diff --git a/.gitignore b/.gitignore
index 368c7ed..e7e02d4 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1 @@
-SOURCES/mysql-boost-5.7.21.tar.gz
+SOURCES/mysql-boost-5.7.24.tar.gz
diff --git a/.rh-mysql57-mysql.metadata b/.rh-mysql57-mysql.metadata
index 78bcfaa..e32e560 100644
--- a/.rh-mysql57-mysql.metadata
+++ b/.rh-mysql57-mysql.metadata
@@ -1 +1 @@
-63b07cfd33d494b223e9b4d73492d3508834abd0 SOURCES/mysql-boost-5.7.21.tar.gz
+bd106953ca5bd0097483ca2bb9d13784bfc64365 SOURCES/mysql-boost-5.7.24.tar.gz
diff --git a/SOURCES/mysql-remove_oracle_systemd_unit.patch b/SOURCES/mysql-remove_oracle_systemd_unit.patch
index 7b60fe9..598e11a 100644
--- a/SOURCES/mysql-remove_oracle_systemd_unit.patch
+++ b/SOURCES/mysql-remove_oracle_systemd_unit.patch
@@ -1,8 +1,8 @@
-diff -Naurp mysql-5.7.18_original/scripts/CMakeLists.txt mysql-5.7.18_patched/scripts/CMakeLists.txt
---- mysql-5.7.18_original/scripts/CMakeLists.txt 2017-05-15 15:42:52.644709626 +0200
-+++ mysql-5.7.18_patched/scripts/CMakeLists.txt 2017-05-15 15:44:39.967523244 +0200
-@@ -481,7 +481,7 @@ ELSE()
- ENDIF()
+diff -up mysql-5.7.24/scripts/CMakeLists.txt.p71 mysql-5.7.24/scripts/CMakeLists.txt
+--- mysql-5.7.24/scripts/CMakeLists.txt.p71 2018-10-22 21:36:50.461450220 +0200
++++ mysql-5.7.24/scripts/CMakeLists.txt 2018-10-22 21:38:04.941379031 +0200
+@@ -470,7 +470,7 @@ ELSE()
+ ENDFOREACH()
# Systemd files
- IF(WITH_SYSTEMD)
diff --git a/SOURCES/mysql-tirpc.patch b/SOURCES/mysql-tirpc.patch
deleted file mode 100644
index 1ddff40..0000000
--- a/SOURCES/mysql-tirpc.patch
+++ /dev/null
@@ -1,88 +0,0 @@
-diff --git a/rapid/plugin/group_replication/rpcgen.cmake b/rapid/plugin/group_replication/rpcgen.cmake
-index b9c5895..f4569cd 100644
---- a/rapid/plugin/group_replication/rpcgen.cmake
-+++ b/rapid/plugin/group_replication/rpcgen.cmake
-@@ -87,6 +87,12 @@ FOREACH(X xcom_vp)
- ${XCOM_BASEDIR}/xcom_proto_enum.h
- ${XCOM_BASEDIR}/xcom_limits.h)
- ELSE()
-+ FIND_PROGRAM(RPCGEN_EXECUTABLE rpcgen DOC "path to the rpcgen executable")
-+ MARK_AS_ADVANCED(RPCGEN_EXECUTABLE)
-+ IF(NOT RPCGEN_EXECUTABLE)
-+ MESSAGE(FATAL_ERROR "Could not find rpcgen")
-+ ENDIF()
-+
- # on unix systems try to generate them if needed
- ADD_CUSTOM_COMMAND(OUTPUT ${x_gen_h} ${x_gen_c} ${x_tmp_plat_h}
- COMMAND ${CMAKE_COMMAND} -E copy_if_different
-@@ -103,10 +109,10 @@ FOREACH(X xcom_vp)
-
- # generate the sources
- COMMAND ${CMAKE_COMMAND} -E remove -f ${x_gen_h}
-- COMMAND rpcgen -C -h -o
-+ COMMAND ${RPCGEN_EXECUTABLE} -C -h -o
- ${x_gen_h} ${x_tmp_x_canonical_name}
- COMMAND ${CMAKE_COMMAND} -E remove -f ${x_gen_c}
-- COMMAND rpcgen -C -c -o
-+ COMMAND ${RPCGEN_EXECUTABLE} -C -c -o
- ${x_gen_c} ${x_tmp_x_canonical_name}
- WORKING_DIRECTORY ${gen_xdr_dir}
- DEPENDS
-
-diff --git a/rapid/plugin/group_replication/CMakeLists.txt b/rapid/plugin/group_replication/CMakeLists.txt
-index 5bcaa8b..bce9de4 100644
---- a/rapid/plugin/group_replication/CMakeLists.txt
-+++ b/rapid/plugin/group_replication/CMakeLists.txt
