Update mysql to version 8.0.23 for CVE-2020-15358 (#629)

* Update version of mysql
2021-02-16 15:11:15 -05:00 · 2021-02-16 15:11:15 -05:00 · fad9eb35df
parent f6bc5aa1f5
commit fad9eb35df
3 changed files with 8 additions and 5 deletions
--- a/SPECS/mysql/mysql.signatures.json
+++ b/SPECS/mysql/mysql.signatures.json
@ -1,5 +1,5 @@
 {
 "Signatures": {
-  "mysql-boost-8.0.22.tar.gz": "ba765f74367c638d7cd1c546c05c14382fd997669bcd9680278e907f8d7eb484"
+  "mysql-boost-8.0.23.tar.gz": "1c7a424303c134758e59607a0b3172e43a21a27ff08e8c88c2439ffd4fc724a5"
 }
 }
--- a/SPECS/mysql/mysql.spec
+++ b/SPECS/mysql/mysql.spec
@ -1,7 +1,7 @@
 Summary:        MySQL.
 Name:           mysql
-Version:        8.0.22
-Release:        2%{?dist}
+Version:        8.0.23
+Release:        1%{?dist}
 License:        GPLv2 with exceptions AND LGPLv2 AND BSD
 Vendor:         Microsoft Corporation
 Distribution:   Mariner
@ -76,6 +76,9 @@ make test
 %{_libdir}/pkgconfig/mysqlclient.pc

 %changelog
+*   Thu Feb 11 2021 Rachel Menge <rachelmenge@microsoft.com> - 8.0.23-1
+-   Upgrade to 8.0.23. Fixes CVE-2020-15358.
+
 *   Thu Nov 05 2020 Rachel Menge <rachelmenge@microsoft.com> - 8.0.22-2
 -   Added no patch for CVE-2012-5627

--- a/cgmanifest.json
+++ b/cgmanifest.json
@ -3495,8 +3495,8 @@
        "type": "other",
        "other": {
          "name": "mysql",
-          "version": "8.0.22",
-          "downloadUrl": "https://cdn.mysql.com/Downloads/MySQL-8.0/mysql-boost-8.0.22.tar.gz"
+          "version": "8.0.23",
+          "downloadUrl": "https://cdn.mysql.com/Downloads/MySQL-8.0/mysql-boost-8.0.23.tar.gz"
        }
      }
    },