From a801472fdd4e74f6802b59586c9d3349f219cbc3 Mon Sep 17 00:00:00 2001
From: starlet-dx <15929766099@163.com>
Date: Wed, 23 Jul 2025 10:52:45 +0800
Subject: [PATCH] Update to 8.0.43 for fix CVEs

(cherry picked from commit c29e24cb10053fd69461c05f42175907190f1dd1)
---
 mysql-boost-8.0.42.tar.gz.asc                 | 16 -----------
 ...8.0.42.tar.gz => mysql-boost-8.0.43.tar.gz |  4 +--
 mysql-boost-8.0.43.tar.gz.asc                 | 16 +++++++++++
 mysql-paths.patch                             | 28 +++++++++----------
 mysql.spec                                    | 10 ++++++-
 5 files changed, 41 insertions(+), 33 deletions(-)
 delete mode 100644 mysql-boost-8.0.42.tar.gz.asc
 rename mysql-boost-8.0.42.tar.gz => mysql-boost-8.0.43.tar.gz (32%)
 create mode 100644 mysql-boost-8.0.43.tar.gz.asc

diff --git a/mysql-boost-8.0.42.tar.gz.asc b/mysql-boost-8.0.42.tar.gz.asc
deleted file mode 100644
index 74d46b7..0000000
--- a/mysql-boost-8.0.42.tar.gz.asc
+++ /dev/null
@@ -1,16 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQIzBAABCAAdFiEEvKQ0F8O0hd0SjsbUt7O3iKjTeFwFAmfsxhAACgkQt7O3iKjT
-eFyExw//etTPv3bxpiwiNxAihTVQ8j+rc9KCzmbhm251DOTGjbwjDitEqve35nJK
-pxaWaTHQnn5kbqPz8px/BzYd0JldluPYMGSqMDsLylxGf3R5e+x+rtKQtiuBuKoe
-QVBrfFjJXEwkv9LuZvZoZDMf7pgdumcBencKl7mBrQzIRGxR2aFqfJCoy6Q0iHBU
-Cr5Wr+w3uidlOWAEAEDFRRTZyB07IqRvoRIjabEBTToXmux/QzMG+diVpzYlwV2s
-sXD4begczJSK2G+3oFvpNt4ybuukQJqGIu85KU1P55OxzcK6kZCk/++sTTGxyjEH
-GMAO+k8CiZyDMRIMXbnoKylCdwjqkXbg7vHo4JAaeqnOig6Gxkot/WoEPHWGi/Dm
-u74LDCLOv3QXz/wI0YdaVVYb5JFlsDtKN0fmEj7G+1dfkvGkBr7yvMP/KQmv4sbv
-QVnQiOyvvqKUWUFtfYbkSac0NSxiD6X81WOT1hEY9DhVqeqtQY9ZIwrB+7MNZefM
-pkmorsDHJfGOsfna/bXIfHIbmLCoGPUVUReT/aNYglOs7RzoCstI+2dgPvRTPeOB
-28rx/gOm9d9TEWvMIw0Usj0a7ShqsiMw8GN41Ybcec11P8HnyjlHcOE8MxKBY4lR
-mPoGFadUEDERkwuoVAFxgYB5dElfQm+GvaTCa5tuEApDv68J+bA=
-=x3/7
------END PGP SIGNATURE-----
diff --git a/mysql-boost-8.0.42.tar.gz b/mysql-boost-8.0.43.tar.gz
similarity index 32%
rename from mysql-boost-8.0.42.tar.gz
rename to mysql-boost-8.0.43.tar.gz
index b5b3832..5bad41b 100644
--- a/mysql-boost-8.0.42.tar.gz
+++ b/mysql-boost-8.0.43.tar.gz
@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:c2aa67c618edfa1bc379107fe819ca8e94cba5d85f156d1053b8fedc88cc5f8f
-size 492301593
+oid sha256:85fd5c3ac88884dc5ac4522ce54ad9c11a91f9396fecaa27152c757a3e6e936f
+size 492715363
diff --git a/mysql-boost-8.0.43.tar.gz.asc b/mysql-boost-8.0.43.tar.gz.asc
new file mode 100644
index 0000000..ff00562
--- /dev/null
+++ b/mysql-boost-8.0.43.tar.gz.asc
@@ -0,0 +1,16 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQIzBAABCAAdFiEEvKQ0F8O0hd0SjsbUt7O3iKjTeFwFAmhvmm4ACgkQt7O3iKjT
+eFydLRAAgudNA0wAljAlNrPNSgHQv0ykT/r5cEZYO4vzqvZcIkGfjnDw3EeDi8Oc
+IHYpxBrCkYL8MHFGqo16UsEiRsBfFLtEoBEd85qme2QSTgJP4sVbz7ttwSOvvI0A
+4L8+0GQvPcYJQ3L6hsVDY3ZxQylDlrCorLJTLeWEyRKu4NaO663lL+HaHuhaTnis
+a8eRqQMvqi3JKG4QPxyY7bEjz6iaDAWP2xB+MDkI8tNW5hVliKzUuY/Gp/GmFzHB
+ci9HlCrsZCSn5bk1zALj1b2Y27RFKudHNlIfHT0dSeKPxJtGnXrWJwAuLUP8Hqiy
+Rrabd6OFj96JX8WF/oKlKULxKQyAqO4YqD/yJOLEylhRKnfaTbkzMiEcexE4u2dp
+BO9KuYZaEGZD5xEty6G58+JGQDO9ej1rGYSUWxh+ydE/1lnZTz7+DefZ9gLAnV2L
+uJbQ/Uqtj5G0spOFN+b698aYLSTmojGQELo1oeS4Bqu/LYnKT480n75hhf5/kAMc
+KtlUR6z+bOnDqnIan5vsRT8B2etoJ3dPMailO8IWX+3nTooE9V8MavyznXLHR7nZ
+96QkeVZWlTXujF2LpqS34cL2RMZ5U5yrmzI3jNQ79ijivQFFT6eVLp4OVhUlrLls
+5bvbZTx7Z87JOjooJUZVESnQcri0K8fWiecDN1JzFFs7+iGX4S8=
+=DPbL
+-----END PGP SIGNATURE-----
diff --git a/mysql-paths.patch b/mysql-paths.patch
index d5978b6..6e34556 100644
--- a/mysql-paths.patch
+++ b/mysql-paths.patch
@@ -4,10 +4,10 @@ Software Collections. Removing these hard-coded paths should fix it.
 Upstream report: https://mariadb.atlassian.net/browse/MDEV-6485
 
