] One exception is if the overridden 'source' field merely adds some additional patches to the original package, while taking care to preserve any existing patches -- that last part is important, even if the original package doesn't including any patches at the time you look. In that case, 'package/inherit' might well be helpful. More generally, when inheriting from another package, it's useful to ask yourself what should happen if the package you're inheriting from is later grafted, and to try to arrange for that to happen automatically. Thanks, Mark From unknown Sun Jun 15 08:57:01 2025 X-Loop: help-debbugs@gnu.org Subject: bug#47257: [PATCH v2] gnu: mariadb: Fix CVE-2021-27928. References: <7d6d60c61fc372f62125ef5a36bc22956db5907e.camel@zaclys.net> In-Reply-To: <7d6d60c61fc372f62125ef5a36bc22956db5907e.camel@zaclys.net> Resent-From: =?UTF-8?Q?L=C3=A9o?= Le Bouter Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Thu, 25 Mar 2021 10:59:03 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 47257 X-GNU-PR-Package: guix X-GNU-PR-Keywords: security To: 47257@debbugs.gnu.org Cc: =?UTF-8?Q?L=C3=A9o?= Le Bouter Received: via spool by 47257-submit@debbugs.gnu.org id=B47257.16166699144877 (code B ref 47257); Thu, 25 Mar 2021 10:59:03 +0000 Received: (at 47257) by debbugs.gnu.org; 25 Mar 2021 10:58:34 +0000 Received: from localhost ([127.0.0.1]:37275 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lPNh7-0001GU-BP for submit@debbugs.gnu.org; Thu, 25 Mar 2021 06:58:34 -0400 Received: from mail.zaclys.net ([178.33.93.72]:35669) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lPNh3-0001Fz-Th for 47257@debbugs.gnu.org; Thu, 25 Mar 2021 06:58:27 -0400 Received: from localhost.localdomain (82-64-145-38.subs.proxad.net [82.64.145.38]) (authenticated bits=0) by mail.zaclys.net (8.14.7/8.14.7) with ESMTP id 12PAwIX7034420 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Thu, 25 Mar 2021 11:58:18 +0100 DMARC-Filter: OpenDMARC Filter v1.3.2 mail.zaclys.net 12PAwIX7034420 Authentication-Results: mail.zaclys.net; dmarc=fail (p=reject dis=none) header.from=zaclys.net Authentication-Results: mail.zaclys.net; spf=fail smtp.mailfrom=lle-bout@zaclys.net DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zaclys.net; s=default; t=1616669898; bh=yxUcncO+fmYI14fVdQjW+TqCSJPjqakzQOgQX+06dsk=; h=From:To:Cc:Subject:Date:From; b=hZF8z5h/3BgkyKQoyM7kjNUIOgrWAVOuG0U0aTgTU0v/uZozY7iBu+XH9P6FDSJ17 KdIOs2GFzg3m5BAHVqEZYhZkiSvnxNS7V82kVmOVboTiK6nB1ZldqC6xnILY2LX6yi /kJ8TXyMp6dKwxD/1oJyrxxRcXyWp6tAJx6CHNcE= From: =?UTF-8?Q?L=C3=A9o?= Le Bouter Date: Thu, 25 Mar 2021 11:58:15 +0100 Message-Id: <20210325105815.5411-1-lle-bout@zaclys.net> X-Mailer: git-send-email 2.31.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Score: 0.0 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) * gnu/packages/patches/mariadb-CVE-2021-27928.patch: New patch. * gnu/local.mk (dist_patch_DATA): Register it. * gnu/packages/databases.scm (mariadb/fixed): New variable. Apply patch. (mariadb)[replacement]: Graft. --- gnu/local.mk | 1 + gnu/packages/databases.scm | 34 + .../patches/mariadb-CVE-2021-27928.patch | 629 ++++++++++++++++++ 3 files changed, 664 insertions(+) create mode 100644 gnu/packages/patches/mariadb-CVE-2021-27928.patch diff --git a/gnu/local.mk b/gnu/local.mk index 14d228cfa4..40956598db 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1380,6 +1380,7 @@ dist_patch_DATA = \ %D%/packages/patches/lvm2-static-link.patch \ %D%/packages/patches/mailutils-fix-uninitialized-variable.patch \ %D%/packages/patches/make-impure-dirs.patch \ + %D%/packages/patches/mariadb-CVE-2021-27928.patch \ %D%/packages/patches/mars-install.patch \ %D%/packages/patches/mars-sfml-2.3.patch \ %D%/packages/patches/maxima-defsystem-mkdir.patch \ diff --git a/gnu/packages/databases.scm b/gnu/packages/databases.scm index 83b6a13892..75edf3fd08 100644 --- a/gnu/packages/databases.scm +++ b/gnu/packages/databases.scm @@ -734,6 +734,7 @@ Language.") (append (find-files "extra/wolfssl") (find-files "zlib"))) #t)))) + (replacement mariadb/fixed) (build-system cmake-build-system) (outputs '("out" "lib" "dev")) (arguments @@ -969,6 +970,39 @@ Language.") as a drop-in replacement of MySQL.") (license license:gpl2))) +(define-public mariadb/fixed + (package + (inherit mariadb) + (source (origin + (method url-fetch) + (uri (string-append "https://downloads.mariadb.com/MariaDB" + "/mariadb-" version "/source/mariadb-" + version ".tar.gz")) + (sha256 + (base32 + "1s3vfm73911cddjhgpcbkya6nz7ag2zygg56qqzwscn5ybv28j7b")) + (modules '((guix build utils))) + (snippet + '(begin + ;; Delete bundled snappy and xz. + (delete-file-recursively "storage/tokudb/PerconaFT/third_party") + (substitute* "storage/tokudb/PerconaFT/CMakeLists.txt" + ;; This file checks that the bundled sources are present and + ;; declares build procedures for them. + (("^include\\(TokuThirdParty\\)") "")) + (substitute* "storage/tokudb/PerconaFT/ft/CMakeLists.txt" + ;; Don't attempt to use the procedures we just removed. + ((" build_lzma build_snappy") "")) + + ;; Preserve CMakeLists.txt for these. + (for-each (lambda (file) + (unless (string-suffix? "CMakeLists.txt" file) + (delete-file file))) + (append (find-files "extra/wolfssl") + (find-files "zlib"))) + #t)) + (patches (search-patches "mariadb-CVE-2021-27928.patch")))))) + (define-public mariadb-connector-c (package (name "mariadb-connector-c") diff --git a/gnu/packages/patches/mariadb-CVE-2021-27928.patch b/gnu/packages/patches/mariadb-CVE-2021-27928.patch new file mode 100644 index 0000000000..eea18431cf --- /dev/null +++ b/gnu/packages/patches/mariadb-CVE-2021-27928.patch @@ -0,0 +1,629 @@ +From ce3a2a688db556d8d077a409fd9bf5cc013d13dd Mon Sep 17 00:00:00 2001 +From: Sergei Golubchik +Date: Thu, 18 Feb 2021 14:20:48 +0100 +Subject: [PATCH] make @@wsrep_provider and @@wsrep_notify_cmd read-only + +this should simplify run-time cluster management +--- + mysql-test/suite/galera/disabled.def | 2 + + .../galera/include/galera_load_provider.inc | 1 - + .../galera/include/galera_unload_provider.inc | 3 +- + .../suite/galera/r/galera_ist_rsync.result | 2 +- + .../galera/r/galera_sst_mysqldump.result | 2 +- + .../suite/galera/r/mysql-wsrep#33.result | 2 +- + .../suite/sys_vars/r/sysvars_wsrep.result | 4 +- + .../sys_vars/r/wsrep_notify_cmd_basic.result | 47 ----------------- + .../sys_vars/r/wsrep_provider_basic.result | 40 --------------- + .../r/wsrep_provider_options_basic.result | 49 ------------------ + .../sys_vars/t/wsrep_notify_cmd_basic.test | 43 ---------------- + .../sys_vars/t/wsrep_provider_basic.test | 39 -------------- + .../t/wsrep_provider_options_basic.test | 51 ------------------- + mysql-test/suite/wsrep/disabled.def | 2 + + mysql-test/suite/wsrep/r/variables.result | 12 ++--- + mysql-test/suite/wsrep/t/variables.test | 34 +++---------- + sql/sys_vars.cc | 4 +- + 17 files changed, 24 insertions(+), 313 deletions(-) + delete mode 100644 mysql-test/suite/sys_vars/r/wsrep_notify_cmd_basic.result + delete mode 100644 mysql-test/suite/sys_vars/r/wsrep_provider_basic.result + delete mode 100644 mysql-test/suite/sys_vars/r/wsrep_provider_options_basic.result + delete mode 100644 mysql-test/suite/sys_vars/t/wsrep_notify_cmd_basic.test + delete mode 100644 mysql-test/suite/sys_vars/t/wsrep_provider_basic.test + delete mode 100644 mysql-test/suite/sys_vars/t/wsrep_provider_options_basic.test + +diff --git a/mysql-test/suite/galera/disabled.def b/mysql-test/suite/galera/disabled.def +index 7fe03a9422013..a063e17d46533 100644 +--- a/mysql-test/suite/galera/disabled.def ++++ b/mysql-test/suite/galera/disabled.def +@@ -30,3 +30,5 @@ partition : MDEV-19958 Galera test failure on galera.partition + query_cache: MDEV-15805 Test failure on galera.query_cache + sql_log_bin : MDEV-21491 galera.sql_log_bin + versioning_trx_id: MDEV-18590: galera.versioning_trx_id: Test failure: mysqltest: Result content mismatch ++galera_wsrep_provider_unset_set: wsrep_provider is read-only for security reasons ++pxc-421: wsrep_provider is read-only for security reasons +diff --git a/mysql-test/suite/galera/include/galera_load_provider.inc b/mysql-test/suite/galera/include/galera_load_provider.inc +index aeab7e6ea199f..e6ce6411193c2 100644 +--- a/mysql-test/suite/galera/include/galera_load_provider.inc ++++ b/mysql-test/suite/galera/include/galera_load_provider.inc +@@ -1,7 +1,6 @@ + --echo Loading wsrep provider ... + + --disable_query_log +---eval SET GLOBAL wsrep_provider = '$wsrep_provider_orig'; + --eval SET GLOBAL wsrep_cluster_address = '$wsrep_cluster_address_orig'; + --enable_query_log + +diff --git a/mysql-test/suite/galera/include/galera_unload_provider.inc b/mysql-test/suite/galera/include/galera_unload_provider.inc +index edc7eb31e0e21..83438a947f03e 100644 +--- a/mysql-test/suite/galera/include/galera_unload_provider.inc ++++ b/mysql-test/suite/galera/include/galera_unload_provider.inc +@@ -1,7 +1,6 @@ + --echo Unloading wsrep provider ... + + --let $wsrep_cluster_address_orig = `SELECT @@wsrep_cluster_address` +---let $wsrep_provider_orig = `SELECT @@wsrep_provider` + --let $wsrep_provider_options_orig = `SELECT @@wsrep_provider_options` + +-SET GLOBAL wsrep_provider = 'none'; ++SET GLOBAL wsrep_cluster_address = ''; +diff --git a/mysql-test/suite/galera/r/galera_ist_rsync.result b/mysql-test/suite/galera/r/galera_ist_rsync.result +index 8a7c02ab1b6d9..80a28d349baed 100644 +--- a/mysql-test/suite/galera/r/galera_ist_rsync.result ++++ b/mysql-test/suite/galera/r/galera_ist_rsync.result +@@ -21,7 +21,7 @@ INSERT INTO t1 VALUES ('node2_committed_before'); + INSERT INTO t1 VALUES ('node2_committed_before'); + COMMIT; + Unloading wsrep provider ... +-SET GLOBAL wsrep_provider = 'none'; ++SET GLOBAL wsrep_cluster_address = ''; + connection node_1; + SET AUTOCOMMIT=OFF; + START TRANSACTION; +diff --git a/mysql-test/suite/galera/r/galera_sst_mysqldump.result b/mysql-test/suite/galera/r/galera_sst_mysqldump.result +index 5c530c32ce695..6bdc933a9fca7 100644 +--- a/mysql-test/suite/galera/r/galera_sst_mysqldump.result ++++ b/mysql-test/suite/galera/r/galera_sst_mysqldump.result +@@ -30,7 +30,7 @@ INSERT INTO t1 VALUES ('node2_committed_before'); + INSERT INTO t1 VALUES ('node2_committed_before'); + COMMIT; + Unloading wsrep provider ... +-SET GLOBAL wsrep_provider = 'none'; ++SET GLOBAL wsrep_cluster_address = ''; + connection node_1; + SET AUTOCOMMIT=OFF; + START TRANSACTION; +diff --git a/mysql-test/suite/galera/r/mysql-wsrep#33.result b/mysql-test/suite/galera/r/mysql-wsrep#33.result +index 6a5251204b9bb..4cc49c0cf0790 100644 +--- a/mysql-test/suite/galera/r/mysql-wsrep#33.result ++++ b/mysql-test/suite/galera/r/mysql-wsrep#33.result +@@ -30,7 +30,7 @@ INSERT INTO t1 VALUES ('node2_committed_before'); + INSERT INTO t1 VALUES ('node2_committed_before'); + COMMIT; + Unloading wsrep provider ... +-SET GLOBAL wsrep_provider = 'none'; ++SET GLOBAL wsrep_cluster_address = ''; + connection node_1; + SET AUTOCOMMIT=OFF; + START TRANSACTION; +diff --git a/mysql-test/suite/sys_vars/r/sysvars_wsrep.result b/mysql-test/suite/sys_vars/r/sysvars_wsrep.result +index e54afd2d64a24..67e1540531311 100644 +--- a/mysql-test/suite/sys_vars/r/sysvars_wsrep.result ++++ b/mysql-test/suite/sys_vars/r/sysvars_wsrep.result +@@ -349,7 +349,7 @@ NUMERIC_MIN_VALUE NULL + NUMERIC_MAX_VALUE NULL + NUMERIC_BLOCK_SIZE NULL + ENUM_VALUE_LIST NULL +-READ_ONLY NO ++READ_ONLY YES + COMMAND_LINE_ARGUMENT REQUIRED + VARIABLE_NAME WSREP_ON + SESSION_VALUE OFF +@@ -405,7 +405,7 @@ NUMERIC_MIN_VALUE NULL + NUMERIC_MAX_VALUE NULL + NUMERIC_BLOCK_SIZE NULL + ENUM_VALUE_LIST NULL +-READ_ONLY NO ++READ_ONLY YES + COMMAND_LINE_ARGUMENT REQUIRED + VARIABLE_NAME WSREP_PROVIDER_OPTIONS + SESSION_VALUE NULL +diff --git a/mysql-test/suite/sys_vars/r/wsrep_notify_cmd_basic.result b/mysql-test/suite/sys_vars/r/wsrep_notify_cmd_basic.result +deleted file mode 100644 +index 056ff8c817b0f..0000000000000 +--- a/mysql-test/suite/sys_vars/r/wsrep_notify_cmd_basic.result ++++ /dev/null +@@ -1,47 +0,0 @@ +-# +-# wsrep_notify_cmd +-# +-call mtr.add_suppression("WSREP: Failed to get provider options"); +-# save the initial value +-SET @wsrep_notify_cmd_global_saved = @@global.wsrep_notify_cmd; +-# default +-SELECT @@global.wsrep_notify_cmd; +-@@global.wsrep_notify_cmd +- +- +-# scope +-SELECT @@session.wsrep_notify_cmd; +-ERROR HY000: Variable 'wsrep_notify_cmd' is a GLOBAL variable +-SET @@global.wsrep_notify_cmd='notify_cmd'; +-SELECT @@global.wsrep_notify_cmd; +-@@global.wsrep_notify_cmd +-notify_cmd +- +-# valid values +-SET @@global.wsrep_notify_cmd='command'; +-SELECT @@global.wsrep_notify_cmd; +-@@global.wsrep_notify_cmd +-command +-SET @@global.wsrep_notify_cmd='hyphenated-command'; +-SELECT @@global.wsrep_notify_cmd; +-@@global.wsrep_notify_cmd +-hyphenated-command +-SET @@global.wsrep_notify_cmd=default; +-SELECT @@global.wsrep_notify_cmd; +-@@global.wsrep_notify_cmd +- +-SET @@global.wsrep_notify_cmd=NULL; +-SELECT @@global.wsrep_notify_cmd; +-@@global.wsrep_notify_cmd +-NULL +- +-# invalid values +-SET @@global.wsrep_notify_cmd=1; +-ERROR 42000: Incorrect argument type to variable 'wsrep_notify_cmd' +-SELECT @@global.wsrep_notify_cmd; +-@@global.wsrep_notify_cmd +-NULL +- +-# restore the initial value +-SET @@global.wsrep_notify_cmd = @wsrep_notify_cmd_global_saved; +-# End of test +diff --git a/mysql-test/suite/sys_vars/r/wsrep_provider_basic.result b/mysql-test/suite/sys_vars/r/wsrep_provider_basic.result +deleted file mode 100644 +index 3e4ac8ca88362..0000000000000 +--- a/mysql-test/suite/sys_vars/r/wsrep_provider_basic.result ++++ /dev/null +@@ -1,40 +0,0 @@ +-# +-# wsrep_provider +-# +-# save the initial value +-SET @wsrep_provider_global_saved = @@global.wsrep_provider; +-# default +-SELECT @@global.wsrep_provider; +-@@global.wsrep_provider +-none +- +-# scope +-SELECT @@session.wsrep_provider; +-ERROR HY000: Variable 'wsrep_provider' is a GLOBAL variable +-SELECT @@global.wsrep_provider; +-@@global.wsrep_provider +-none +- +-# valid values +-SET @@global.wsrep_provider=default; +-SELECT @@global.wsrep_provider; +-@@global.wsrep_provider +-none +- +-# invalid values +-SET @@global.wsrep_provider='/invalid/libgalera_smm.so'; +-ERROR 42000: Variable 'wsrep_provider' can't be set to the value of '/invalid/libgalera_smm.so' +-SET @@global.wsrep_provider=NULL; +-ERROR 42000: Variable 'wsrep_provider' can't be set to the value of 'NULL' +-SELECT @@global.wsrep_provider; +-@@global.wsrep_provider +-none +-SET @@global.wsrep_provider=1; +-ERROR 42000: Incorrect argument type to variable 'wsrep_provider' +-SELECT @@global.wsrep_provider; +-@@global.wsrep_provider +-none +- +-# restore the initial value +-SET @@global.wsrep_provider = @wsrep_provider_global_saved; +-# End of test +diff --git a/mysql-test/suite/sys_vars/r/wsrep_provider_options_basic.result b/mysql-test/suite/sys_vars/r/wsrep_provider_options_basic.result +deleted file mode 100644 +index b2e07c55b38cf..0000000000000 +--- a/mysql-test/suite/sys_vars/r/wsrep_provider_options_basic.result ++++ /dev/null +@@ -1,49 +0,0 @@ +-# +-# wsrep_provider_options +-# +-call mtr.add_suppression("WSREP: Failed to get provider options"); +-SET @@global.wsrep_provider = @@global.wsrep_provider; +-# save the initial value +-SET @wsrep_provider_options_global_saved = @@global.wsrep_provider_options; +-# default +-SELECT @@global.wsrep_provider_options; +-@@global.wsrep_provider_options +- +- +-# scope +-SELECT @@session.wsrep_provider_options; +-ERROR HY000: Variable 'wsrep_provider_options' is a GLOBAL variable +-SET @@global.wsrep_provider_options='option1'; +-SELECT @@global.wsrep_provider_options; +-@@global.wsrep_provider_options +-option1 +- +-# valid values +-SET @@global.wsrep_provider_options='name1=value1;name2=value2'; +-SELECT @@global.wsrep_provider_options; +-@@global.wsrep_provider_options +-name1=value1;name2=value2 +-SET @@global.wsrep_provider_options='hyphenated-name:value'; +-SELECT @@global.wsrep_provider_options; +-@@global.wsrep_provider_options +-hyphenated-name:value +-SET @@global.wsrep_provider_options=default; +-SELECT @@global.wsrep_provider_options; +-@@global.wsrep_provider_options +- +- +-# invalid values +-SET @@global.wsrep_provider_options=1; +-ERROR 42000: Incorrect argument type to variable 'wsrep_provider_options' +-SELECT @@global.wsrep_provider_options; +-@@global.wsrep_provider_options +- +-SET @@global.wsrep_provider_options=NULL; +-Got one of the listed errors +-SELECT @@global.wsrep_provider_options; +-@@global.wsrep_provider_options +-NULL +- +-# restore the initial value +-SET @@global.wsrep_provider_options = @wsrep_provider_options_global_saved; +-# End of test +diff --git a/mysql-test/suite/sys_vars/t/wsrep_notify_cmd_basic.test b/mysql-test/suite/sys_vars/t/wsrep_notify_cmd_basic.test +deleted file mode 100644 +index 6d1535ba1482d..0000000000000 +--- a/mysql-test/suite/sys_vars/t/wsrep_notify_cmd_basic.test ++++ /dev/null +@@ -1,43 +0,0 @@ +---source include/have_wsrep.inc +- +---echo # +---echo # wsrep_notify_cmd +---echo # +- +-call mtr.add_suppression("WSREP: Failed to get provider options"); +- +---echo # save the initial value +-SET @wsrep_notify_cmd_global_saved = @@global.wsrep_notify_cmd; +- +---echo # default +-SELECT @@global.wsrep_notify_cmd; +- +---echo +---echo # scope +---error ER_INCORRECT_GLOBAL_LOCAL_VAR +-SELECT @@session.wsrep_notify_cmd; +-SET @@global.wsrep_notify_cmd='notify_cmd'; +-SELECT @@global.wsrep_notify_cmd; +- +---echo +---echo # valid values +-SET @@global.wsrep_notify_cmd='command'; +-SELECT @@global.wsrep_notify_cmd; +-SET @@global.wsrep_notify_cmd='hyphenated-command'; +-SELECT @@global.wsrep_notify_cmd; +-SET @@global.wsrep_notify_cmd=default; +-SELECT @@global.wsrep_notify_cmd; +-SET @@global.wsrep_notify_cmd=NULL; +-SELECT @@global.wsrep_notify_cmd; +- +---echo +---echo # invalid values +---error ER_WRONG_TYPE_FOR_VAR +-SET @@global.wsrep_notify_cmd=1; +-SELECT @@global.wsrep_notify_cmd; +- +---echo +---echo # restore the initial value +-SET @@global.wsrep_notify_cmd = @wsrep_notify_cmd_global_saved; +- +---echo # End of test +diff --git a/mysql-test/suite/sys_vars/t/wsrep_provider_basic.test b/mysql-test/suite/sys_vars/t/wsrep_provider_basic.test +deleted file mode 100644 +index 1190ab41bb053..0000000000000 +--- a/mysql-test/suite/sys_vars/t/wsrep_provider_basic.test ++++ /dev/null +@@ -1,39 +0,0 @@ +---source include/have_wsrep.inc +- +---echo # +---echo # wsrep_provider +---echo # +- +---echo # save the initial value +-SET @wsrep_provider_global_saved = @@global.wsrep_provider; +- +---echo # default +-SELECT @@global.wsrep_provider; +- +---echo +---echo # scope +---error ER_INCORRECT_GLOBAL_LOCAL_VAR +-SELECT @@session.wsrep_provider; +-SELECT @@global.wsrep_provider; +- +---echo +---echo # valid values +-SET @@global.wsrep_provider=default; +-SELECT @@global.wsrep_provider; +- +---echo +---echo # invalid values +---error ER_WRONG_VALUE_FOR_VAR +-SET @@global.wsrep_provider='/invalid/libgalera_smm.so'; +---error ER_WRONG_VALUE_FOR_VAR +-SET @@global.wsrep_provider=NULL; +-SELECT @@global.wsrep_provider; +---error ER_WRONG_TYPE_FOR_VAR +-SET @@global.wsrep_provider=1; +-SELECT @@global.wsrep_provider; +- +---echo +---echo # restore the initial value +-SET @@global.wsrep_provider = @wsrep_provider_global_saved; +- +---echo # End of test +diff --git a/mysql-test/suite/sys_vars/t/wsrep_provider_options_basic.test b/mysql-test/suite/sys_vars/t/wsrep_provider_options_basic.test +deleted file mode 100644 +index d2ea32a063786..0000000000000 +--- a/mysql-test/suite/sys_vars/t/wsrep_provider_options_basic.test ++++ /dev/null +@@ -1,51 +0,0 @@ +---source include/have_wsrep.inc +- +---echo # +---echo # wsrep_provider_options +---echo # +- +-call mtr.add_suppression("WSREP: Failed to get provider options"); +- +-SET @@global.wsrep_provider = @@global.wsrep_provider; +- +---echo # save the initial value +-SET @wsrep_provider_options_global_saved = @@global.wsrep_provider_options; +- +---echo # default +-SELECT @@global.wsrep_provider_options; +- +---echo +---echo # scope +---error ER_INCORRECT_GLOBAL_LOCAL_VAR +-SELECT @@session.wsrep_provider_options; +---error 0,ER_WRONG_ARGUMENTS +-SET @@global.wsrep_provider_options='option1'; +-SELECT @@global.wsrep_provider_options; +- +---echo +---echo # valid values +---error 0,ER_WRONG_ARGUMENTS +-SET @@global.wsrep_provider_options='name1=value1;name2=value2'; +-SELECT @@global.wsrep_provider_options; +---error 0,ER_WRONG_ARGUMENTS +-SET @@global.wsrep_provider_options='hyphenated-name:value'; +-SELECT @@global.wsrep_provider_options; +---error 0,ER_WRONG_ARGUMENTS +-SET @@global.wsrep_provider_options=default; +-SELECT @@global.wsrep_provider_options; +- +---echo +---echo # invalid values +---error ER_WRONG_TYPE_FOR_VAR +-SET @@global.wsrep_provider_options=1; +-SELECT @@global.wsrep_provider_options; +---error ER_WRONG_ARGUMENTS,ER_WRONG_ARGUMENTS +-SET @@global.wsrep_provider_options=NULL; +-SELECT @@global.wsrep_provider_options; +- +---echo +---echo # restore the initial value +---error 0,ER_WRONG_ARGUMENTS +-SET @@global.wsrep_provider_options = @wsrep_provider_options_global_saved; +- +---echo # End of test +diff --git a/mysql-test/suite/wsrep/disabled.def b/mysql-test/suite/wsrep/disabled.def +index 11577bfe8b007..3d204db694580 100644 +--- a/mysql-test/suite/wsrep/disabled.def ++++ b/mysql-test/suite/wsrep/disabled.def +@@ -10,3 +10,5 @@ + # + ############################################################################## + ++ ++mdev_6832: wsrep_provider is read-only for security reasons +diff --git a/mysql-test/suite/wsrep/r/variables.result b/mysql-test/suite/wsrep/r/variables.result +index 9ef1b3290afd6..8bb0b426380a1 100644 +--- a/mysql-test/suite/wsrep/r/variables.result ++++ b/mysql-test/suite/wsrep/r/variables.result +@@ -14,7 +14,6 @@ SET SESSION wsrep_replicate_myisam= ON; + ERROR HY000: Variable 'wsrep_replicate_myisam' is a GLOBAL variable and should be set with SET GLOBAL + SET GLOBAL wsrep_replicate_myisam= ON; + SET GLOBAL wsrep_replicate_myisam= OFF; +-SET GLOBAL wsrep_provider=none; + # + # MDEV#5790: SHOW GLOBAL STATUS LIKE does not show the correct list of + # variables when using "_" +@@ -26,7 +25,6 @@ wsrep_local_state_comment # + # Should show nothing. + SHOW STATUS LIKE 'x'; + Variable_name Value +-SET GLOBAL wsrep_provider=none; + + SHOW STATUS LIKE 'wsrep_local_state_uuid'; + Variable_name Value +@@ -35,7 +33,6 @@ wsrep_local_state_uuid # + SHOW STATUS LIKE 'wsrep_last_committed'; + Variable_name Value + wsrep_last_committed # +-SET GLOBAL wsrep_provider=none; + + # + # MDEV#6206: wsrep_slave_threads subtracts from max_connections +@@ -49,7 +46,7 @@ SELECT @@global.wsrep_slave_threads; + 1 + SELECT @@global.wsrep_cluster_address; + @@global.wsrep_cluster_address +- ++gcomm:// + SELECT @@global.wsrep_on; + @@global.wsrep_on + 1 +@@ -58,14 +55,14 @@ Variable_name Value + Threads_connected 1 + SHOW STATUS LIKE 'wsrep_thread_count'; + Variable_name Value +-wsrep_thread_count 0 ++wsrep_thread_count 2 + + SELECT @@global.wsrep_provider; + @@global.wsrep_provider + libgalera_smm.so + SELECT @@global.wsrep_cluster_address; + @@global.wsrep_cluster_address +- ++gcomm:// + SELECT @@global.wsrep_on; + @@global.wsrep_on + 1 +@@ -74,11 +71,10 @@ Variable_name Value + Threads_connected 1 + SHOW STATUS LIKE 'wsrep_thread_count'; + Variable_name Value +-wsrep_thread_count 0 ++wsrep_thread_count 2 + + # Setting wsrep_cluster_address triggers the creation of + # applier/rollbacker threads. +-SET GLOBAL wsrep_cluster_address= 'gcomm://'; + # Wait for applier thread to get created 1. + # Wait for applier thread to get created 2. + SELECT VARIABLE_VALUE AS EXPECT_1 FROM INFORMATION_SCHEMA.GLOBAL_STATUS WHERE VARIABLE_NAME = 'wsrep_applier_thread_count'; +diff --git a/mysql-test/suite/wsrep/t/variables.test b/mysql-test/suite/wsrep/t/variables.test +index 5ab0eb68505a7..1a3bd62b16489 100644 +--- a/mysql-test/suite/wsrep/t/variables.test ++++ b/mysql-test/suite/wsrep/t/variables.test +@@ -22,7 +22,7 @@ SET GLOBAL wsrep_replicate_myisam= ON; + + # Reset it back. + SET GLOBAL wsrep_replicate_myisam= OFF; +-SET GLOBAL wsrep_provider=none; ++#SET GLOBAL wsrep_provider=none; + + --echo # + --echo # MDEV#5790: SHOW GLOBAL STATUS LIKE does not show the correct list of +@@ -31,13 +31,9 @@ SET GLOBAL wsrep_provider=none; + + CALL mtr.add_suppression("WSREP: Could not open saved state file for reading.