[Buildroot] [PATCH 1/1] mariadb: security bump to version 10.1.23

Peter Korsgaard peter at korsgaard.com
Mon May 8 19:28:27 UTC 2017


>>>>> "Ryan" == Ryan Coe <bluemrp9 at gmail.com> writes:

 > Fixes:
 > CVE-2017-3302 - Crash in libmysqlclient.so in Oracle MySQL before 5.6.21 and
 > 5.7.x before 5.7.5 and MariaDB through 5.5.54, 10.0.x through 10.0.29,
 > 10.1.x through 10.1.21, and 10.2.x through 10.2.3.

[snip]

 > -MARIADB_VERSION = 10.1.22
 > +MARIADB_VERSION = 10.1.23
 >  MARIADB_SITE = https://downloads.mariadb.org/interstitial/mariadb-$(MARIADB_VERSION)/source
 >  MARIADB_LICENSE = GPL-2.0 (server), GPL-2.0 with FLOSS exception (GPL
 > client library), LGPL-2.0 (LGPL client library)
 >  MARIADB_LICENSE_FILES = README COPYING COPYING.LESSER

Thanks, I (obviously) want to apply this, but something odd is going on
with the licensing. COPYING.LESSER has been removed by this commit:

https://github.com/MariaDB/server/commit/577915def8

But the client library IS listed as being LGPL:

https://mariadb.com/kb/en/mariadb/mariadb-connector-c/

And same for the "old" one:

https://mariadb.com/kb/en/mariadb/lgpl-mysql-client-library-32358/

Grepping around in the 10.1.23 tarball, I don't see a lot of references
to Lesser og LGPL.

Now, I know next to nothing about mariadb. Do you have any idea what is
going on here?

-- 
Bye, Peter Korsgaard


More information about the buildroot mailing list