head	1.5;
access;
symbols
	pkgsrc-2013Q2:1.5.0.8
	pkgsrc-2013Q2-base:1.5
	pkgsrc-2012Q4:1.5.0.6
	pkgsrc-2012Q4-base:1.5
	pkgsrc-2011Q4:1.5.0.4
	pkgsrc-2011Q4-base:1.5
	pkgsrc-2011Q2:1.5.0.2
	pkgsrc-2011Q2-base:1.5
	pkgsrc-2010Q2:1.4.0.24
	pkgsrc-2010Q2-base:1.4
	pkgsrc-2010Q1:1.4.0.22
	pkgsrc-2010Q1-base:1.4
	pkgsrc-2009Q4:1.4.0.20
	pkgsrc-2009Q4-base:1.4
	pkgsrc-2009Q3:1.4.0.18
	pkgsrc-2009Q3-base:1.4
	pkgsrc-2009Q2:1.4.0.16
	pkgsrc-2009Q2-base:1.4
	pkgsrc-2009Q1:1.4.0.14
	pkgsrc-2009Q1-base:1.4
	pkgsrc-2008Q4:1.4.0.12
	pkgsrc-2008Q4-base:1.4
	pkgsrc-2008Q3:1.4.0.10
	pkgsrc-2008Q3-base:1.4
	cube-native-xorg:1.4.0.8
	cube-native-xorg-base:1.4
	pkgsrc-2008Q2:1.4.0.6
	pkgsrc-2008Q2-base:1.4
	cwrapper:1.4.0.4
	pkgsrc-2008Q1:1.4.0.2
	pkgsrc-2008Q1-base:1.4
	pkgsrc-2007Q4:1.2.0.6
	pkgsrc-2007Q4-base:1.2
	pkgsrc-2007Q3:1.2.0.4
	pkgsrc-2007Q3-base:1.2
	pkgsrc-2007Q2:1.2.0.2
	pkgsrc-2007Q2-base:1.2
	pkgsrc-2007Q1:1.1.0.8
	pkgsrc-2007Q1-base:1.1
	pkgsrc-2006Q4:1.1.0.6
	pkgsrc-2006Q4-base:1.1
	pkgsrc-2006Q3:1.1.0.4
	pkgsrc-2006Q3-base:1.1
	pkgsrc-2006Q2:1.1.0.2
	pkgsrc-2006Q2-base:1.1;
locks; strict;
comment	@# @;


1.5
date	2010.09.23.14.34.54;	author taca;	state dead;
branches;
next	1.4;

1.4
date	2008.03.26.13.22.00;	author wiz;	state Exp;
branches;
next	1.3;

1.3
date	2008.03.25.13.42.53;	author wiz;	state dead;
branches;
next	1.2;

1.2
date	2007.05.23.08.11.51;	author martti;	state Exp;
branches;
next	1.1;

1.1
date	2006.06.19.07.53.00;	author seb;	state Exp;
branches;
next	;


desc
@@


1.5
log
@Good-by mysql4-server now.  It isn't supported any more and no package
need it now.
@
text
@$NetBSD: patch-be,v 1.4 2008/03/26 13:22:00 wiz Exp $

--- sql/sql_lex.cc.orig	2006-11-03 04:15:21.000000000 +0200
+++ sql/sql_lex.cc	2007-05-23 08:57:51.000000000 +0300
@@@@ -894,6 +894,8 @@@@
       while (lex->ptr != lex->end_of_query &&
 	     ((c=yyGet()) != '*' || yyPeek() != '/'))
       {
+	if (c == '\0')
+	  return(ABORT_SYM);		// NULLs illegal even in comments
 	if (c == '\n')
 	  lex->yylineno++;
       }
@


1.4
log
@Re-add mysql4 packages.
Andreas Hallmann graciously agreed to maintain them.
@
text
@d1 1
a1 1
$NetBSD: patch-be,v 1.2 2007/05/23 08:11:51 martti Exp $
@


1.3
log
@Remove mysql4 (4.1 branch) packages.
They have security problems and are not maintained.

Removal was announced on pkgsrc-users on March 13.
@
text
@@


1.2
log
@Updated MySQL to 4.1.22

Lots of bug fixes, see http://dev.mysql.com/doc/refman/4.1/en/news-4-1-22.html
@
text
@d1 1
a1 1
$NetBSD: patch-be,v 1.1 2006/06/19 07:53:00 seb Exp $
@


1.1
log
@Update mysql4-client and mysql4-server to version 4.1.20.

Most notably this version includes fixes for
http://secunia.com/advisories/20365/
and
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-0903

The fix for the latter was provided in PR pkg/33616 by Cedric
Devillers, cedric dot devillers at script dottt univ-paris7 dot fr,
and is not part of the upstream version 4.1.20.

* Changes since last packaged version (4.1.19)
(see http://dev.mysql.com/doc/refman/4.1/en/news-4-1-20.html for me details):

This is a security fix release for the previous production release
family.  This release includes the security fix described later in
this section and a few other changes to resolve build problems,
relative to the last official MySQL release (4.1.19).

Bugs fixed:
- Security fix: An SQL-injection security hole has been found in
multi-byte encoding processing. The bug was in the server, incorrectly
parsing the string escaped with the mysql_real_escape_string() C
API function. (CVE-2006-2753, Bug#8378)
 This vulnerability was discovered and reported by Josh Berkus
 <josh@@postgresql.org> and Tom Lane <tgl@@sss.pgh.pa.us> as part of
 the inter-project security collaboration of the OSDB consortium.
- The patch for Bug#8303 broke the fix for Bug#8378 and was undone.
(In string literals with an escape character (\) followed by a
multi-byte character that has a second byte of (\), the literal
was not interpreted correctly. The next byte now is escaped, not
the entire multi-byte character. This means it a strict reverse of
the mysql_real_escape_string() function.)
- The client libraries had not been compiled for position-indpendent
code on Solaris-SPARC and AMD x86_64 platforms. (Bug#13159, Bug#14202,
Bug#18091)
- Running myisampack followed by myisamchk with the --unpack option
would corrupt the auto_increment key. (Bug#12633)
@
text
@d1 1
a1 1
$NetBSD$
d3 3
a5 3
--- sql/sql_lex.cc.orig	2006-05-24 18:00:37.000000000 +0000
+++ sql/sql_lex.cc
@@@@ -892,6 +892,8 @@@@ int yylex(void *arg, void *yythd)
@