*"); + +---disable_result_log +---disable_query_log +-eval SET GLOBAL wsrep_provider= '$WSREP_PROVIDER'; ++#evalp SET GLOBAL wsrep_provider= '$WSREP_PROVIDER'; + --let $galera_version=25.3.24 + source include/check_galera_version.inc; +---enable_result_log +---enable_query_log + + --replace_column 2 # + SHOW GLOBAL STATUS LIKE 'wsrep_local_state_comment'; +@@ -46,11 +42,9 @@ SHOW GLOBAL STATUS LIKE 'wsrep_local_state_comment'; + SHOW STATUS LIKE 'x'; + + # Reset it back. +-SET GLOBAL wsrep_provider=none; ++#SET GLOBAL wsrep_provider=none; + +---disable_query_log +-eval SET GLOBAL wsrep_provider= '$WSREP_PROVIDER'; +---enable_query_log ++#evalp SET GLOBAL wsrep_provider= '$WSREP_PROVIDER'; + + # The following 2 variables are used by mariabackup + # SST. +@@ -62,7 +56,7 @@ SHOW STATUS LIKE 'wsrep_local_state_uuid'; + SHOW STATUS LIKE 'wsrep_last_committed'; + + # Reset it back. +-SET GLOBAL wsrep_provider=none; ++#SET GLOBAL wsrep_provider=none; + + --echo + --echo # +@@ -70,9 +64,7 @@ SET GLOBAL wsrep_provider=none; + --echo # + call mtr.add_suppression("WSREP: Failed to get provider options"); + +---disable_query_log +-eval SET GLOBAL wsrep_provider= '$WSREP_PROVIDER'; +---enable_query_log ++#evalp SET GLOBAL wsrep_provider= '$WSREP_PROVIDER'; + + --replace_regex /.*libgalera_smm.*/libgalera_smm.so/ + SELECT @@global.wsrep_provider; +@@ -83,9 +75,7 @@ SHOW STATUS LIKE 'threads_connected'; + SHOW STATUS LIKE 'wsrep_thread_count'; + --echo + +---disable_query_log +-eval SET GLOBAL wsrep_provider= '$WSREP_PROVIDER'; +---enable_query_log ++#evalp SET GLOBAL wsrep_provider= '$WSREP_PROVIDER'; + + --replace_regex /.*libgalera_smm.*/libgalera_smm.so/ + SELECT @@global.wsrep_provider; +@@ -97,7 +87,7 @@ SHOW STATUS LIKE 'wsrep_thread_count'; + + --echo # Setting wsrep_cluster_address triggers the creation of + --echo # applier/rollbacker threads. +-SET GLOBAL wsrep_cluster_address= 'gcomm://'; ++#SET GLOBAL wsrep_cluster_address= 'gcomm://'; + + --echo # Wait for applier thread to get created 1. + --let $wait_timeout=600 +@@ -159,14 +149,6 @@ SET @@global.wsrep_sst_auth= NULL; + SELECT @@global.wsrep_sst_auth; + SET @@global.wsrep_sst_auth= @wsrep_sst_auth_saved; + +-# Reset (for mtr internal checks) +---disable_query_log +-SET GLOBAL wsrep_slave_threads= @wsrep_slave_threads_saved; +-eval SET GLOBAL wsrep_provider= '$WSREP_PROVIDER'; +-SET GLOBAL wsrep_cluster_address= @wsrep_cluster_address_saved; +-SET GLOBAL wsrep_provider_options= @wsrep_provider_options_saved; +---enable_query_log +- + --source include/galera_wait_ready.inc + + --echo # End of test. +diff --git a/sql/sys_vars.cc b/sql/sys_vars.cc +index baf27a7d0af92..e4de3d8d0aa1a 100644 +--- a/sql/sys_vars.cc ++++ b/sql/sys_vars.cc +@@ -4958,7 +4958,7 @@ static Sys_var_tz Sys_time_zone( + + static Sys_var_charptr Sys_wsrep_provider( + "wsrep_provider", "Path to replication provider library", +- PREALLOCATED GLOBAL_VAR(wsrep_provider), CMD_LINE(REQUIRED_ARG), ++ PREALLOCATED READ_ONLY GLOBAL_VAR(wsrep_provider), CMD_LINE(REQUIRED_ARG), + IN_FS_CHARSET, DEFAULT(WSREP_NONE), + NO_MUTEX_GUARD, NOT_IN_BINLOG, + ON_CHECK(wsrep_provider_check), ON_UPDATE(wsrep_provider_update)); +@@ -5171,7 +5171,7 @@ static Sys_var_ulong Sys_wsrep_max_ws_rows ( + + static Sys_var_charptr Sys_wsrep_notify_cmd( + "wsrep_notify_cmd", "", +- GLOBAL_VAR(wsrep_notify_cmd),CMD_LINE(REQUIRED_ARG), ++ READ_ONLY GLOBAL_VAR(wsrep_notify_cmd), CMD_LINE(REQUIRED_ARG), + IN_SYSTEM_CHARSET, DEFAULT("")); + + static Sys_var_mybool Sys_wsrep_certify_nonPK( -- 2.31.0 From unknown Sun Jun 15 08:57:01 2025 X-Loop: help-debbugs@gnu.org Subject: bug#47257: [PATCH v2] gnu: mariadb: Fix CVE-2021-27928. Resent-From: Julien Lepiller Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Thu, 25 Mar 2021 11:07:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 47257 X-GNU-PR-Package: guix X-GNU-PR-Keywords: security To: =?UTF-8?Q?L=C3=A9o?= Le Bouter , 47257@debbugs.gnu.org Received: via spool by 47257-submit@debbugs.gnu.org id=B47257.16166703846076 (code B ref 47257); Thu, 25 Mar 2021 11:07:02 +0000 Received: (at 47257) by debbugs.gnu.org; 25 Mar 2021 11:06:24 +0000 Received: from localhost ([127.0.0.1]:37333 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lPNoj-0001Zr-Ax for submit@debbugs.gnu.org; Thu, 25 Mar 2021 07:06:24 -0400 Received: from lepiller.eu ([89.234.186.109]:42010) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lPNoh-0001Zh-7C for 47257@debbugs.gnu.org; Thu, 25 Mar 2021 07:06:20 -0400 Received: from lepiller.eu (localhost [127.0.0.1]) by lepiller.eu (OpenSMTPD) with ESMTP id 022a8913; Thu, 25 Mar 2021 11:06:17 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=lepiller.eu; h=date :in-reply-to:references:mime-version:content-type :content-transfer-encoding:subject:to:from:message-id; s=dkim; bh=cS0ia+TWDVJSD7M1Ga8r2ui8e+zmMJchj+fdc9qXbAA=; b=YIOE64kSEpQq QppXzSAOknLkXrRR7722FGVgcwHH1B14W1lkVN7gSElROwTzepHsmZIyLNJkHrcb g8WZtxR/ChrIF3OKioqDp7RTUa80rvxXAfIrv41ObqznFCIt+8dbBRiAxx7zea7w w3GXZs6LpgOeOUyAHA3L4rZR/2C2oj0T9vnEgfrD9YKRELtgAuKutUqWv0gnTrKT 3D0etvwL+MynVNMcrIOT1ELcg1elwEhSfrPu+Mz2lVvVnJayjnQK9h+F1z+S7qJc GXoQyR6mpy7TUmkRsyERRCmBSIBHJlW2UB70BYan3GgoWlSb3ClWZ5jGcmC4l9xn xluGvBAJnw== Received: by lepiller.eu (OpenSMTPD) with ESMTPSA id 93b17e0b (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256:NO); Thu, 25 Mar 2021 11:06:16 +0000 (UTC) Date: Thu, 25 Mar 2021 07:06:09 -0400 User-Agent: K-9 Mail for Android In-Reply-To: <20210325105815.5411-1-lle-bout@zaclys.net> References: <7d6d60c61fc372f62125ef5a36bc22956db5907e.camel@zaclys.net> <20210325105815.5411-1-lle-bout@zaclys.net> MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----7U5BOSYGX9IXVGWFEC8QM2IIXYRVVM" Content-Transfer-Encoding: 7bit From: Julien Lepiller Message-ID: X-Spam-Score: -0.0 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) ------7U5BOSYGX9IXVGWFEC8QM2IIXYRVVM Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable I think you can simplify the patch a bit by inheriting the source too: (source (origin (inherit (package-source mariadb)) (patches =E2=80=A6))) Otherwise, untested but looks good=2E ------7U5BOSYGX9IXVGWFEC8QM2IIXYRVVM Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable I think you can simplify the patch a bit by inheriting the source too:
<= br>(source
(origin
(inherit (package-source mariadb))
(p= atches =E2=80=A6)))

Otherwise, untested but looks good=2E ------7U5BOSYGX9IXVGWFEC8QM2IIXYRVVM-- From unknown Sun Jun 15 08:57:01 2025 X-Loop: help-debbugs@gnu.org Subject: bug#47257: mariadb is vulnerable to CVE-2021-27928 (RCE) Resent-From: =?UTF-8?Q?L=C3=A9o?= Le Bouter Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Thu, 25 Mar 2021 11:29:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 47257 X-GNU-PR-Package: guix X-GNU-PR-Keywords: security To: zimoun , 47257@debbugs.gnu.org Received: via spool by 47257-submit@debbugs.gnu.org id=B47257.16166717078370 (code B ref 47257); Thu, 25 Mar 2021 11:29:02 +0000 Received: (at 47257) by debbugs.gnu.org; 25 Mar 2021 11:28:27 +0000 Received: from localhost ([127.0.0.1]:37363 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lPOA7-0002Aw-KD for submit@debbugs.gnu.org; Thu, 25 Mar 2021 07:28:27 -0400 Received: from mail.zaclys.net ([178.33.93.72]:39869) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lPOA6-0002Ai-AI for 47257@debbugs.gnu.org; Thu, 25 Mar 2021 07:28:27 -0400 Received: from guix-xps.local (82-64-145-38.subs.proxad.net [82.64.145.38]) (authenticated bits=0) by mail.zaclys.net (8.14.7/8.14.7) with ESMTP id 12PBSJ7m037253 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Thu, 25 Mar 2021 12:28:19 +0100 DMARC-Filter: OpenDMARC Filter v1.3.2 mail.zaclys.net 12PBSJ7m037253 Authentication-Results: mail.zaclys.net; dmarc=fail (p=reject dis=none) header.from=zaclys.net Authentication-Results: mail.zaclys.net; spf=fail smtp.mailfrom=lle-bout@zaclys.net DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zaclys.net; s=default; t=1616671700; bh=BZshqHOrTRlie+FDJ9HNiTQUxC0dbLlVFBBnIreDb2M=; h=Subject:From:To:Date:In-Reply-To:References:From; b=AWLPe7wG7qFyNN/8lhV523Jsrc8kJK8YafMw+jCI4f3BSEFCffjkGEfuoIRIh3Ank 5+RYpXL/ay9x25svZ2esTc5bTnTR8dsKV1eDvYXzTuK66z3nACJsjXnu5an6InAy/i 2t6CVv3otI2nff8+hfJEFEJS33+iRNe1tpaCe0vg= Message-ID: From: =?UTF-8?Q?L=C3=A9o?= Le Bouter Date: Thu, 25 Mar 2021 12:28:15 +0100 In-Reply-To: <86r1kbl6kw.fsf@gmail.com> References: <7d6d60c61fc372f62125ef5a36bc22956db5907e.camel@zaclys.net> <86r1kbl6kw.fsf@gmail.com> Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="=-CgItZ7alkGBGALQHkKIK" User-Agent: Evolution 3.34.2 MIME-Version: 1.0 X-Spam-Score: 0.0 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) --=-CgItZ7alkGBGALQHkKIK Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Fri, 2021-03-19 at 12:35 +0100, zimoun wrote: > Instead of grafting, I would fix first check the compatibility > between > mariadb and zstd. Because mariadb@10.5.8 does not build with > zstd@1.4.9, at least on my machine. Can you post build logs and repro scenario? mariadb@10.5.8 built fine for me on core-updates which has zstd@1.4.9. > Other said, I seem better to do this fix as a whole on core-updates > without any graft. Instead of grafting here and there; and not > necessary small changes (zstd from 1.4.4 to 1.4.9, mariadb from > 10.5.8 > to 10.5.8). We can't patch security issues through core-updates, especially this RCE. > All the best, > simon --=-CgItZ7alkGBGALQHkKIK Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEFIvLi9gL+xax3g6RRaix6GvNEKYFAmBcc88ACgkQRaix6GvN EKZCdxAAiNryy8yLn4jl35TqulMxbI4+h3EG/zgN5Xo5qZaP/SS5XLU3rvgE2rrm 4K3/JgF7wbZbUWvii8LOxmgMPSyjc2tcVymUP4wHxmIvgg5BmKeOAKs1qYYEesAc rSdeQwI/E8mKcQ0pERvTsPhL88qEfRxfDslZeRn/qSxXmLetVM8GZ7OPVkTITTbl Un4XZQGIVjVu0eeBd4+4Pw/qmj9et3iIF2XCrOP7jkg/XYNwT5Z4aUu5XiECsjjq /r/7N5zmBehvJj71GPoZ6Ds7A3cxHUdLXWA6SbwyjXERLhPshlN8Vg4lRPBgAURQ ymGbQTqL4IKnbG1I9Zlkd9miLvMH/6FnP8DpACCMRhzYHSXGk8XVCdeqUjEnigip Y1IqJ5i+3yIO1iOY4Cs3+TRLCivGgHd5L9OekkoDdU464CGjq7FlNLwqx7OV5NjP R4SM4ADWQ7Xxo5ESl6BT8w8LkxE/wKqLdqVpJBH+5Qt6wri37F5mPD1m5hgCLHTV 9oyyIrT1PU31hPCFIB7GxBhX5uW2ua45pvOZDx7iMira42xaBx/3MYFM7SAuprvz +f2ifb5MM+bdXU2PN5LwA8Dk576Fh8Ce1RBPDANJT/EwfzFNfc65akSEsyVWwScl Qv+K9R3Z1jwPOQL8QHjeWKoN2Aly+bKoH1en3OBasMxI3QhRcEI= =ejBl -----END PGP SIGNATURE----- --=-CgItZ7alkGBGALQHkKIK-- From unknown Sun Jun 15 08:57:01 2025 X-Loop: help-debbugs@gnu.org Subject: bug#47257: [PATCH v3] gnu: mariadb: Fix CVE-2021-27928. References: <7d6d60c61fc372f62125ef5a36bc22956db5907e.camel@zaclys.net> In-Reply-To: <7d6d60c61fc372f62125ef5a36bc22956db5907e.camel@zaclys.net> Resent-From: =?UTF-8?Q?L=C3=A9o?= Le Bouter Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Thu, 25 Mar 2021 12:40:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 47257 X-GNU-PR-Package: guix X-GNU-PR-Keywords: security To: 47257@debbugs.gnu.org Cc: =?UTF-8?Q?L=C3=A9o?