From 3d53d5f3d4abfb0850811eebd2b81e60f1a4e99ff33421daabe919251d181159 Mon Sep 17 00:00:00 2001
From: Martin Pluskal <mpluskal@suse.com>
Date: Wed, 3 Feb 2016 11:44:34 +0000
Subject: [PATCH] Accepting request 357497 from
 home:kstreitova:branches:server:database

- fix information leak via mysql-systemd-helper script
  [CVE-2015-5969], [bnc#957174]

OBS-URL: https://build.opensuse.org/request/show/357497
OBS-URL: https://build.opensuse.org/package/show/server:database/mariadb?expand=0&rev=181
---
 configuration-tweaks.tar.bz2 | 4 ++--
 mariadb.changes              | 6 ++++++
 mysql-patches.tar.bz2        | 4 ++--
 mysql-systemd-helper         | 8 ++++++--
 4 files changed, 16 insertions(+), 6 deletions(-)

diff --git a/configuration-tweaks.tar.bz2 b/configuration-tweaks.tar.bz2
index 7cfd687..d03a9e4 100644
--- a/configuration-tweaks.tar.bz2
+++ b/configuration-tweaks.tar.bz2
@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:77fca575a40f9e6c846e190b833784db778f188eb36ac01baec17aeb4cff3cba
-size 316
+oid sha256:1fc4c61b0177a5dcd5da60fff07cbd7efd7259498edacf3a46461d7cdbaa2e6d
+size 317
diff --git a/mariadb.changes b/mariadb.changes
index 196feca..d37b00b 100644
--- a/mariadb.changes
+++ b/mariadb.changes
@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Tue Feb  2 13:13:35 UTC 2016 - kstreitova@suse.com
+
+- fix information leak via mysql-systemd-helper script 
+  [CVE-2015-5969], [bnc#957174] 
+
 -------------------------------------------------------------------
 Mon Nov 30 11:38:12 UTC 2015 - kstreitova@suse.com
 
diff --git a/mysql-patches.tar.bz2 b/mysql-patches.tar.bz2
index e18a071..0189f31 100644
--- a/mysql-patches.tar.bz2
+++ b/mysql-patches.tar.bz2
@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:1a5c5d9b7fc4f4b9e2cff38abb0dd8123aeae43b28c52ebdd0ad0e142da449f6
-size 13972
+oid sha256:919be0b46bad078177bfdd8b377d3226dd3bcba171b68dc6237a12ddef040a57
+size 13956
diff --git a/mysql-systemd-helper b/mysql-systemd-helper
index 4907d4c..47e1e0e 100644
--- a/mysql-systemd-helper
+++ b/mysql-systemd-helper
@@ -22,9 +22,11 @@ read_config() {
 	if [[ -n "$INSTANCE" && "x$INSTANCE" != "xdefault" ]]; then
 		opts="$(/usr/bin/my_print_defaults mysqld mysqld_multi "$INSTANCE")"
 		tmp_opts="$opts"
+		config="/etc/my${INSTANCE}.cnf"
 	else
 		opts="$(/usr/bin/my_print_defaults mysqld)"
 		tmp_opts="$opts"
+		config="/etc/my.cnf"
 	fi
 
 	# Update local variables according to the settings from config
@@ -87,8 +89,8 @@ mysql_upgrade() {
 		# Run protected MySQL accessible only though socket in our directory
 		echo "Running protected MySQL... "
 		/usr/sbin/mysqld \
+			--defaults-file="$config" \
 			--user="$mysql_daemon_user" \
-			$opts \
 			--skip-networking \
 			--skip-grant-tables \
 			--log-error="$protected/log_upgrade_run" \
@@ -144,7 +146,9 @@ mysql_wait() {
 }
 
 mysql_start() {
-	exec /usr/sbin/mysqld --user="$mysql_daemon_user" $opts 
+	exec /usr/sbin/mysqld \
+		--defaults-file="$config" \
+		--user="$mysql_daemon_user"
 }
 
 # We rely on output in english at some points