package/mariadb: security bump to version 10.3.36

- Fixes for the following security vulnerabilities:
  - CVE-2018-25032
  - CVE-2022-32091
  - CVE-2022-32084
- Refresh first patch

https://mariadb.com/kb/en/mariadb-10336-release-notes

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This commit is contained in:
Fabrice Fontaine 2022-09-11 00:49:54 +02:00 committed by Yann E. MORIN
parent f7c841c75e
commit ac9c077fb8
3 changed files with 7 additions and 5 deletions

View File

@ -8,6 +8,8 @@ https://jira.mariadb.org/browse/MDEV-10841
Signed-off-by: Ryan Coe <bluemrp9@gmail.com>
[Rebased on mariadb-10.3.30]
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
[Rebased on mariadb-10.3.36]
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
configure.cmake | 3 +++
1 file changed, 3 insertions(+)
@ -23,9 +25,9 @@ index 1b85c31b..4a1cd847 100644
+ IF(NOT LIBRT)
+ MY_SEARCH_LIBS(posix_spawn_file_actions_addclose rt LIBRT)
+ ENDIF()
set(THREADS_PREFER_PTHREAD_FLAG ON)
FIND_PACKAGE(Threads)
MY_SEARCH_LIBS(backtrace_symbols_fd execinfo LIBEXECINFO)
set(THREADS_PREFER_PTHREAD_FLAG ON)
--
2.32.0

View File

@ -1,5 +1,5 @@
# From https://downloads.mariadb.org/mariadb/10.3.35
sha512 9355de944eccef4e0bc01b19ffc3c0c72cf88befae7385c6f0ee1ea47dbd98d23f6bb46af9c140acc48d9d9613552870684bc0b7ca1f3cff1dc09c1a2c801573 mariadb-10.3.35.tar.gz
# From https://downloads.mariadb.org/mariadb/10.3.36
sha512 321b4c48fcea4413eb239c4904c806306de660f2844edfa1d2a2a15213db287070d0f923db976588dfe329559d565bd98bddef3aaf8f14502f8c3db2ee27757a mariadb-10.3.36.tar.gz
# Hash for license files
sha256 084aa0007efac6dda6aafffb3f3ef8b66b105862dad7ee23f6a4b52813f84464 README.md

View File

@ -4,7 +4,7 @@
#
################################################################################
MARIADB_VERSION = 10.3.35
MARIADB_VERSION = 10.3.36
MARIADB_SITE = https://downloads.mariadb.org/interstitial/mariadb-$(MARIADB_VERSION)/source
MARIADB_LICENSE = GPL-2.0 (server), GPL-2.0 with FLOSS exception (GPL client library), LGPL-2.0 (LGPL client library)
# Tarball no longer contains LGPL license text