= Le Bouter Received: via spool by 47257-submit@debbugs.gnu.org id=B47257.161667597722890 (code B ref 47257); Thu, 25 Mar 2021 12:40:02 +0000 Received: (at 47257) by debbugs.gnu.org; 25 Mar 2021 12:39:37 +0000 Received: from localhost ([127.0.0.1]:37404 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lPPGv-0005x5-Qj for submit@debbugs.gnu.org; Thu, 25 Mar 2021 08:39:37 -0400 Received: from mail.zaclys.net ([178.33.93.72]:40253) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lPPGs-0005wo-CN for 47257@debbugs.gnu.org; Thu, 25 Mar 2021 08:39:32 -0400 Received: from localhost.localdomain (82-64-145-38.subs.proxad.net [82.64.145.38]) (authenticated bits=0) by mail.zaclys.net (8.14.7/8.14.7) with ESMTP id 12PCdMku043190 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NO); Thu, 25 Mar 2021 13:39:22 +0100 DMARC-Filter: OpenDMARC Filter v1.3.2 mail.zaclys.net 12PCdMku043190 Authentication-Results: mail.zaclys.net; dmarc=fail (p=reject dis=none) header.from=zaclys.net Authentication-Results: mail.zaclys.net; spf=fail smtp.mailfrom=lle-bout@zaclys.net DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zaclys.net; s=default; t=1616675962; bh=1+QWUVT7TluJnUB46VE8dIukleWP9rkQWYTod73fZxE=; h=From:To:Cc:Subject:Date:From; b=VJqbY/QLw/VmQ2G+5DduXguPnQbQeDoFKEpXozD4FB0mxatWNMTHxB2MohDyaj/W3 SwGsDcFI4Ae6kJH0xzRwaAMKI6I4UK8X/9T1kE4u9urbza9DrIgE8Dd+hyXaZNxYqg Sl8Du6Y0ReWvqTKw+D07oW88UhLSCUGNM6UdpiLY= From: =?UTF-8?Q?L=C3=A9o?= Le Bouter Date: Thu, 25 Mar 2021 13:39:21 +0100 Message-Id: <20210325123921.9800-1-lle-bout@zaclys.net> X-Mailer: git-send-email 2.31.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Score: 0.0 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) * gnu/packages/patches/mariadb-CVE-2021-27928.patch: New patch. * gnu/local.mk (dist_patch_DATA): Register it. * gnu/packages/databases.scm (mariadb/fixed): New variable. Apply patch. (mariadb)[replacement]: Graft. --- gnu/local.mk | 1 + gnu/packages/databases.scm | 8 + .../patches/mariadb-CVE-2021-27928.patch | 642 ++++++++++++++++++ 3 files changed, 651 insertions(+) create mode 100644 gnu/packages/patches/mariadb-CVE-2021-27928.patch diff --git a/gnu/local.mk b/gnu/local.mk index 14d228cfa4..40956598db 100644 --- a/gnu/local.mk +++ b/gnu/local.mk @@ -1380,6 +1380,7 @@ dist_patch_DATA = \ %D%/packages/patches/lvm2-static-link.patch \ %D%/packages/patches/mailutils-fix-uninitialized-variable.patch \ %D%/packages/patches/make-impure-dirs.patch \ + %D%/packages/patches/mariadb-CVE-2021-27928.patch \ %D%/packages/patches/mars-install.patch \ %D%/packages/patches/mars-sfml-2.3.patch \ %D%/packages/patches/maxima-defsystem-mkdir.patch \ diff --git a/gnu/packages/databases.scm b/gnu/packages/databases.scm index 83b6a13892..20069f9383 100644 --- a/gnu/packages/databases.scm +++ b/gnu/packages/databases.scm @@ -734,6 +734,7 @@ Language.") (append (find-files "extra/wolfssl") (find-files "zlib"))) #t)))) + (replacement mariadb/fixed) (build-system cmake-build-system) (outputs '("out" "lib" "dev")) (arguments @@ -969,6 +970,13 @@ Language.") as a drop-in replacement of MySQL.") (license license:gpl2))) +(define mariadb/fixed + (package + (inherit mariadb) + (source (origin + (inherit (package-source mariadb)) + (patches (search-patches "mariadb-CVE-2021-27928.patch")))))) + (define-public mariadb-connector-c (package (name "mariadb-connector-c") diff --git a/gnu/packages/patches/mariadb-CVE-2021-27928.patch b/gnu/packages/patches/mariadb-CVE-2021-27928.patch new file mode 100644 index 0000000000..39a023c159 --- /dev/null +++ b/gnu/packages/patches/mariadb-CVE-2021-27928.patch @@ -0,0 +1,642 @@ +From 7580701e6279900fec40822952a3b874732289cf Mon Sep 17 00:00:00 2001 +From: Sergei Golubchik +Date: Thu, 18 Feb 2021 14:20:48 +0100 +Subject: [PATCH] make @@wsrep_provider and @@wsrep_notify_cmd read-only + +this should simplify run-time cluster management +--- + mysql-test/suite/galera/disabled.def | 2 + + .../galera/include/galera_load_provider.inc | 19 -------- + .../galera/include/galera_unload_provider.inc | 3 +- + .../suite/galera/r/galera_ist_rsync.result | 2 +- + .../galera/r/galera_sst_mysqldump.result | 2 +- + .../suite/galera/r/mysql-wsrep#33.result | 2 +- + .../suite/sys_vars/r/sysvars_wsrep.result | 4 +- + .../sys_vars/r/wsrep_notify_cmd_basic.result | 47 ------------------- + .../sys_vars/r/wsrep_provider_basic.result | 40 ---------------- + .../r/wsrep_provider_options_basic.result | 46 ------------------ + .../sys_vars/t/wsrep_notify_cmd_basic.test | 43 ----------------- + .../sys_vars/t/wsrep_provider_basic.test | 39 --------------- + .../t/wsrep_provider_options_basic.test | 41 ---------------- + mysql-test/suite/wsrep/disabled.def | 2 + + mysql-test/suite/wsrep/r/variables.result | 12 ++--- + mysql-test/suite/wsrep/t/variables.test | 32 +++---------- + sql/sys_vars.cc | 8 ++-- + 17 files changed, 25 insertions(+), 319 deletions(-) + delete mode 100644 mysql-test/suite/sys_vars/r/wsrep_notify_cmd_basic.result + delete mode 100644 mysql-test/suite/sys_vars/r/wsrep_provider_basic.result + delete mode 100644 mysql-test/suite/sys_vars/r/wsrep_provider_options_basic.result + delete mode 100644 mysql-test/suite/sys_vars/t/wsrep_notify_cmd_basic.test + delete mode 100644 mysql-test/suite/sys_vars/t/wsrep_provider_basic.test + delete mode 100644 mysql-test/suite/sys_vars/t/wsrep_provider_options_basic.test + +diff --git a/mysql-test/suite/galera/disabled.def b/mysql-test/suite/galera/disabled.def +index d940c702d54..83f26e81636 100644 +--- a/mysql-test/suite/galera/disabled.def ++++ b/mysql-test/suite/galera/disabled.def +@@ -49,3 +49,5 @@ partition : MDEV-19958 Galera test failure on galera.partition + query_cache: MDEV-15805 Test failure on galera.query_cache + sql_log_bin : MDEV-21491 galera.sql_log_bin + versioning_trx_id : MDEV-18590 galera.versioning_trx_id ++galera_wsrep_provider_unset_set: wsrep_provider is read-only for security reasons ++pxc-421: wsrep_provider is read-only for security reasons +diff --git a/mysql-test/suite/galera/include/galera_load_provider.inc b/mysql-test/suite/galera/include/galera_load_provider.inc +index 0f843597d9c..28010cc5b71 100644 +--- a/mysql-test/suite/galera/include/galera_load_provider.inc ++++ b/mysql-test/suite/galera/include/galera_load_provider.inc +@@ -1,25 +1,6 @@ + --echo Loading wsrep provider ... + + --disable_query_log +---eval SET GLOBAL wsrep_provider = '$wsrep_provider_orig'; +- +-# +-# count occurences of successful node starts in error log +-# +-perl; +- use strict; +- my $test_log=$ENV{'LOG_FILE'} or die "LOG_FILE not set"; +- my $test_log_copy=$test_log . '.copy'; +- if (-e $test_log_copy) { +- unlink $test_log_copy; +- } +- +-EOF +---copy_file $LOG_FILE $LOG_FILE.copy +- +-# +-# now join to the cluster +-# + --eval SET GLOBAL wsrep_cluster_address = '$wsrep_cluster_address_orig'; + + --enable_query_log +diff --git a/mysql-test/suite/galera/include/galera_unload_provider.inc b/mysql-test/suite/galera/include/galera_unload_provider.inc +index cd841f51fbc..ed7e9bc41f0 100644 +--- a/mysql-test/suite/galera/include/galera_unload_provider.inc ++++ b/mysql-test/suite/galera/include/galera_unload_provider.inc +@@ -1,7 +1,6 @@ + --echo Unloading wsrep provider ... + + --let $wsrep_cluster_address_orig = `SELECT @@wsrep_cluster_address` +---let $wsrep_provider_orig = `SELECT @@wsrep_provider` + --let $wsrep_provider_options_orig = `SELECT @@wsrep_provider_options` + --let $wsrep_error_log_orig = `SELECT @@log_error` + if(!$wsrep_log_error_orig) +@@ -12,4 +11,4 @@ if(!$wsrep_log_error_orig) + } + --let LOG_FILE= $wsrep_log_error_orig + +-SET GLOBAL wsrep_provider = 'none'; ++SET GLOBAL wsrep_cluster_address = ''; +diff --git a/mysql-test/suite/galera/r/galera_ist_rsync.result b/mysql-test/suite/galera/r/galera_ist_rsync.result +index 13f7d898a59..70a87c73df7 100644 +--- a/mysql-test/suite/galera/r/galera_ist_rsync.result ++++ b/mysql-test/suite/galera/r/galera_ist_rsync.result +@@ -23,7 +23,7 @@ INSERT INTO t1 VALUES ('node2_committed_before'); + INSERT INTO t1 VALUES ('node2_committed_before'); + COMMIT; + Unloading wsrep provider ... +-SET GLOBAL wsrep_provider = 'none'; ++SET GLOBAL wsrep_cluster_address = ''; + connection node_1; + SET AUTOCOMMIT=OFF; + START TRANSACTION; +diff --git a/mysql-test/suite/galera/r/galera_sst_mysqldump.result b/mysql-test/suite/galera/r/galera_sst_mysqldump.result +index 4ed679ba477..145b3a94775 100644 +--- a/mysql-test/suite/galera/r/galera_sst_mysqldump.result ++++ b/mysql-test/suite/galera/r/galera_sst_mysqldump.result +@@ -30,7 +30,7 @@ INSERT INTO t1 VALUES ('node2_committed_before'); + INSERT INTO t1 VALUES ('node2_committed_before'); + COMMIT; + Unloading wsrep provider ... +-SET GLOBAL wsrep_provider = 'none'; ++SET GLOBAL wsrep_cluster_address = ''; + connection node_1; + SET AUTOCOMMIT=OFF; + START TRANSACTION; +diff --git a/mysql-test/suite/galera/r/mysql-wsrep#33.result b/mysql-test/suite/galera/r/mysql-wsrep#33.result +index fb0b593cc96..45c6a3f660a 100644 +--- a/mysql-test/suite/galera/r/mysql-wsrep#33.result ++++ b/mysql-test/suite/galera/r/mysql-wsrep#33.result +@@ -32,7 +32,7 @@ INSERT INTO t1 VALUES ('node2_committed_before'); + INSERT INTO t1 VALUES ('node2_committed_before'); + COMMIT; + Unloading wsrep provider ... +-SET GLOBAL wsrep_provider = 'none'; ++SET GLOBAL wsrep_cluster_address = ''; + connection node_1; + SET AUTOCOMMIT=OFF; + START TRANSACTION; +diff --git a/mysql-test/suite/sys_vars/r/sysvars_wsrep.result b/mysql-test/suite/sys_vars/r/sysvars_wsrep.result +index 4b6abf85434..f73bfbd13e7 100644 +--- a/mysql-test/suite/sys_vars/r/sysvars_wsrep.result ++++ b/mysql-test/suite/sys_vars/r/sysvars_wsrep.result +@@ -403,7 +403,7 @@ NUMERIC_MIN_VALUE NULL + NUMERIC_MAX_VALUE NULL + NUMERIC_BLOCK_SIZE NULL + ENUM_VALUE_LIST NULL +-READ_ONLY NO ++READ_ONLY YES + COMMAND_LINE_ARGUMENT REQUIRED + GLOBAL_VALUE_PATH NULL + VARIABLE_NAME WSREP_ON +@@ -463,7 +463,7 @@ NUMERIC_MIN_VALUE NULL + NUMERIC_MAX_VALUE NULL + NUMERIC_BLOCK_SIZE NULL + ENUM_VALUE_LIST NULL +-READ_ONLY NO ++READ_ONLY YES + COMMAND_LINE_ARGUMENT REQUIRED + GLOBAL_VALUE_PATH NULL + VARIABLE_NAME WSREP_PROVIDER_OPTIONS +diff --git a/mysql-test/suite/sys_vars/r/wsrep_notify_cmd_basic.result b/mysql-test/suite/sys_vars/r/wsrep_notify_cmd_basic.result +deleted file mode 100644 +index 056ff8c817b..00000000000 +--- a/mysql-test/suite/sys_vars/r/wsrep_notify_cmd_basic.result ++++ /dev/null +@@ -1,47 +0,0 @@ +-# +-# wsrep_notify_cmd +-# +-call mtr.add_suppression("WSREP: Failed to get provider options"); +-# save the initial value +-SET @wsrep_notify_cmd_global_saved = @@global.wsrep_notify_cmd; +-# default +-SELECT @@global.wsrep_notify_cmd; +-@@global.wsrep_notify_cmd +- +- +-# scope +-SELECT @@session.wsrep_notify_cmd; +-ERROR HY000: Variable 'wsrep_notify_cmd' is a GLOBAL variable +-SET @@global.wsrep_notify_cmd='notify_cmd'; +-SELECT @@global.wsrep_notify_cmd; +-@@global.wsrep_notify_cmd +-notify_cmd +- +-# valid values +-SET @@global.wsrep_notify_cmd='command'; +-SELECT @@global.wsrep_notify_cmd; +-@@global.wsrep_notify_cmd +-command +-SET @@global.wsrep_notify_cmd='hyphenated-command'; +-SELECT @@global.wsrep_notify_cmd; +-@@global.wsrep_notify_cmd +-hyphenated-command +-SET @@global.wsrep_notify_cmd=default; +-SELECT @@global.wsrep_notify_cmd; +-@@global.wsrep_notify_cmd +- +-SET @@global.wsrep_notify_cmd=NULL; +-SELECT @@global.wsrep_notify_cmd; +-@@global.wsrep_notify_cmd +-NULL +- +-# invalid values +-SET @@global.wsrep_notify_cmd=1; +-ERROR 42000: Incorrect argument type to variable 'wsrep_notify_cmd' +-SELECT @@global.wsrep_notify_cmd; +-@@global.wsrep_notify_cmd +-NULL +- +-# restore the initial value +-SET @@global.wsrep_notify_cmd = @wsrep_notify_cmd_global_saved; +-# End of test +diff --git a/mysql-test/suite/sys_vars/r/wsrep_provider_basic.result b/mysql-test/suite/sys_vars/r/wsrep_provider_basic.result +deleted file mode 100644 +index 3e4ac8ca883..00000000000 +--- a/mysql-test/suite/sys_vars/r/wsrep_provider_basic.result ++++ /dev/null +@@ -1,40 +0,0 @@ +-# +-# wsrep_provider +-# +-# save the initial value +-SET @wsrep_provider_global_saved = @@global.wsrep_provider; +-# default +-SELECT @@global.wsrep_provider; +-@@global.wsrep_provider +-none +- +-# scope +-SELECT @@session.wsrep_provider; +-ERROR HY000: Variable 'wsrep_provider' is a GLOBAL variable +-SELECT @@global.wsrep_provider; +-@@global.wsrep_provider +-none +- +-# valid values +-SET @@global.wsrep_provider=default; +-SELECT @@global.wsrep_provider; +-@@global.wsrep_provider +-none +- +-# invalid values +-SET @@global.wsrep_provider='/invalid/libgalera_smm.so'; +-ERROR 42000: Variable 'wsrep_provider' can't be set to the value of '/invalid/libgalera_smm.so' +-SET @@global.wsrep_provider=NULL; +-ERROR 42000: Variable 'wsrep_provider' can't be set to the value of 'NULL' +-SELECT @@global.wsrep_provider; +-@@global.wsrep_provider +-none +-SET @@global.wsrep_provider=1; +-ERROR 42000: Incorrect argument type to variable 'wsrep_provider' +-SELECT @@global.wsrep_provider; +-@@global.wsrep_provider +-none +- +-# restore the initial value +-SET @@global.wsrep_provider = @wsrep_provider_global_saved; +-# End of test +diff --git a/mysql-test/suite/sys_vars/r/wsrep_provider_options_basic.result b/mysql-test/suite/sys_vars/r/wsrep_provider_options_basic.result +deleted file mode 100644 +index 15949a14e39..00000000000 +--- a/mysql-test/suite/sys_vars/r/wsrep_provider_options_basic.result ++++ /dev/null +@@ -1,46 +0,0 @@ +-# +-# wsrep_provider_options +-# +-call mtr.add_suppression("WSREP: Failed to get provider options"); +-# default +-SELECT @@global.wsrep_provider_options; +-@@global.wsrep_provider_options +- +- +-# scope +-SELECT @@session.wsrep_provider_options; +-ERROR HY000: Variable 'wsrep_provider_options' is a GLOBAL variable +-SET @@global.wsrep_provider_options='option1'; +-SELECT @@global.wsrep_provider_options; +-@@global.wsrep_provider_options +- +- +-# valid values +-SET @@global.wsrep_provider_options='name1=value1;name2=value2'; +-ERROR HY000: WSREP (galera) not started +-SELECT @@global.wsrep_provider_options; +-@@global.wsrep_provider_options +- +-SET @@global.wsrep_provider_options='hyphenated-name:value'; +-ERROR HY000: WSREP (galera) not started +-SELECT @@global.wsrep_provider_options; +-@@global.wsrep_provider_options +- +-SET @@global.wsrep_provider_options=default; +-ERROR HY000: WSREP (galera) not started +-SELECT @@global.wsrep_provider_options; +-@@global.wsrep_provider_options +- +- +-# invalid values +-SET @@global.wsrep_provider_options=1; +-ERROR 42000: Incorrect argument type to variable 'wsrep_provider_options' +-SELECT @@global.wsrep_provider_options; +-@@global.wsrep_provider_options +- +-SET @@global.wsrep_provider_options=NULL; +-Got one of the listed errors +-SELECT @@global.wsrep_provider_options; +-@@global.wsrep_provider_options +- +-# End of test +diff --git a/mysql-test/suite/sys_vars/t/wsrep_notify_cmd_basic.test b/mysql-test/suite/sys_vars/t/wsrep_notify_cmd_basic.test +deleted file mode 100644 +index 6d1535ba148..00000000000 +--- a/mysql-test/suite/sys_vars/t/wsrep_notify_cmd_basic.test ++++ /dev/null +@@ -1,43 +0,0 @@ +---source include/have_wsrep.inc +- +---echo # +---echo # wsrep_notify_cmd +---echo # +- +-call mtr.add_suppression("WSREP: Failed to get provider options"); +- +---echo # save the initial value +-SET @wsrep_notify_cmd_global_saved = @@global.wsrep_notify_cmd; +- +---echo # default +-SELECT @@global.wsrep_notify_cmd; +- +---echo +---echo # scope +---error ER_INCORRECT_GLOBAL_LOCAL_VAR +-SELECT @@session.wsrep_notify_cmd; +-SET @@global.wsrep_notify_cmd='notify_cmd'; +-SELECT @@global.wsrep_notify_cmd; +- +---echo +---echo # valid values +-SET @@global.wsrep_notify_cmd='command'; +-SELECT @@global.wsrep_notify_cmd; +-SET @@global.wsrep_notify_cmd='hyphenated-command'; +-SELECT @@global.wsrep_notify_cmd; +-SET @@global.wsrep_notify_cmd=default; +-SELECT @@global.wsrep_notify_cmd; +-SET @@global.wsrep_notify_cmd=NULL; +-SELECT @@global.wsrep_notify_cmd; +- +---echo +---echo # invalid values +---error ER_WRONG_TYPE_FOR_VAR +-SET @@global.wsrep_notify_cmd=1; +-SELECT @@global.wsrep_notify_cmd; +- +---echo +---echo # restore the initial value +-SET @@global.wsrep_notify_cmd = @wsrep_notify_cmd_global_saved; +- +---echo # End of test +diff --git a/mysql-test/suite/sys_vars/t/wsrep_provider_basic.test b/mysql-test/suite/sys_vars/t/wsrep_provider_basic.test +deleted file mode 100644 +index 1190ab41bb0..00000000000 +--- a/mysql-test/suite/sys_vars/t/wsrep_provider_basic.test ++++ /dev/null +@@ -1,39 +0,0 @@ +---source include/have_wsrep.inc +- +---echo # +---echo # wsrep_provider +---echo # +- +---echo # save the initial value +-SET @wsrep_provider_global_saved = @@global.wsrep_provider; +- +---echo # default +-SELECT @@global.wsrep_provider; +- +---echo +---echo # scope +---error ER_INCORRECT_GLOBAL_LOCAL_VAR +-SELECT @@session.wsrep_provider; +-SELECT @@global.wsrep_provider; +- +---echo +---echo # valid values +-SET @@global.wsrep_provider=default; +-SELECT @@global.wsrep_provider; +- +---echo +---echo # invalid values +---error ER_WRONG_VALUE_FOR_VAR +-SET @@global.wsrep_provider='/invalid/libgalera_smm.so'; +---error ER_WRONG_VALUE_FOR_VAR +-SET @@global.wsrep_provider=NULL; +-SELECT @@global.wsrep_provider; +---error ER_WRONG_TYPE_FOR_VAR +-SET @@global.wsrep_provider=1; +-SELECT @@global.wsrep_provider; +- +---echo +---echo # restore the initial value +-SET @@global.wsrep_provider = @wsrep_provider_global_saved; +- +---echo # End of test +diff --git a/mysql-test/suite/sys_vars/t/wsrep_provider_options_basic.test b/mysql-test/suite/sys_vars/t/wsrep_provider_options_basic.test +deleted file mode 100644 +index 6eb3a94b6a4..00000000000 +--- a/mysql-test/suite/sys_vars/t/wsrep_provider_options_basic.test ++++ /dev/null +@@ -1,41 +0,0 @@ +---source include/have_wsrep.inc +- +---echo # +---echo # wsrep_provider_options +---echo # +- +-call mtr.add_suppression("WSREP: Failed to get provider options"); +- +---echo # default +-SELECT @@global.wsrep_provider_options; +- +---echo +---echo # scope +---error ER_INCORRECT_GLOBAL_LOCAL_VAR +-SELECT @@session.wsrep_provider_options; +---error 0,ER_WRONG_ARGUMENTS +-SET @@global.wsrep_provider_options='option1'; +-SELECT @@global.wsrep_provider_options; +- +---echo +---echo # valid values +---error ER_WRONG_ARGUMENTS +-SET @@global.wsrep_provider_options='name1=value1;name2=value2'; +-SELECT @@global.wsrep_provider_options; +---error ER_WRONG_ARGUMENTS +-SET @@global.wsrep_provider_options='hyphenated-name:value'; +-SELECT @@global.wsrep_provider_options; +---error ER_WRONG_ARGUMENTS +-SET @@global.wsrep_provider_options=default; +-SELECT @@global.wsrep_provider_options; +- +---echo +---echo # invalid values +---error ER_WRONG_TYPE_FOR_VAR +-SET @@global.wsrep_provider_options=1; +-SELECT @@global.wsrep_provider_options; +---error ER_WRONG_ARGUMENTS,ER_WRONG_ARGUMENTS +-SET @@global.wsrep_provider_options=NULL; +-SELECT @@global.wsrep_provider_options; +- +---echo # End of test +diff --git a/mysql-test/suite/wsrep/disabled.def b/mysql-test/suite/wsrep/disabled.def +index 11577bfe8b0..3d204db6945 100644 +--- a/mysql-test/suite/wsrep/disabled.def ++++ b/mysql-test/suite/wsrep/disabled.def +@@ -10,3 +10,5 @@ + # + ############################################################################## + ++ ++mdev_6832: wsrep_provider is read-only for security reasons +diff --git a/mysql-test/suite/wsrep/r/variables.result b/mysql-test/suite/wsrep/r/variables.result +index a9988fd1628..e57440125ee 100644 +--- a/mysql-test/suite/wsrep/r/variables.result ++++ b/mysql-test/suite/wsrep/r/variables.result +@@ -14,7 +14,6 @@ SET SESSION wsrep_replicate_myisam= ON; + ERROR HY000: Variable 'wsrep_replicate_myisam' is a GLOBAL variable and should be set with SET GLOBAL + SET GLOBAL wsrep_replicate_myisam= ON; + SET GLOBAL wsrep_replicate_myisam= OFF; +-SET GLOBAL wsrep_provider=none; + # + # MDEV#5790: SHOW GLOBAL STATUS LIKE does not show the correct list of + # variables when using "_" +@@ -151,7 +150,6 @@ wsrep_local_state_comment # + # Should show nothing. + SHOW STATUS LIKE 'x'; + Variable_name Value +-SET GLOBAL wsrep_provider=none; + + SHOW STATUS LIKE 'wsrep_local_state_uuid'; + Variable_name Value +@@ -160,7 +158,6 @@ wsrep_local_state_uuid # + SHOW STATUS LIKE 'wsrep_last_committed'; + Variable_name Value + wsrep_last_committed # +-SET GLOBAL wsrep_provider=none; + + # + # MDEV#6206: wsrep_slave_threads subtracts from max_connections +@@ -174,7 +171,7 @@ SELECT @@global.wsrep_slave_threads; + 1 + SELECT @@global.wsrep_cluster_address; + @@global.wsrep_cluster_address +- ++gcomm:// + SELECT @@global.wsrep_on; + @@global.wsrep_on + 1 +@@ -183,14 +180,14 @@ Variable_name Value + Threads_connected 1 + SHOW STATUS LIKE 'wsrep_thread_count'; + Variable_name Value +-wsrep_thread_count 0 ++wsrep_thread_count 2 + + SELECT @@global.wsrep_provider; + @@global.wsrep_provider + libgalera_smm.so + SELECT @@global.wsrep_cluster_address; + @@global.wsrep_cluster_address +- ++gcomm:// + SELECT @@global.wsrep_on; + @@global.wsrep_on + 1 +@@ -199,11 +196,10 @@ Variable_name Value + Threads_connected 1 + SHOW STATUS LIKE 'wsrep_thread_count'; + Variable_name Value +-wsrep_thread_count 0 ++wsrep_thread_count 2 + + # Setting wsrep_cluster_address triggers the creation of + # applier/rollbacker threads. +-SET GLOBAL wsrep_cluster_address= 'gcomm://'; + # Wait for applier thread to get created 1. + # Wait for applier thread to get created 2. + SELECT VARIABLE_VALUE AS EXPECT_1 FROM INFORMATION_SCHEMA.GLOBAL_STATUS WHERE VARIABLE_NAME = 'wsrep_applier_thread_count'; +diff --git a/mysql-test/suite/wsrep/t/variables.test b/mysql-test/suite/wsrep/t/variables.test +index f2c3a0a3b78..fd352b61a3a 100644 +--- a/mysql-test/suite/wsrep/t/variables.test ++++ b/mysql-test/suite/wsrep/t/variables.test +@@ -23,7 +23,7 @@ SET GLOBAL wsrep_replicate_myisam= ON; + + # Reset it back. + SET GLOBAL wsrep_replicate_myisam= OFF; +-SET GLOBAL wsrep_provider=none; ++#SET GLOBAL wsrep_provider=none; + + --echo # + --echo # MDEV#5790: SHOW GLOBAL STATUS LIKE does not show the correct list of +@@ -32,9 +32,6 @@ SET GLOBAL wsrep_provider=none; + + CALL mtr.add_suppression("WSREP: Could not open saved state file for reading.*"); + +---disable_query_log +-eval SET GLOBAL wsrep_provider= '$WSREP_PROVIDER'; +---enable_query_log + + --replace_column 2 # + SHOW GLOBAL STATUS LIKE 'wsrep%'; +@@ -50,11 +47,9 @@ SHOW GLOBAL STATUS LIKE 'wsrep_local_state_comment'; + SHOW STATUS LIKE 'x'; + + # Reset it back. +-SET GLOBAL wsrep_provider=none; ++#SET GLOBAL wsrep_provider=none; + +---disable_query_log +-eval SET GLOBAL wsrep_provider= '$WSREP_PROVIDER'; +---enable_query_log ++#evalp SET GLOBAL wsrep_provider= '$WSREP_PROVIDER'; + + # The following 2 variables are used by mariabackup + # SST. +@@ -66,7 +61,7 @@ SHOW STATUS LIKE 'wsrep_local_state_uuid'; + SHOW STATUS LIKE 'wsrep_last_committed'; + + # Reset it back. +-SET GLOBAL wsrep_provider=none; ++#SET GLOBAL wsrep_provider=none; + + --echo + --echo # +@@ -74,9 +69,7 @@ SET GLOBAL wsrep_provider=none; + --echo # + call mtr.add_suppression("WSREP: Failed to get provider options"); + +---disable_query_log +-eval SET GLOBAL wsrep_provider= '$WSREP_PROVIDER'; +---enable_query_log ++#evalp SET GLOBAL wsrep_provider= '$WSREP_PROVIDER'; + + --replace_regex /.*libgalera_smm.*/libgalera_smm.so/ + SELECT @@global.wsrep_provider; +@@ -87,9 +80,7 @@ SHOW STATUS LIKE 'threads_connected'; + SHOW STATUS LIKE 'wsrep_thread_count'; + --echo + +---disable_query_log +-eval SET GLOBAL wsrep_provider= '$WSREP_PROVIDER'; +---enable_query_log ++#evalp SET GLOBAL wsrep_provider= '$WSREP_PROVIDER'; + + --replace_regex /.*libgalera_smm.