From debbugs-submit-bounces@debbugs.gnu.org Thu Mar 25 08:48:50 2021 Received: (at 47257) by debbugs.gnu.org; 25 Mar 2021 12:48:50 +0000 Received: from localhost ([127.0.0.1]:37427 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lPPPu-0006Cn-57 for submit@debbugs.gnu.org; Thu, 25 Mar 2021 08:48:50 -0400 Received: from mail.zaclys.net ([178.33.93.72]:37657) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lPPPs-0006Ca-8u for 47257@debbugs.gnu.org; Thu, 25 Mar 2021 08:48:49 -0400 Received: from guix-xps.local (82-64-145-38.subs.proxad.net [82.64.145.38]) (authenticated bits=0) by mail.zaclys.net (8.14.7/8.14.7) with ESMTP id 12PCmg48044062 (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO) for <47257@debbugs.gnu.org>; Thu, 25 Mar 2021 13:48:42 +0100 DMARC-Filter: OpenDMARC Filter v1.3.2 mail.zaclys.net 12PCmg48044062 Authentication-Results: mail.zaclys.net; dmarc=fail (p=reject dis=none) header.from=zaclys.net Authentication-Results: mail.zaclys.net; spf=fail smtp.mailfrom=lle-bout@zaclys.net DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zaclys.net; s=default; t=1616676522; bh=G7xlpV2/nFE/A80WPwBOAgHS/KqbSvwGwt3l+Fjmv7Y=; h=Subject:From:To:Date:In-Reply-To:References:From; b=q6xwiMbR5gc3X1y6Nmw2RMPULA9+FvDEI4y2I+PEIktscHfYHk/JcmfqjAqZEERwD 3OSj6uQ0EiRY/SmLteH/DNfJSEMXAS7R/m555/JNfo9i/RNlQBetvwhVF0V1ROQELh J1x1BxdNCjKVxsL9ij0i0C4URUTwNd+6D04FG0yA= Message-ID: Subject: Re: [PATCH v3] gnu: mariadb: Fix CVE-2021-27928. From: =?ISO-8859-1?Q?L=E9o?= Le Bouter To: 47257@debbugs.gnu.org Date: Thu, 25 Mar 2021 13:48:41 +0100 In-Reply-To: <20210325123921.9800-1-lle-bout@zaclys.net> References: <20210325123921.9800-1-lle-bout@zaclys.net> Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="=-DfBZWGvOjOtodEGw8CSk" User-Agent: Evolution 3.34.2 MIME-Version: 1.0 X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 47257 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) --=-DfBZWGvOjOtodEGw8CSk Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable v3 tested and builds fine: $ ./pre-inst-env guix build mariadb /gnu/store/f70jymwyfcnsghy4jg8caibci59p8rgq-mariadb-10.5.8-dev /gnu/store/cj3qym1x1jjh02m2g23cqpbhchrbmn6c-mariadb-10.5.8-lib /gnu/store/mpb5bdf1vkwazqfmmwcvskdm50g191bg-mariadb-10.5.8 Since we don't have PoC, I can't verify the rebased patch actually fixes the security issue but it should. That's what we get when manually rebasing stuff to earlier versions. Test suite passes but not sure it actually tests this security issue being fixed. Please review, then I will push, it's been 7 days so, let's get this in. --=-DfBZWGvOjOtodEGw8CSk Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEFIvLi9gL+xax3g6RRaix6GvNEKYFAmBchqkACgkQRaix6GvN EKYPgg//eqO6SAypRLSvs4AnFOgGTUuIg+lHc5CL6OBBZs1A1p0ilSFPn7MDyFuA 2JtKlkTvBiFndMem2RBKHWpxIkhd0+QTeSSSH8e2Z6c4o9a8G5uoq2b7EmmMpz8M 0sNIFCK8IhzA+nXuNngzGONKVywhY+XQ5B+6nA3P4hKDH+6zoTfhN158H9FEUz6v 2iqjj88WNVU4tZ+EJA/7TFO9T8g3JD/zX0vWpUZcaDfuot2qEEToxyp+KuA9IrUu z3LjbKSxHChtOliTWvh6Nkg1fJnMfURKXbnsAdMKJrmh/VzYDQiwTgyO52t8G19w m5iRyKl58/lksg0dixNvmU1l6pkbjvHfsGhC+0cX1tfCL1H52tgOJWHpNDY5SLSL Y9jm/yqeVomOVqQyXn1WIOKYQU6tcvyf3UFHwCsju5FKdE4pBskxQGdrRyI4vCwK a508VvxYdx155b32+a2lK+gnJnCFnlE6L+wmQhAG6o70G+E2Ki29mAh/8f0soH8U pmvwDGSXU2Ks0Xj2gVM73nmsRNbArOzYE1OfOUTzWeUMABhKLmPif/SYlBCVVyxG vx8IpiNyjC90VrxUFFFwHmx7UdWYN3qPplOR1v4st7Ot47LcDV8kpXwxN05le9+r 0CHrBxM3q5jxG1wfpQW6+PXq+W2G+WRhlSsDxlq0DCSoQpAcUMU= =Av/a -----END PGP SIGNATURE----- --=-DfBZWGvOjOtodEGw8CSk--