nixpkgs/pkgs/servers/sql/mysql/8.0.x.nix
Thomas Gerbet 6b7ac453b4 mysql80: 8.0.32 -> 8.0.33
Fixes the following security issues:
* CVE-2023-0215
* CVE-2022-43551
* CVE-2023-21980
* CVE-2023-21946
* CVE-2023-21929
* CVE-2023-21911
* CVE-2023-21962
* CVE-2023-21919
* CVE-2023-21933
* CVE-2023-21972
* CVE-2023-21966
* CVE-2023-21920
* CVE-2023-21935
* CVE-2023-21945
* CVE-2023-21976
* CVE-2023-21977
* CVE-2023-21982
* CVE-2023-21953
* CVE-2023-21955
* CVE-2023-21940
* CVE-2023-21947

Advisory: https://www.oracle.com/security-alerts/cpuapr2023.html#AppendixMSQL

Changelog:
https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-33.html
2023-04-26 18:51:24 +02:00

81 lines
2.6 KiB
Nix

{ lib, stdenv, fetchurl, bison, cmake, pkg-config
, boost, icu, libedit, libevent, lz4, ncurses, openssl, protobuf, re2, readline, zlib, zstd, libfido2
, numactl, perl, cctools, CoreServices, developer_cmds, libtirpc, rpcsvc-proto, curl, DarwinTools, nixosTests
}:
let
self = stdenv.mkDerivation rec {
pname = "mysql";
version = "8.0.33";
src = fetchurl {
url = "https://dev.mysql.com/get/Downloads/MySQL-${self.mysqlVersion}/${pname}-${version}.tar.gz";
hash = "sha256-liAC9dkG9C9AsnejnS25OTEkjB8H/49DEsKI5jgD3RI=";
};
nativeBuildInputs = [ bison cmake pkg-config ]
++ lib.optionals (!stdenv.isDarwin) [ rpcsvc-proto ];
patches = [
./no-force-outline-atomics.patch # Do not force compilers to turn on -moutline-atomics switch
];
## NOTE: MySQL upstream frequently twiddles the invocations of libtool. When updating, you might proactively grep for libtool references.
postPatch = ''
substituteInPlace cmake/libutils.cmake --replace /usr/bin/libtool libtool
substituteInPlace cmake/os/Darwin.cmake --replace /usr/bin/libtool libtool
'';
buildInputs = [
boost (curl.override { inherit openssl; }) icu libedit libevent lz4 ncurses openssl protobuf re2 readline zlib
zstd libfido2
] ++ lib.optionals stdenv.isLinux [
numactl libtirpc
] ++ lib.optionals stdenv.isDarwin [
cctools CoreServices developer_cmds DarwinTools
];
outputs = [ "out" "static" ];
cmakeFlags = [
"-DFORCE_UNSUPPORTED_COMPILER=1" # To configure on Darwin.
"-DWITH_ROUTER=OFF" # It may be packaged separately.
"-DWITH_SYSTEM_LIBS=ON"
"-DWITH_UNIT_TESTS=OFF"
"-DMYSQL_UNIX_ADDR=/run/mysqld/mysqld.sock"
"-DMYSQL_DATADIR=/var/lib/mysql"
"-DINSTALL_INFODIR=share/mysql/docs"
"-DINSTALL_MANDIR=share/man"
"-DINSTALL_PLUGINDIR=lib/mysql/plugin"
"-DINSTALL_INCLUDEDIR=include/mysql"
"-DINSTALL_DOCREADMEDIR=share/mysql"
"-DINSTALL_SUPPORTFILESDIR=share/mysql"
"-DINSTALL_MYSQLSHAREDIR=share/mysql"
"-DINSTALL_MYSQLTESTDIR="
"-DINSTALL_DOCDIR=share/mysql/docs"
"-DINSTALL_SHAREDIR=share/mysql"
];
postInstall = ''
moveToOutput "lib/*.a" $static
so=${stdenv.hostPlatform.extensions.sharedLibrary}
ln -s libmysqlclient$so $out/lib/libmysqlclient_r$so
'';
passthru = {
client = self;
connector-c = self;
server = self;
mysqlVersion = "8.0";
tests = nixosTests.mysql.mysql80;
};
meta = with lib; {
homepage = "https://www.mysql.com/";
description = "The world's most popular open source database";
license = licenses.gpl2;
maintainers = with maintainers; [ orivej ];
platforms = platforms.unix;
};
}; in self