*/libgalera_smm.so/ + SELECT @@global.wsrep_provider; +@@ -101,7 +92,7 @@ SHOW STATUS LIKE 'wsrep_thread_count'; + + --echo # Setting wsrep_cluster_address triggers the creation of + --echo # applier/rollbacker threads. +-SET GLOBAL wsrep_cluster_address= 'gcomm://'; ++#SET GLOBAL wsrep_cluster_address= 'gcomm://'; + + --echo # Wait for applier thread to get created 1. + --let $wait_condition = SELECT VARIABLE_VALUE = 1 FROM INFORMATION_SCHEMA.GLOBAL_STATUS WHERE VARIABLE_NAME = 'wsrep_applier_thread_count'; +@@ -162,15 +153,6 @@ SET @@global.wsrep_sst_auth= NULL; + SELECT @@global.wsrep_sst_auth; + SET @@global.wsrep_sst_auth= @wsrep_sst_auth_saved; + +-# Reset (for mtr internal checks) +- +---disable_query_log +-SET GLOBAL wsrep_slave_threads= @wsrep_slave_threads_saved; +-eval SET GLOBAL wsrep_provider= '$WSREP_PROVIDER'; +-SET GLOBAL wsrep_cluster_address= @wsrep_cluster_address_saved; +-SET GLOBAL wsrep_provider_options= @wsrep_provider_options_saved; +---enable_query_log +- + --source include/galera_wait_ready.inc + + --echo # End of test. +diff --git a/sql/sys_vars.cc b/sql/sys_vars.cc +index 64040243df0..8c67a4d432a 100644 +--- a/sql/sys_vars.cc ++++ b/sql/sys_vars.cc +@@ -5669,8 +5669,8 @@ static Sys_var_tz Sys_time_zone( + + static Sys_var_charptr_fscs Sys_wsrep_provider( + "wsrep_provider", "Path to replication provider library", +- PREALLOCATED GLOBAL_VAR(wsrep_provider), CMD_LINE(REQUIRED_ARG), +- DEFAULT(WSREP_NONE), ++ PREALLOCATED READ_ONLY GLOBAL_VAR(wsrep_provider), CMD_LINE(REQUIRED_ARG), ++ DEFAULT(WSREP_NONE), + NO_MUTEX_GUARD, NOT_IN_BINLOG, + ON_CHECK(wsrep_provider_check), ON_UPDATE(wsrep_provider_update)); + +@@ -5886,8 +5886,8 @@ static Sys_var_ulong Sys_wsrep_max_ws_rows ( + + static Sys_var_charptr Sys_wsrep_notify_cmd( + "wsrep_notify_cmd", "", +- GLOBAL_VAR(wsrep_notify_cmd),CMD_LINE(REQUIRED_ARG), +- DEFAULT("")); ++ READ_ONLY GLOBAL_VAR(wsrep_notify_cmd), CMD_LINE(REQUIRED_ARG), ++ DEFAULT("")); + + static Sys_var_mybool Sys_wsrep_certify_nonPK( + "wsrep_certify_nonPK", "Certify tables with no primary key", +-- +2.31.0 + -- 2.31.0 From unknown Sun Jun 15 08:57:01 2025 X-Loop: help-debbugs@gnu.org Subject: bug#47257: [PATCH v3] gnu: mariadb: Fix CVE-2021-27928. Resent-From: =?UTF-8?Q?L=C3=A9o?= Le Bouter Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Thu, 25 Mar 2021 12:49:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 47257 X-GNU-PR-Package: guix X-GNU-PR-Keywords: security To: 47257@debbugs.gnu.org Received: via spool by 47257-submit@debbugs.gnu.org id=B47257.161667653023862 (code B ref 47257); Thu, 25 Mar 2021 12:49:02 +0000 Received: (at 47257) by debbugs.gnu.org; 25 Mar 2021 12:48:50 +0000 Received: from localhost ([127.0.0.1]:37427 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lPPPu-0006Cn-57 for submit@debbugs.gnu.org; Thu, 25 Mar 2021 08:48:50 -0400 Received: from mail.zaclys.net ([178.33.93.72]:37657) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lPPPs-0006Ca-8u for 47257@debbugs.gnu.org; Thu, 25 Mar 2021 08:48:49 -0400 Received: from guix-xps.local (82-64-145-38.subs.proxad.net [82.64.145.38]) (authenticated bits=0) by mail.zaclys.net (8.14.7/8.14.7) with ESMTP id 12PCmg48044062 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO) for <47257@debbugs.gnu.org>; Thu, 25 Mar 2021 13:48:42 +0100 DMARC-Filter: OpenDMARC Filter v1.3.2 mail.zaclys.net 12PCmg48044062 Authentication-Results: mail.zaclys.net; dmarc=fail (p=reject dis=none) header.from=zaclys.net Authentication-Results: mail.zaclys.net; spf=fail smtp.mailfrom=lle-bout@zaclys.net DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zaclys.net; s=default; t=1616676522; bh=G7xlpV2/nFE/A80WPwBOAgHS/KqbSvwGwt3l+Fjmv7Y=; h=Subject:From:To:Date:In-Reply-To:References:From; b=q6xwiMbR5gc3X1y6Nmw2RMPULA9+FvDEI4y2I+PEIktscHfYHk/JcmfqjAqZEERwD 3OSj6uQ0EiRY/SmLteH/DNfJSEMXAS7R/m555/JNfo9i/RNlQBetvwhVF0V1ROQELh J1x1BxdNCjKVxsL9ij0i0C4URUTwNd+6D04FG0yA= Message-ID: From: =?UTF-8?Q?L=C3=A9o?= Le Bouter Date: Thu, 25 Mar 2021 13:48:41 +0100 In-Reply-To: <20210325123921.9800-1-lle-bout@zaclys.net> References: <20210325123921.9800-1-lle-bout@zaclys.net> Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="=-DfBZWGvOjOtodEGw8CSk" User-Agent: Evolution 3.34.2 MIME-Version: 1.0 X-Spam-Score: 0.0 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) --=-DfBZWGvOjOtodEGw8CSk Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable v3 tested and builds fine: $ ./pre-inst-env guix build mariadb /gnu/store/f70jymwyfcnsghy4jg8caibci59p8rgq-mariadb-10.5.8-dev /gnu/store/cj3qym1x1jjh02m2g23cqpbhchrbmn6c-mariadb-10.5.8-lib /gnu/store/mpb5bdf1vkwazqfmmwcvskdm50g191bg-mariadb-10.5.8 Since we don't have PoC, I can't verify the rebased patch actually fixes the security issue but it should. That's what we get when manually rebasing stuff to earlier versions. Test suite passes but not sure it actually tests this security issue being fixed. Please review, then I will push, it's been 7 days so, let's get this in. --=-DfBZWGvOjOtodEGw8CSk Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEFIvLi9gL+xax3g6RRaix6GvNEKYFAmBchqkACgkQRaix6GvN EKYPgg//eqO6SAypRLSvs4AnFOgGTUuIg+lHc5CL6OBBZs1A1p0ilSFPn7MDyFuA 2JtKlkTvBiFndMem2RBKHWpxIkhd0+QTeSSSH8e2Z6c4o9a8G5uoq2b7EmmMpz8M 0sNIFCK8IhzA+nXuNngzGONKVywhY+XQ5B+6nA3P4hKDH+6zoTfhN158H9FEUz6v 2iqjj88WNVU4tZ+EJA/7TFO9T8g3JD/zX0vWpUZcaDfuot2qEEToxyp+KuA9IrUu z3LjbKSxHChtOliTWvh6Nkg1fJnMfURKXbnsAdMKJrmh/VzYDQiwTgyO52t8G19w m5iRyKl58/lksg0dixNvmU1l6pkbjvHfsGhC+0cX1tfCL1H52tgOJWHpNDY5SLSL Y9jm/yqeVomOVqQyXn1WIOKYQU6tcvyf3UFHwCsju5FKdE4pBskxQGdrRyI4vCwK a508VvxYdx155b32+a2lK+gnJnCFnlE6L+wmQhAG6o70G+E2Ki29mAh/8f0soH8U pmvwDGSXU2Ks0Xj2gVM73nmsRNbArOzYE1OfOUTzWeUMABhKLmPif/SYlBCVVyxG vx8IpiNyjC90VrxUFFFwHmx7UdWYN3qPplOR1v4st7Ot47LcDV8kpXwxN05le9+r 0CHrBxM3q5jxG1wfpQW6+PXq+W2G+WRhlSsDxlq0DCSoQpAcUMU= =Av/a -----END PGP SIGNATURE----- --=-DfBZWGvOjOtodEGw8CSk-- From unknown Sun Jun 15 08:57:01 2025 X-Loop: help-debbugs@gnu.org Subject: bug#47257: [PATCH v3] gnu: mariadb: Fix CVE-2021-27928. Resent-From: Mark H Weaver Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Fri, 26 Mar 2021 01:19:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 47257 X-GNU-PR-Package: guix X-GNU-PR-Keywords: security To: =?UTF-8?Q?L=C3=A9o?= Le Bouter , 47257@debbugs.gnu.org Received: via spool by 47257-submit@debbugs.gnu.org id=B47257.16167215252086 (code B ref 47257); Fri, 26 Mar 2021 01:19:02 +0000 Received: (at 47257) by debbugs.gnu.org; 26 Mar 2021 01:18:45 +0000 Received: from localhost ([127.0.0.1]:39996 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lPb7c-0000Xa-Np for submit@debbugs.gnu.org; Thu, 25 Mar 2021 21:18:44 -0400 Received: from world.peace.net ([64.112.178.59]:45608) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lPb7b-0000XO-Pl for 47257@debbugs.gnu.org; Thu, 25 Mar 2021 21:18:44 -0400 Received: from mhw by world.peace.net with esmtpsa (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1lPb7V-0005Dq-Cl; Thu, 25 Mar 2021 21:18:37 -0400 From: Mark H Weaver In-Reply-To: References: <20210325123921.9800-1-lle-bout@zaclys.net> Date: Thu, 25 Mar 2021 21:16:59 -0400 Message-ID: <87blb6r9w9.fsf@netris.org> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: 0.0 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) L=C3=A9o Le Bouter via Bug reports for GNU Guix writes: > v3 tested and builds fine: > > $ ./pre-inst-env guix build mariadb > /gnu/store/f70jymwyfcnsghy4jg8caibci59p8rgq-mariadb-10.5.8-dev > /gnu/store/cj3qym1x1jjh02m2g23cqpbhchrbmn6c-mariadb-10.5.8-lib > /gnu/store/mpb5bdf1vkwazqfmmwcvskdm50g191bg-mariadb-10.5.8 > > Since we don't have PoC, I can't verify the rebased patch actually > fixes the security issue but it should. That's what we get when > manually rebasing stuff to earlier versions. Test suite passes but not > sure it actually tests this security issue being fixed. > > Please review, then I will push, it's been 7 days so, let's get this > in. Looks good to me. Please push. Thank you! Mark From unknown Sun Jun 15 08:57:01 2025 MIME-Version: 1.0 X-Mailer: MIME-tools 5.505 (Entity 5.505) X-Loop: help-debbugs@gnu.org From: help-debbugs@gnu.org (GNU bug Tracking System) To: =?UTF-8?Q?L=C3=A9o?= Le Bouter Subject: bug#47257: closed (Re: bug#47257: [PATCH v3] gnu: mariadb: Fix CVE-2021-27928.) Message-ID: References: <9e630e7cec836881b4842129a396f23fdab2f5e0.camel@zaclys.net> <7d6d60c61fc372f62125ef5a36bc22956db5907e.camel@zaclys.net> X-Gnu-PR-Message: they-closed 47257 X-Gnu-PR-Package: guix X-Gnu-PR-Keywords: security Reply-To: 47257@debbugs.gnu.org Date: Fri, 26 Mar 2021 01:24:02 +0000 Content-Type: multipart/mixed; boundary="----------=_1616721842-2622-1" This is a multi-part message in MIME format... ------------=_1616721842-2622-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Your bug report #47257: mariadb is vulnerable to CVE-2021-27928 (RCE) which was filed against the guix package, has been closed. The explanation is attached below, along with your original report. If you require more details, please reply to 47257@debbugs.gnu.org. --=20 47257: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=3D47257 GNU Bug Tracking System Contact help-debbugs@gnu.org with problems ------------=_1616721842-2622-1 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at 47257-done) by debbugs.gnu.org; 26 Mar 2021 01:23:56 +0000 Received: from localhost ([127.0.0.1]:40006 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lPbCe-0000fz-0I for submit@debbugs.gnu.org; Thu, 25 Mar 2021 21:23:56 -0400 Received: from mail.zaclys.net ([178.33.93.72]:36577) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lPbCc-0000fm-4w for 47257-done@debbugs.gnu.org; Thu, 25 Mar 2021 21:23:55 -0400 Received: from guix-xps.local (82-64-145-38.subs.proxad.net [82.64.145.38]) (authenticated bits=0) by mail.zaclys.net (8.14.7/8.14.7) with ESMTP id 12Q1NliI028490 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Fri, 26 Mar 2021 02:23:47 +0100 DMARC-Filter: OpenDMARC Filter v1.3.2 mail.zaclys.net 12Q1NliI028490 Authentication-Results: mail.zaclys.net; dmarc=fail (p=reject dis=none) header.from=zaclys.net Authentication-Results: mail.zaclys.net; spf=fail smtp.mailfrom=lle-bout@zaclys.net DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zaclys.net; s=default; t=1616721827; bh=1GdqALevky1HFl7bVgV8eoVyeT4c9TZo4TsvR98T5N4=; h=Subject:From:To:Date:In-Reply-To:References:From; b=kg2NyVReCNn+JH0Vgx0LYPkka+MG33LVBz+z1aMY4PiwkjLiYoI/fJy3QhhhvhR/B srdSKQdzET0kRBneCqRaw2HK79xZ2edtlxAR2JHnF2GTAAmrahA9n2ARaL4k0XDleL cHVLiKdxJe5qpC1YDsW/oq2HoZ8l8NlBbDcb9d64= Message-ID: <9e630e7cec836881b4842129a396f23fdab2f5e0.camel@zaclys.net> Subject: Re: bug#47257: [PATCH v3] gnu: mariadb: Fix CVE-2021-27928. From: =?ISO-8859-1?Q?L=E9o?