-@@ -218,6 +218,7 @@ MYSQL_ADD_PLUGIN(group_replication
- LINK_LIBRARIES
- ${LZ4_LIBRARY}
- ${SSL_LIBRARIES}
-+ ${TIRPC_LIBRARY}
- MODULE_ONLY MODULE_OUTPUT_NAME "group_replication")
-
- ### INSTALLATION ###
-diff --git a/rapid/plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/xcom_transport.c b/rapid/plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/xcom_transport.c
-index 245dda0..210e124 100644
---- a/rapid/plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/xcom_transport.c
-+++ b/rapid/plugin/group_replication/libmysqlgcs/src/bindings/xcom/xcom/xcom_transport.c
-@@ -417,7 +417,11 @@ x_putbytes (XDR *xdrs, const char *bp MY_ATTRIBUTE((unused)), u_int len)
-
-
- static u_int
-+#if defined(__APPLE__) || defined(__FreeBSD__) || defined(HAVE_TIRPC)
-+x_getpostn(XDR *xdrs)
-+#else
- x_getpostn (const XDR *xdrs)
-+#endif
- {
- #ifdef OLD_XDR
- return (u_int)(xdrs->x_handy);
-diff --git a/rapid/plugin/group_replication/rpcgen.cmake b/rapid/plugin/group_replication/rpcgen.cmake
-index f4569cd..cccb1c3 100644
---- a/rapid/plugin/group_replication/rpcgen.cmake
-+++ b/rapid/plugin/group_replication/rpcgen.cmake
-@@ -93,6 +93,24 @@ FOREACH(X xcom_vp)
- MESSAGE(FATAL_ERROR "Could not find rpcgen")
- ENDIF()
-
-+ # First look for tirpc, then the old Sun RPC
-+ FIND_PATH(RPC_INCLUDE_DIR
-+ NAMES rpc/rpc.h
-+ HINTS /usr/include/tirpc
-+ NO_DEFAULT_PATH
-+ )
-+ FIND_PATH(RPC_INCLUDE_DIR NAMES rpc/rpc.h)
-+ IF(NOT RPC_INCLUDE_DIR)
-+ MESSAGE(FATAL_ERROR
-+ "Could not find rpc/rpc.h in /usr/include or /usr/include/tirpc")
-+ ENDIF()
-+ MESSAGE(STATUS "RPC_INCLUDE_DIR ${RPC_INCLUDE_DIR}")
-+ IF(RPC_INCLUDE_DIR STREQUAL "/usr/include/tirpc")
-+ INCLUDE_DIRECTORIES(SYSTEM /usr/include/tirpc)
-+ ADD_DEFINITIONS(-DHAVE_TIRPC)
-+ SET(TIRPC_LIBRARY tirpc)
-+ ENDIF()
-+
- # on unix systems try to generate them if needed
- ADD_CUSTOM_COMMAND(OUTPUT ${x_gen_h} ${x_gen_c} ${x_tmp_plat_h}
- COMMAND ${CMAKE_COMMAND} -E copy_if_different
diff --git a/SPECS/mysql.spec b/SPECS/mysql.spec
index ec2e841..be15fa4 100644
--- a/SPECS/mysql.spec
+++ b/SPECS/mysql.spec
@@ -113,8 +113,8 @@
%endif
Name: %{?scl_prefix}mysql
-Version: 5.7.21
-Release: 3%{?with_debug:.debug}%{?dist}
+Version: 5.7.24
+Release: 1%{?with_debug:.debug}%{?dist}
Summary: MySQL client programs and shared libraries
Group: Applications/Databases
URL: http://www.mysql.com
@@ -161,7 +161,6 @@ Patch52: %{pkgnamepatch}-sharedir.patch
Patch57: %{pkgnamepatch}-files-path.patch
Patch70: %{pkgnamepatch}-5.7.9-major.patch
Patch71: %{pkgnamepatch}-remove_oracle_systemd_unit.patch
-Patch72: %{pkgnamepatch}-tirpc.patch
# Patches specific for scl
Patch90: %{pkgnamepatch}-scl-env-check.patch
@@ -181,6 +180,7 @@ BuildRequires: libedit-devel
BuildRequires: libevent-devel
BuildRequires: %{?scl_prefix}lz4-devel
BuildRequires: %{?scl_prefix}mecab-devel
+BuildRequires: openssl
BuildRequires: openssl-devel
BuildRequires: perl
%if 0%{?fedora} > 24 || 0%{?rhel} > 7
@@ -458,7 +458,6 @@ the MySQL sources.
