From 6b68acec970b841acebfde492b59b1026d248d74 Mon Sep 17 00:00:00 2001 From: Fabrice Fontaine Date: Sun, 3 Dec 2023 19:44:00 +0100 Subject: [PATCH] package/mariadb: security bump to version 10.11.6 This bump will fix the following build failure raised since bump of fmt to version 10.1.0 in commit 619b5585d92c8f701cd92e0e26c0883a753125ad thanks to https://github.com/MariaDB/server/commit/f4cec369a392c8a6056207012992ad4a5639965a: -- Performing Test HAVE_SYSTEM_LIBFMT -- Performing Test HAVE_SYSTEM_LIBFMT - Failed [...] -- Downloading... dst='/home/buildroot/autobuild/instance-3/output-1/build/mariadb-10.11.4/extra/libfmt/src/8.0.1.zip' timeout='none' inactivity timeout='none' -- Using src='https://github.com/fmtlib/fmt/archive/refs/tags/8.0.1.zip' CMake Error at libfmt-stamp/download-libfmt.cmake:170 (message): Each download failed! error: downloading 'https://github.com/fmtlib/fmt/archive/refs/tags/8.0.1.zip' failed status_code: 1 status_string: "Unsupported protocol" log: --- LOG BEGIN --- Protocol "https" not supported or disabled in libcurl This bump will also fix CVE-2023-22084 https://mariadb.com/kb/en/mariadb-10-11-5-release-notes/ https://mariadb.com/kb/en/mariadb-10-11-6-release-notes/ Fixes: - http://autobuild.buildroot.org/results/9cb577195aa939289102116df5a2eac03f0d5017 Signed-off-by: Fabrice Fontaine Signed-off-by: Peter Korsgaard (cherry picked from commit d20329ed76082553368241aa4b38f4dabf45bc76) Signed-off-by: Peter Korsgaard --- package/mariadb/mariadb.hash | 4 ++-- package/mariadb/mariadb.mk | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/package/mariadb/mariadb.hash b/package/mariadb/mariadb.hash index 03ce5a968a9c..fd73cca4f3bb 100644 --- a/package/mariadb/mariadb.hash +++ b/package/mariadb/mariadb.hash @@ -1,5 +1,5 @@ -# From https://downloads.mariadb.org/mariadb/10.11.4 -sha512 62fc05395857dd036ebeed53b1ff0ecd9abd95ce8e5316194286521caae0f9452cf96a93613adec809e39e1d8ef20c330b24fee82b3bb90ee27a84f2bbd0d8d2 mariadb-10.11.4.tar.gz +# From https://downloads.mariadb.org/mariadb/10.11.6 +sha512 3d77f7be4a26d5a36af56150a5f8ed5e21adeed9bc8ea1bd694e47a25a571bd73468eada7c96e0dfe5a6c81bef625abf71a56d228cf43a738e555e3c0d824a6a mariadb-10.11.6.tar.gz # Hash for license files sha256 2b278a3a2f20696113a7c57c4f3e6a5cdb9a25f2a827e72e0c089a2f805ff91a README.md diff --git a/package/mariadb/mariadb.mk b/package/mariadb/mariadb.mk index 78e4703eee85..7f3755892aaa 100644 --- a/package/mariadb/mariadb.mk +++ b/package/mariadb/mariadb.mk @@ -4,7 +4,7 @@ # ################################################################################ -MARIADB_VERSION = 10.11.4 +MARIADB_VERSION = 10.11.6 MARIADB_SITE = https://downloads.mariadb.org/interstitial/mariadb-$(MARIADB_VERSION)/source MARIADB_LICENSE = GPL-2.0 (server), GPL-2.0 with FLOSS exception (GPL client library), LGPL-2.0 (LGPL client library) # Tarball no longer contains LGPL license text