= Le Bouter To: Mark H Weaver , 47257-done@debbugs.gnu.org Date: Fri, 26 Mar 2021 02:23:47 +0100 In-Reply-To: <87blb6r9w9.fsf@netris.org> References: <20210325123921.9800-1-lle-bout@zaclys.net> <87blb6r9w9.fsf@netris.org> Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="=-l4HhTrUCnGSzOoAyZIL8" User-Agent: Evolution 3.34.2 MIME-Version: 1.0 X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 47257-done X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) --=-l4HhTrUCnGSzOoAyZIL8 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Thu, 2021-03-25 at 21:16 -0400, Mark H Weaver wrote: >=20 > Looks good to me. Please push. Thank you! >=20 > Mark Thank you for the review, pushed as 52c8d07a4f7033534a71ac7efeec21a65d35c125. --=-l4HhTrUCnGSzOoAyZIL8 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEFIvLi9gL+xax3g6RRaix6GvNEKYFAmBdN6MACgkQRaix6GvN EKY0dA/8CyM5LbzCPNlELQ1R+nTgrg7TsIWMhb61MyF2nzRJudvZ9yu3AtSQt46s 5FeXWIRIRHR7a+6pXDDNcLm/n3+SffcixegT1Vs3JBkEkxU5kJvubOu3ElurGqt6 6VTJs1BTnWeKpRlIWQvMcitoqMEkJzbG7xd1EE88zIOnoOMHRFhtI1J0VpIHrodc EBBFaaqOfYFGeHOJhWhweed/D2ithLnYkaAaY7ulbU27yCSYBgr/hCda6E9+ZZAJ bQE7nCnJ9fs2wKmixi5HtTkarEjkQ0A/3lD1ZnhPwNYcPM5pveHtQV4xEnBqDPfF F+ZH/zfJrJVBJQNFj+PTTjJG0OUkqY15UzMLuKVr+njrTrWLDrveE6Ewo+EwW00k u7fw2kN4jFx6EZov/Qfjd8LMS1sRAYAV9JjVQhSMqdcQ4+2FKW5CE6Y+QqB753Zi KS3NOAN/slSXLB7lg8q4xZSAw9JcvMyxQ0tf1Y2pBLPLGwhETeGm3J3D3rRcGlk4 tW5ETPqqACs6B+fV3BhgPyi6+jjT013mzoC8TsdW7FF0PMnrdnuq1TL96OzSVWd2 +kPRKNDdDkXjxEfu4edhwh1n/PJnPC8pWndd2+lg59nbreP0iiDHw4Chm3Hi7F4s h2c8cnn1yFrsAcEofmHPS5E3DFTN7V1NYpEUtm3umoVLrR3kxzI= =yQYt -----END PGP SIGNATURE----- --=-l4HhTrUCnGSzOoAyZIL8-- ------------=_1616721842-2622-1 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at submit) by debbugs.gnu.org; 19 Mar 2021 10:25:46 +0000 Received: from localhost ([127.0.0.1]:48871 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lNCKA-0004mC-FZ for submit@debbugs.gnu.org; Fri, 19 Mar 2021 06:25:46 -0400 Received: from lists.gnu.org ([209.51.188.17]:50662) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lNCK8-0004m5-In for submit@debbugs.gnu.org; Fri, 19 Mar 2021 06:25:44 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:50446) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lNCK7-0006hu-3x for bug-guix@gnu.org; Fri, 19 Mar 2021 06:25:44 -0400 Received: from mail.zaclys.net ([178.33.93.72]:34781) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lNCK4-000792-3T for bug-guix@gnu.org; Fri, 19 Mar 2021 06:25:42 -0400 Received: from guix-xps.local (lsl43-1_migr-78-195-19-20.fbx.proxad.net [78.195.19.20] (may be forged)) (authenticated bits=0) by mail.zaclys.net (8.14.7/8.14.7) with ESMTP id 12JAPZPw023317 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO) for ; Fri, 19 Mar 2021 11:25:36 +0100 DMARC-Filter: OpenDMARC Filter v1.3.2 mail.zaclys.net 12JAPZPw023317 Authentication-Results: mail.zaclys.net; dmarc=fail (p=reject dis=none) header.from=zaclys.net Authentication-Results: mail.zaclys.net; spf=fail smtp.mailfrom=lle-bout@zaclys.net DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zaclys.net; s=default; t=1616149536; bh=1puOrrZCiHA8ILuIcfUwMaf9bq1QdKgqIlxQQejx6NY=; h=Subject:From:To:Date:From; b=mX5vzP0e61HvujFj+Nksb+9o1VHfMGQY93ggIkKs5ajMgo7Q5H786X0dZf4fC6UIg cltCEoGVKs+90YkO0jOYI6JZi2wijckltqLQCRSM9bz9q5eiN07gkKm6TescRpwD1n zhF5JIgqY/D3xTEPA9YmBZBcpSXf9fhCTefrni54= Message-ID: <7d6d60c61fc372f62125ef5a36bc22956db5907e.camel@zaclys.net> Subject: mariadb is vulnerable to CVE-2021-27928 (RCE) From: =?ISO-8859-1?Q?L=E9o?= Le Bouter To: bug-guix@gnu.org Date: Fri, 19 Mar 2021 11:25:31 +0100 Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="=-HV4jQBhGNbmjzWfMKcxr" User-Agent: Evolution 3.34.2 MIME-Version: 1.0 Received-SPF: pass client-ip=178.33.93.72; envelope-from=lle-bout@zaclys.net; helo=mail.zaclys.net X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-Spam-Score: -1.3 (-) X-Debbugs-Envelope-To: submit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -2.3 (--) --=-HV4jQBhGNbmjzWfMKcxr Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable CVE-2021-27928 04:15 A remote code execution issue was discovered in MariaDB 10.2 before 10.2.37, 10.3 before 10.3.28, 10.4 before 10.4.18, and 10.5 before 10.5.9; Percona Server through 2021-03-03; and the wsrep patch through 2021-03-03 for MySQL. An untrusted search path leads to eval injection, in which a database SUPER user can execute OS commands after modifying wsrep_provider and wsrep_notify_cmd. NOTE: this does not affect an Oracle product. =46rom https://jira.mariadb.org/browse/MDEV-25179 it looks like 10.5.9 fixes it for us since we package 10.5.8 currently. However: $ ./pre-inst-env guix refresh -l mariadb Building the following 552 packages would ensure 1047 dependent packages are rebuilt: [..] Is it possible to graft mariadb you think? I am thinking this issue doesnt need updating of the "lib" output which is what's causing the high number of dependents AIUI. I am not sure we could actually update individual outputs right now though. Might be a good idea to split the packages for the future. L=C3=A9o --=-HV4jQBhGNbmjzWfMKcxr Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEFIvLi9gL+xax3g6RRaix6GvNEKYFAmBUfBsACgkQRaix6GvN EKZ48xAAg7TTA36nGY+2YV64wogSp0LpXk3kJwoRom9/LSnPuy0JZKo7Z7V8vJyN cYiwvTKjSLm01UqNvsJ4fmoz6+H/LdEfNvTI2INQKZmMjxnBpfmT1dEAa2nfeh+0 160bBxHofksBSuDddLEeeJD+GtUZYpIbm1dRr0KZvOwvqWML3v4HZGfxv/QO+aCL mdtqU9L15bMbbL3GzE4ok1+hevIuPiHTEPOmdlHpOp5EFPi0q+cWmvFc8m5Z+m94 FV9RjdMayV0Ho4rrw7JGHy0viZf5c8kiCArdGmBdUE1XMTNsdJa3DWzN3oPwjRS/ mMvPeSdhC//rxCoQLyRCADUBmOucgqZ6RotH3+SIw0jisQhvKt1hF0TvzQhOdNCX 1CAJoZ3QwsiQrUeui//Ka/lbywkhBwMtbPXxiEM8o/pSHjJcMKZzX+a7e473zbq2 amkvNsfaRDXuExdrG1JYM2p9i7zbpxLvn361ZUCwBIE4PR0sG5XgGHqTZwhp7xyf 0LTH2FHRGkqMQOUlimIETu8F8u3TLyTploojmuWsP2ZgmK99axb02b8mOBwnsDau pugfhYnq5KkcnVy95JEQZnVNiCqNZV6vm90R3U0wUIBzLZBO1me1Qc6P+3cKXPnS WxwqkUQnvc5V/RFUURTBsu9llwaIp0Kp4tmFLKmGx1fJCQQTq34= =Tbur -----END PGP SIGNATURE----- --=-HV4jQBhGNbmjzWfMKcxr-- ------------=_1616721842-2622-1-- From unknown Sun Jun 15 08:57:01 2025 X-Loop: help-debbugs@gnu.org Subject: bug#47257: mariadb is vulnerable to CVE-2021-27928 (RCE) Resent-From: zimoun Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Mon, 29 Mar 2021 21:35:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 47257 X-GNU-PR-Package: guix X-GNU-PR-Keywords: security To: =?UTF-8?Q?L=C3=A9o?= Le Bouter Cc: 47257@debbugs.gnu.org Received: via spool by 47257-submit@debbugs.gnu.org id=B47257.161705367525825 (code B ref 47257); Mon, 29 Mar 2021 21:35:01 +0000 Received: (at 47257) by debbugs.gnu.org; 29 Mar 2021 21:34:35 +0000 Received: from localhost ([127.0.0.1]:49770 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lQzWs-0006iS-OF for submit@debbugs.gnu.org; Mon, 29 Mar 2021 17:34:35 -0400 Received: from mail-qt1-f174.google.com ([209.85.160.174]:34479) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lQzWq-0006iF-Rz for 47257@debbugs.gnu.org; Mon, 29 Mar 2021 17:34:33 -0400 Received: by mail-qt1-f174.google.com with SMTP id c6so10490847qtc.1 for <47257@debbugs.gnu.org>; Mon, 29 Mar 2021 14:34:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=gr6UvQJsDoAZW0vfUqNsf8x1ICP/dawscfbk/BfRgnM=; b=fRgIb0zbTWQLlLJWqg9oQ12UVYEu132uAH8DPyXYvMpT4J1LJBOBEKyW+4I+fIvaIl FQGOTgsG9Z8EczgBfAnri1hlxq/AOvN4uLHcqUmvl2h2ntCPGfknkQ/C4C2d7xLgF/21 Pe6LaLokjr+W58ucXSYvNmHek+4BQdcyuzp3zptL6xgj5fNZ9NsHJouml6k9QXww5Or2 cBEAoe5CrS8wyLcSPlEqHM2tIOoWkZcSX3g+ijs9vct5k7IBT/LmQde3F402yM4Vqvr5 ejlTQnXD9mZxOnnqMxSGeKuNrCeKcvsSDRzjAURx94kg3tmSSXWlGAcgksk0lvMxLNBk V+LA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=gr6UvQJsDoAZW0vfUqNsf8x1ICP/dawscfbk/BfRgnM=; b=ozguKAt/zhtYFrWmt0OZeowQGUDhEHvBLe1x/2N/MiDLbxHNbHThC1RZv2dBodYqLY 1D+b8TvODvok5rTI1onD/8R/Qt0vPgFczT5C4Qisf5UOwKIaZHeBHriNyAY4v7vDVsxL f6PcmCWfsfDu/YA5jOQ9NuAu5zageQdA9faLUUIaYiDVi1Nsu1HUu0yA6JL+dtT2NGTi AnYy26XID5SPCplPslANfuj4K4vPt8Em1hG9QPTsROrL/b627zSTnm7ZDEk9I9vYUTC3 uQ2uFzUsWKuaSzSxuqG8VtJOlbqacT6kOAXdzYcBHmR9h8axOgIQv6bqLyINaObWf61V Nkhw== X-Gm-Message-State: AOAM53392Mqj2wuxSLvOWBbHMfmPk2/3mykwvueV1/X5MvNUjRIbKT3K vnJPsRnutQPp4TS3gQVaVMCuqqzO+zNT7O3uQHs= X-Google-Smtp-Source: ABdhPJzP7gYMOO8iU6MmjMTHDXLzAOFlURMinHdfJrCvMxgvXGXd+e9RGWyfAH0ujJVrVppCYJgMM0Ggf3cGcjnJ/5o= X-Received: by 2002:ac8:6c3b:: with SMTP id k27mr24512026qtu.354.1617053667289; Mon, 29 Mar 2021 14:34:27 -0700 (PDT) MIME-Version: 1.0 References: <7d6d60c61fc372f62125ef5a36bc22956db5907e.camel@zaclys.net> <86r1kbl6kw.fsf@gmail.com> In-Reply-To: From: zimoun Date: Mon, 29 Mar 2021 23:34:15 +0200 Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Spam-Score: 0.0 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) On Thu, 25 Mar 2021 at 12:28, L=C3=A9o Le Bouter wrot= e: > On Fri, 2021-03-19 at 12:35 +0100, zimoun wrote: > > Instead of grafting, I would fix first check the compatibility > > between > > mariadb and zstd. Because mariadb@10.5.8 does not build with > > zstd@1.4.9, at least on my machine. > > Can you post build logs and repro scenario? mariadb@10.5.8 built fine > for me on core-updates which has zstd@1.4.9. On core-updates, I get this: --8<---------------cut here---------------start------------->8--- $ git log --oneline -1 && ./pre-inst-env guix build mariadb b20b45c6ce (HEAD -> core-updates, origin/core-updates) gnu: gd: Patch away recent pkg-config files change that breaks php build. [...] Only 2061 of 5666 completed. -------------------------------------------------------------------------- The servers were restarted 258 times Spent 10782.523 of 607 seconds executing testcases Failure: Failed 1/427 tests, 99.77% were successful. Failing test(s): innodb.check_ibd_filesize The log files in var/log may give you some hint of what went wrong. If you want to report this error, please read first the documentation at http://dev.mysql.com/doc/mysql/en/mysql-test-suite.html 798 tests were skipped, 39 by the test itself. mysql-test-run: *** ERROR: there were failing test cases Error happened at lib/mtr_report.pm line 683. mtr_report::mtr_error("there were failing test cases") called at lib/mtr_report.pm line 552 mtr_report::mtr_report_stats("Failure", 1, ARRAY(0x1ae0180), ARRAY(0xd3cb68)) called at /tmp/guix-build-mariadb-10.5.8.drv-0/mariadb-10.5.8/mysql-test/mysql-test-r= un.pl line 586 main::main() called at /tmp/guix-build-mariadb-10.5.8.drv-0/mariadb-10.5.8/mysql-test/mysql-test-r= un.pl line 387 error: in phase 'check': uncaught exception: %exception #<&invoke-error program: "./mtr" arguments: ("--verbose" "--retry=3D3" "--testcase-timeout=3D40" "--suite-timeout=3D600" "--parallel= " "64" "--skip-rpl" "--skip-test-list=3Dunstable-tests") exit-status: 1 term-signal: #f stop-signal: #f> phase `check' failed after 606.9 seconds command "./mtr" "--verbose" "--retry=3D3" "--testcase-timeout=3D40" "--suite-timeout=3D600" "--parallel" "64" "--skip-rpl" "--skip-test-list=3Dunstable-tests" failed with status 1 builder for `/gnu/store/339560bw1rf3n7s4mbxx5q1ynwn5n52p-mariadb-10.5.8.drv= ' failed with exit code 1 build of /gnu/store/339560bw1rf3n7s4mbxx5q1ynwn5n52p-mariadb-10.5.8.drv fai= led View build log at '/var/log/guix/drvs/33/9560bw1rf3n7s4mbxx5q1ynwn5n52p-mariadb-10.5.8.drv.bz= 2'. guix build: error: build of `/gnu/store/339560bw1rf3n7s4mbxx5q1ynwn5n52p-mariadb-10.5.8.drv' failed --8<---------------cut here---------------end--------------->8--- Maybe, I am not doing something wrong. Then on master, it "works" except after the ungraft. Well, it seems coherent with what I get from core-updates. So if I am doing wrong, I do not know where. --8<---------------cut here---------------start------------->8--- $ git log --oneline -1 && make -s 2>/dev/null && \ > ./pre-inst-env guix build zstd -q && \ > ./pre-inst-env guix build mariadb -q a801c7379a (HEAD) gnu: Remove QT 4. cd . && /bin/bash /home/sitour/src/guix/wk/fix-zstd/build-aux/missing automake-1.16 --gnu Makefile cd . && /bin/bash ./config.status Makefile depfiles config.status: creating Makefile config.status: executing depfiles commands Making all in po/guix Making all in po/packages GEN scripts/guix Compiling Scheme modules... [ 6%] LOAD gnu/packages/compression.scm [ 12%] LOAD gnu/packages/databases.scm [ 19%] LOAD gnu/packages/engineering.scm [ 25%] LOAD gnu/packages/messaging.scm [ 31%] LOAD gnu/packages/password-utils.scm [ 38%] LOAD gnu/packages/pdf.scm [ 44%] LOAD gnu/packages/qt.scm [ 50%] LOAD gnu/packages/sqlite.scm [ 56%] GUILEC gnu/packages/compression.go [ 62%] GUILEC gnu/packages/databases.go [ 69%] GUILEC gnu/packages/engineering.go [ 75%] GUILEC gnu/packages/messaging.go [ 81%] GUILEC gnu/packages/password-utils.go [ 88%] GUILEC gnu/packages/pdf.go [ 94%] GUILEC gnu/packages/qt.go [100%] GUILEC gnu/packages/sqlite.go /gnu/store/25sdln6zpjm2hcnmb55wi794k359mgkm-zstd-1.4.9-lib /gnu/store/n64pny0wdqrk2mw4crs9bznwzg5cm5bc-zstd-1.4.9 /gnu/store/pjd5wx2dvrbxr3saf0a9a8va4v43b7zk-zstd-1.4.9-static /gnu/store/231bip1j7j3prx4q6mr44f3hdn8sl9nh-mariadb-10.5.8-dev /gnu/store/43sbv46pn6a31722savgbqcrryyn513h-mariadb-10.5.8-lib /gnu/store/68az8ch2l6x0ldjnjhqsmpn19ns9srjp-mariadb-10.5.8 $ git log --oneline -1 && make -s 2>/dev/null && \ > ./pre-inst-env guix build zstd -q && \ > ./pre-inst-env guix build mariadb -q 52c8d07a4f (HEAD) gnu: mariadb: Fix CVE-2021-27928. cd . && /bin/bash /home/sitour/src/guix/wk/fix-zstd/build-aux/missing automake-1.16 --gnu Makefile cd . && /bin/bash ./config.status Makefile depfiles config.status: creating Makefile config.status: executing depfiles commands Making all in po/guix Making all in po/packages GEN scripts/guix Compiling Scheme modules... [ 50%] LOAD gnu/packages/databases.scm [100%] GUILEC gnu/packages/databases.go /gnu/store/25sdln6zpjm2hcnmb55wi794k359mgkm-zstd-1.4.9-lib /gnu/store/n64pny0wdqrk2mw4crs9bznwzg5cm5bc-zstd-1.4.9 /gnu/store/pjd5wx2dvrbxr3saf0a9a8va4v43b7zk-zstd-1.4.9-static /gnu/store/avgmb7dr3r7555zxnspzzjzxcy5vhhz4-mariadb-10.5.8-dev /gnu/store/jj2gmail5rfnlpmh2rj0vqxil0wihbj7-mariadb-10.5.8-lib /gnu/store/bjgz8jnfsbb4qvaa9csfy8i3x1i3ivp7-mariadb-10.5.8 $ git log --oneline -1 && make -s 2>/dev/null && \ > ./pre-inst-env guix build zstd -q && \ > ./pre-inst-env guix build mariadb -q 6e7ba45357 (HEAD) gnu: sqlite: Update to 3.32.3 [security fixes]. Making all in po/guix Making all in po/packages Compiling Scheme modules... [ 50%] LOAD gnu/packages/sqlite.scm [100%] GUILEC gnu/packages/sqlite.go /gnu/store/25sdln6zpjm2hcnmb55wi794k359mgkm-zstd-1.4.9-lib /gnu/store/n64pny0wdqrk2mw4crs9bznwzg5cm5bc-zstd-1.4.9 /gnu/store/pjd5wx2dvrbxr3saf0a9a8va4v43b7zk-zstd-1.4.9-static /gnu/store/avgmb7dr3r7555zxnspzzjzxcy5vhhz4-mariadb-10.5.8-dev /gnu/store/jj2gmail5rfnlpmh2rj0vqxil0wihbj7-mariadb-10.5.8-lib /gnu/store/bjgz8jnfsbb4qvaa9csfy8i3x1i3ivp7-mariadb-10.5.8 $ git log --oneline -1 && make -s 2>/dev/null && \ > ./pre-inst-env guix build zstd -q && \ > ./pre-inst-env guix build mariadb -q 692f1e5217 (HEAD) DRAFT: gnu: zstd: Fix test suite. Making all in po/guix Making all in po/packages Compiling Scheme modules... [ 50%] LOAD gnu/packages/compression.scm [100%] GUILEC gnu/packages/compression.go /gnu/store/q33xvan4j71f4kil0lg4h2yk549al1rv-zstd-1.4.9-lib /gnu/store/rixmvq9497dwqxr7apa4n70gmhb50lc7-zstd-1.4.9 /gnu/store/2ym2nn0rmzgigagj7zrx4s6gidk94pqg-zstd-1.4.9-static /gnu/store/avgmb7dr3r7555zxnspzzjzxcy5vhhz4-mariadb-10.5.8-dev /gnu/store/jj2gmail5rfnlpmh2rj0vqxil0wihbj7-mariadb-10.5.8-lib /gnu/store/bjgz8jnfsbb4qvaa9csfy8i3x1i3ivp7-mariadb-10.5.8 $ git log --oneline -1 && make -s 2>/dev/null && \ > ./pre-inst-env guix build zstd -q && \ > ./pre-inst-env guix build mariadb -q 93fee48ada (HEAD -> fix-zstd) DRAFT: gnu: zstd: Update to 1.4.9 (ungraft). Making all in po/guix Making all in po/packages Compiling Scheme modules... [ 50%] LOAD gnu/packages/compression.scm [100%] GUILEC gnu/packages/compression.go /gnu/store/mmsp9ym0d3zcc0g1rr2gwmxb5pcq1wkm-zstd-1.4.9-lib /gnu/store/6bi9kvsj0si590ra99yzb8dchikzlxb1-zstd-1.4.9 /gnu/store/1cnbqm29rc0gp30h18x7hs785c55fl0m-zstd-1.4.9-static guix build: error: build of `/gnu/store/5927s1x3hpfv4v9rsc9y06kycx93zqvh-mariadb-10.5.8.drv' failed --8<---------------cut here---------------end--------------->8--- I could be wrong... and I have not investigated more. As I said elsewhere, grafting zstd from 1.4.4 to 1.4.9 seems totally *wrong*. There is ~1.5 years and 4 releases between these 2 releases. BTW, note that: $ guix graph --path mariadb zstd guix graph: error: no path from 'mariadb@10.5.8' to 'zstd@1.4.9' Grafting MariaDB makes sense here. The culprit is zstd, IMHO. > > Other said, I seem better to do this fix as a whole on core-updates > > without any graft. Instead of grafting here and there; and not > > necessary small changes (zstd from 1.4.4 to 1.4.9, mariadb from > > 10.5.8 > > to 10.5.8). > > We can't patch security issues through core-updates, especially this > RCE. I will not comment because I am bored by all that. Last, you have been prompted to commit a major update and disable the test-suite for zstd, and I am still waiting that you are prompt again to fix it; especially when a proposal fix is done here: Best regards, simon From unknown Sun Jun 15 08:57:01 2025 X-Loop: help-debbugs@gnu.org Subject: bug#47257: mariadb is vulnerable to CVE-2021-27928 (RCE) Resent-From: =?UTF-8?Q?L=C3=A9o?= Le Bouter Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Tue, 30 Mar 2021 00:27:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 47257 X-GNU-PR-Package: guix X-GNU-PR-Keywords: security To: zimoun Cc: 47257@debbugs.gnu.org Received: via spool by 47257-submit@debbugs.gnu.org id=B47257.161706401425739 (code B ref 47257); Tue, 30 Mar 2021 00:27:01 +0000 Received: (at 47257) by debbugs.gnu.org; 30 Mar 2021 00:26:54 +0000 Received: from localhost ([127.0.0.1]:49867 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lR2DO-0006gn-VK for submit@debbugs.gnu.org; Mon, 29 Mar 2021 20:26:53 -0400 Received: from mail.zaclys.net ([178.33.93.72]:58561) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lR2DN-0006gZ-NB for 47257@debbugs.gnu.org; Mon, 29 Mar 2021 20:26:38 -0400 Received: from guix-xps.local (82-64-145-38.subs.proxad.net [82.64.145.38]) (authenticated bits=0) by mail.zaclys.net (8.14.7/8.14.7) with ESMTP id 12U0QVGf035688 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Tue, 30 Mar 2021 02:26:31 +0200 DMARC-Filter: OpenDMARC Filter v1.3.2 mail.zaclys.net 12U0QVGf035688 Authentication-Results: mail.zaclys.net; dmarc=fail (p=reject dis=none) header.from=zaclys.net Authentication-Results: mail.zaclys.net; spf=fail smtp.mailfrom=lle-bout@zaclys.net DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zaclys.net; s=default; t=1617063991; bh=B5/hT0mj/VjDyVVUciRXabYnjLi32JMiDmHTqa6iiP0=; h=Subject:From:To:Cc:Date:In-Reply-To:References:From; b=ajmlmrDZlXOQl5hhXw5Fb+yglwCVewxsW8DSeew0rhVtLEMMbACGFH9nH4RyaVJJF aSI2yFbJL84L5zWASl5YM+dKT8OYJWyuE4pb1782crjcehTgUsg5r0/QWTxSxtGv9q NUO/yMk/DThgimX8FR2q+1kJcnXx04nNQ4KjiAYk= Message-ID: <2139d0ea45c3f97bbd8bf1a7eea355b94709b710.camel@zaclys.net> From: =?UTF-8?Q?L=C3=A9o?= Le Bouter Date: Tue, 30 Mar 2021 02:26:30 +0200 In-Reply-To: References: <7d6d60c61fc372f62125ef5a36bc22956db5907e.camel@zaclys.net> <86r1kbl6kw.fsf@gmail.com> Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="=-QbB8lkynEo/ZUjr9f3Am" User-Agent: Evolution 3.34.2 MIME-Version: 1.0 X-Spam-Score: 0.0 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) --=-QbB8lkynEo/ZUjr9f3Am Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hello! Simon, I pushed 00c67375b17f4a4cfad53399d1918f2e7eba2c7d to core-updates. Your patch. Thank you for it. Let's watch for upstream zstd fix also. I pushed 9feef62b73e284e106717a386624d6da90750a3d to master. Ubuntu released a patch in the mean time, so while we couldnt make such patch in a timely manner because the backport was non-trivial and security-sensitive also didnt want to risk failing to fix the flaw because I don't have much expertise on it, Ubuntu now has done that work and we can just use it. L=C3=A9o --=-QbB8lkynEo/ZUjr9f3Am Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEFIvLi9gL+xax3g6RRaix6GvNEKYFAmBicDYACgkQRaix6GvN EKY7pw//eER5MDoHjHDsnMjPLJPHWz+TZuaK+sYJwtIK7WYk5sgSWpYa+LmykbGX T4G973vTwNbE9yf2Rd3Hn/OnhvKA8pGnTNtxTfrOfD035INtY2aEqVz4kMINOu6j twg/EkvVK784WPOf3Z/76SOngLi6Y5mwRtdpsvLSeq1FYD6oNRMAcIYIcVyXuHKx 4nRowSOAf0es9LEBgoPvSdddIPh0O3V8MLq4TtKFId/rpBkhChHJ0WoD5h5WdIyS eHsJIJKdfxaXO5SrMdZG83GqGq3O6mOpZcj9DobOH2cZ2gmP0EWdtBPNfp7LBYaV kYBRUeGdSq/5/HwmhDFZmXa81MnxKt+aUuINT3blXdsU85sZ8IYO2pbuhbu7k2ll HUoAw6GfZqJXUOmWXFyKDRK/yhA73kH7+s5eIKMWc2RR7cKCARzaXQvnOO3h4C4/ NyWCSJv/2TQd0X5lEFjg2+3Nzalx7PGio71SsO13k4qHwhC4VwZbSJaiH+eaSENl hYzS04eQXoN3JRN1F9Vk3mk6Dijr6y8TEFFlaHZUbPrHplU6Ux6fW9MdZLYe1qAz nAJoh7/FZstNiBGJgG1S5HaE2bYOp0+KxrgUbdwjOUOA/JQmcpNfe1521IRwlRHo yJ1TbpcQlJyUXhaWfrkLlJwYbj2Cwq6sJpv0CgqaYLEzMGwNcD4= =Koe5 -----END PGP SIGNATURE----- --=-QbB8lkynEo/ZUjr9f3Am-- From unknown Sun Jun 15 08:57:01 2025 X-Loop: help-debbugs@gnu.org Subject: bug#47257: mariadb is vulnerable to CVE-2021-27928 (RCE) Resent-From: zimoun Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Tue, 30 Mar 2021 08:30:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 47257 X-GNU-PR-Package: guix X-GNU-PR-Keywords: security To: =?UTF-8?Q?L=C3=A9o?= Le Bouter Cc: 47257@debbugs.gnu.org Received: via spool by 47257-submit@debbugs.gnu.org id=B47257.161709297916890 (code B ref 47257); Tue, 30 Mar 2021 08:30:02 +0000 Received: (at 47257) by debbugs.gnu.org; 30 Mar 2021 08:29:39 +0000 Received: from localhost ([127.0.0.1]:50368 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lR9ko-0004OL-U0 for submit@debbugs.gnu.org; Tue, 30 Mar 2021 04:29:39 -0400 Received: from mail-qt1-f171.google.com ([209.85.160.171]:37692) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lR9kn-0004Nt-EM for 47257@debbugs.gnu.org; Tue, 30 Mar 2021 04:29:38 -0400 Received: by mail-qt1-f171.google.com with SMTP id f12so11355465qtq.4 for <47257@debbugs.gnu.org>; Tue, 30 Mar 2021 01:29:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=8fvnJabswGKyvhP3Sa2eINBar9qJhuqY8vgBlIlKse0=; b=bFCyOScSICn5QGpFKykD1/ZbKGIYJIKpU77QuhXmM2dQJjPWyjsoX06wO8Zh9OyP6O oRSg0ZCb8sW75dnAIv/HWtTdFTObVcqvXTWxMwECUAItBdYC8fqQfbQFatdr1epg+fJZ gySeYTyFztif3gRT6Kk9PxyQ6MA+ekCb32cxO6t1sZOcBNZ/taWaQ8QqfB1U0BfcV9NJ UAWTfLk9bOaUmoz3nc5RmQi5ou0CUgVEFtHodZZLwDOxvvTczL3htzPEWeGaB+64Eb2d 4Yri7lhI4hSmnPpSEgRsP0DjzWeT8hBf7i8X++4s84UqMZenCS8hgq3ltisD/bi4XDYR nU4w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=8fvnJabswGKyvhP3Sa2eINBar9qJhuqY8vgBlIlKse0=; b=LQiOilokE5xtpR2yFLbCtOHs7et/MGTmBl0Le6UQeO6R65CnYuuA+pogX+GTl4dwoi xShL4Pt1AZSZWd77EPmMsSj0tWjQBFCiwEzfdqEr2P65bIVWk/XRQGRPAfLvP70fvc85 Ju4Zwvsy70P3AvhTp+Atwo3zPwbRns+X1lNM2Zwl20s1RgnG7o8gZ8CLhpJNNFNIamKK E6LWsPmSpkS2EthBIqsF1R6oHvW9YXQp8ebTPETm8rB9KUK6BXpRnezfvHdU1/l0MCNn WFgw7SPy3VLgYjaqat3144+ygrrZzr3Up6PZGjd/TQin9baLlK8kfPUmzeKdvvXsc4KW AMqg== X-Gm-Message-State: AOAM532TOVBPnyMmCMgpu8fQCp+a1PpNvmihMbmKb12lydGa+z67wqga qDj9GPYT2lByx3X53X30wwAhzb4wre+8KFp/njI= X-Google-Smtp-Source: ABdhPJzYTj5gCriQwf1Sw3H1ydbEdLIr7vDiYYHTPhFNEi/G6WfxtQc7mCyFl7fLk8KVPhhtw8C770cij84zLrL02ak= X-Received: by 2002:aed:2a82:: with SMTP id t2mr25912624qtd.217.1617092971955; Tue, 30 Mar 2021 01:29:31 -0700 (PDT) MIME-Version: 1.0 References: <7d6d60c61fc372f62125ef5a36bc22956db5907e.camel@zaclys.net> <86r1kbl6kw.fsf@gmail.com> <2139d0ea45c3f97bbd8bf1a7eea355b94709b710.camel@zaclys.net> In-Reply-To: <2139d0ea45c3f97bbd8bf1a7eea355b94709b710.camel@zaclys.net> From: zimoun Date: Tue, 30 Mar 2021 10:29:20 +0200 Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Spam-Score: 0.0 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) Hi L=C3=A9o, On Tue, 30 Mar 2021 at 02:26, L=C3=A9o Le Bouter wrot= e: > I pushed 00c67375b17f4a4cfad53399d1918f2e7eba2c7d to core-updates. Your > patch. Thank you for it. Let's watch for upstream zstd fix also. Thanks. It mitigates zstd, even if it does not solve MariaDB. One foot, then another. :-) > I pushed 9feef62b73e284e106717a386624d6da90750a3d to master. Cool! LTGM. > Ubuntu released a patch in the mean time, so while we couldnt make such > patch in a timely manner because the backport was non-trivial and > security-sensitive also didnt want to risk failing to fix the flaw > because I don't have much expertise on it, Ubuntu now has done that > work and we can just use it. Thanks for taking care. And do not consider my concerns as a slowdown but instead as a way to reach something better. For instance 9feef62b73 seems The Right Thing (AFAIU), whereas 6f873731a0 and 2bcfb944bd are not (AFAIK). On one hand, I agree that ~3 weeks appears long through the lens of security vulnerabilities. On the other hand, it is usually worth to take the time; as here. :-) Examine the various options and so the best move always takes time. Well, thanks for pushing forward with security. All the best, simon