%patch70 -p1
%endif
%patch71 -p1
-%patch72 -p1
# Patch Boost
pushd boost/boost_1_59_0
@@ -673,8 +672,6 @@ rm %{buildroot}%{_datadir}/%{pkg_name}/magic
rm %{buildroot}%{_datadir}/%{pkg_name}/mysql.server
rm %{buildroot}%{_datadir}/%{pkg_name}/mysqld_multi.server
rm %{buildroot}%{_mandir}/man1/comp_err.1*
-rm %{buildroot}%{_mandir}/man1/mysql-stress-test.pl.1*
-rm %{buildroot}%{_mandir}/man1/mysql-test-run.pl.1*
# put logrotate script where it needs to be
mkdir -p %{buildroot}%{logrotateddir}
@@ -703,11 +700,6 @@ install -p -m 0644 %{SOURCE7} %{basename:%{SOURCE7}}
# Install the list of skipped tests to be available for user runs
install -p -m 0644 mysql-test/%{skiplist} %{buildroot}%{_datadir}/mysql-test
-# These are in fact identical
-rm %{buildroot}%{_mandir}/man1/{mysqltest,mysql_client_test}_embedded.1
-cp -p %{buildroot}%{_mandir}/man1/mysqltest.1 %{buildroot}%{_mandir}/man1/mysqltest_embedded.1
-cp -p %{buildroot}%{_mandir}/man1/mysql_client_test.1 %{buildroot}%{_mandir}/man1/mysql_client_test_embedded.1
-
%if %{without clibrary}
unlink %{buildroot}%{_libdir}/mysql/libmysqlclient.so
rm -r %{buildroot}%{_libdir}/mysql/libmysqlclient*.so.*
@@ -716,7 +708,6 @@ rm -r %{buildroot}%{_libdir}/mysql/libmysqlclient*.so.*
%if %{without embedded}
rm %{buildroot}%{_libdir}/mysql/libmysqld.so*
rm %{buildroot}%{_bindir}/{mysql_client_test_embedded,mysqltest_embedded}
-rm %{buildroot}%{_mandir}/man1/{mysql_client_test_embedded,mysqltest_embedded}.1*
%endif
%if %{without devel}
@@ -757,7 +748,6 @@ polish,portuguese,romanian,russian,serbian,slovak,spanish,swedish,ukrainian}
%if %{without test}
rm %{buildroot}%{_bindir}/{mysql_client_test,mysqlxtest,my_safe_process}
rm -r %{buildroot}%{_datadir}/mysql-test
-rm %{buildroot}%{_mandir}/man1/mysql_client_test.1*
%endif
%{?scl:EOF}
@@ -1012,7 +1002,6 @@ fi
%{_mandir}/man1/mysqld_multi.1*
%{_mandir}/man1/mysqld_safe.1*
%{_mandir}/man1/mysqlman.1*
-%{_mandir}/man1/mysqltest.1*
%{_mandir}/man1/innochecksum.1*
%{_mandir}/man1/perror.1*
%{_mandir}/man1/replace.1*
@@ -1075,8 +1064,6 @@ fi
%{_libdir}/mysql/libmysqld.so
%{_bindir}/mysql_client_test_embedded
%{_bindir}/mysqltest_embedded
-%{_mandir}/man1/mysql_client_test_embedded.1*
-%{_mandir}/man1/mysqltest_embedded.1*
%endif
%if %{with test}
@@ -1085,10 +1072,27 @@ fi
%{_bindir}/mysqlxtest
%{_bindir}/my_safe_process
%attr(-,mysql,mysql) %{_datadir}/mysql-test
-%{_mandir}/man1/mysql_client_test.1*
%endif
%changelog
+* Mon Oct 22 2018 Honza Horak <hhorak@redhat.com> - 5.7.24-1
+- Update to 5.7.24
+ Also fixes the following CVEs:
+ CVE-2018-2755 CVE-2018-2758 CVE-2018-2759 CVE-2018-2761 CVE-2018-2762
+ CVE-2018-2766 CVE-2018-2769 CVE-2018-2771 CVE-2018-2773 CVE-2018-2775
+ CVE-2018-2776 CVE-2018-2777 CVE-2018-2778 CVE-2018-2779
+ Resolves: #1642523
+ CVE-2018-3054 CVE-2018-3056 CVE-2018-3058 CVE-2018-3060 CVE-2018-3061
+ CVE-2018-3062 CVE-2018-3064 CVE-2018-3065 CVE-2018-3066 CVE-2018-3070
+ CVE-2018-3071 CVE-2018-3077 CVE-2018-3081
+ Resolves: #1643060
+ CVE-2018-3276 CVE-2018-3200 CVE-2018-3284 CVE-2018-3173 CVE-2018-3162
+ CVE-2018-3247 CVE-2018-3156 CVE-2018-3161 CVE-2018-3278 CVE-2018-3174
+ CVE-2018-3282 CVE-2018-3187 CVE-2018-3277 CVE-2018-3144 CVE-2018-3133
+ CVE-2018-3143 CVE-2018-3283 CVE-2018-3171 CVE-2018-3251 CVE-2018-3185
+ CVE-2018-3155
+ Resolves: #1643049
+
* Tue Feb 20 2018 Honza Horak <hhorak@redhat.com> - 5.7.21-2
- Use mysqladmin instead of fuser for checking whether socket is used
Related: #1461445