---
- branch: MAIN
  date: Mon Dec 12 19:18:40 UTC 2016
  files:
  - new: '1.3'
    old: '1.2'
    path: pkgsrc/databases/mysql57-server/PLIST
    pathrev: pkgsrc/databases/mysql57-server/PLIST@1.3
    type: modified
  id: 20161212T191840Z.d3cffe20e9454741060f6ed320cb0b6da9bf64c4
  log: |
    Changes 5.7.17:

    Compilation Notes
    -----------------
    For GCC versions higher than 4.4, -fno-expensive-optimizations was replaced with -ffp-contract=off, which has the effect of enabling more optimizations.

    Security Notes
    --------------
    Incompatible Change: These changes were made to mysqld_safe:
    * Unsafe use of rm and chown in mysqld_safe could result in privilege escalation. chown now can be used only when the target directory is /var/log. An incompatible change is that if the directory for the Unix socket file is missing, it is no longer created; instead, an error occurs. Due to these changes, /bin/bash is required to run mysqld_safe on Solaris. /bin/sh is still used on other Unix/Linux platforms.
    * The --ledir option now is accepted only on the command line, not in option files.
    * mysqld_safe ignores the current working directory.

    Other related changes:
    * Initialization scripts that invoke mysqld_safe pass --basedir explicitly.
    * Initialization scripts create the error log file only if the base directory is /var/log or /var/lib.
    * Unused systemd files for SLES were removed.

    * MySQL Server now includes a plugin library that enables administrators to introduce an increasing delay in server response to clients after a certain number of consecutive failed connection attempts. This capability provides a deterrent that slows down brute force attacks that attempt to access MySQL user accounts. For more information, see The Connection-Control Plugin.

    * OpenSSL is ending support for version 1.0.1 in December 2016; see https://www.openssl.org/policies/releasestrat.html. Consequently, MySQL Commercial Server builds now use version 1.0.2 rather than version 1.0.1, and the linked OpenSSL library for the MySQL Commercial Server has been updated from version 1.0.1 to version 1.0.2j. For a description of issues fixed in this version, see https://www.openssl.org/news/vulnerabilities.html.

    This change does not affect the Oracle-produced MySQL Community build of MySQL Server, which uses the yaSSL library instead.
  module: pkgsrc
  subject: 'CVS commit: pkgsrc/databases/mysql57-server'
  unixtime: '1481570320'
  user: adam