 diff --git a/cmake/install_layout.cmake b/cmake/install_layout.cmake
-index 9f7945d8..6734cdfd 100644
+index d1d50236..6cb09aae 100644
 --- a/cmake/install_layout.cmake
 +++ b/cmake/install_layout.cmake
-@@ -105,7 +105,7 @@ IF(UNIX)
+@@ -106,7 +106,7 @@ IF(UNIX)
      " Choose between ${VALID_INSTALL_LAYOUTS}" )
    ENDIF()
  
@@ -16,19 +16,19 @@ index 9f7945d8..6734cdfd 100644
      CACHE PATH "config directory (for my.cnf)")
    MARK_AS_ADVANCED(SYSCONFDIR)
  ENDIF()
-@@ -189,6 +189,7 @@ SET(INSTALL_SECURE_FILE_PRIVDIR_TARGZ ${secure_file_priv_path})
- #
- SET(INSTALL_BINDIR_RPM                  "bin")
- SET(INSTALL_SBINDIR_RPM                 "sbin")
-+SET(INSTALL_SYSCONFDIR_RPM              "/etc")
+@@ -201,6 +201,7 @@ IF(LINUX_FEDORA_SBIN_MERGE)
+   SET(INSTALL_SBINDIR_RPM                 "bin")
+ ELSE()
+   SET(INSTALL_SBINDIR_RPM                 "sbin")
++  SET(INSTALL_SYSCONFDIR_RPM              "/etc")
+ ENDIF()
  #
  IF(CMAKE_SYSTEM_PROCESSOR IN_LIST KNOWN_64BIT_ARCHITECTURES)
-   SET(INSTALL_LIBDIR_RPM                "lib64/mysql")
 diff --git a/mysys/my_default.cc b/mysys/my_default.cc
-index 290f1666..8403425f 100644
+index 117be04c..c01bd799 100644
 --- a/mysys/my_default.cc
 +++ b/mysys/my_default.cc
-@@ -1570,12 +1570,12 @@ static const char **init_default_directories(MEM_ROOT *alloc) {
+@@ -1652,12 +1652,12 @@ static const char **init_default_directories(MEM_ROOT *alloc) {
  
  #else
  
@@ -45,10 +45,10 @@ index 290f1666..8403425f 100644
  
  #endif
 diff --git a/scripts/CMakeLists.txt b/scripts/CMakeLists.txt
-index 4149a764..b091d5e2 100644
+index cfee6b80..a66b0959 100644
 --- a/scripts/CMakeLists.txt
 +++ b/scripts/CMakeLists.txt
-@@ -288,9 +288,9 @@ IF(UNIX)
+@@ -271,9 +271,9 @@ IF(UNIX)
  ENDIF(UNIX)
  
  SET(prefix "${CMAKE_INSTALL_PREFIX}")
@@ -61,10 +61,10 @@ index 4149a764..b091d5e2 100644
  SET(libsubdir  ${INSTALL_LIBDIR})
  SET(pkgincludedir ${prefix}/${INSTALL_INCLUDEDIR})
 diff --git a/scripts/mysqld_multi.pl.in b/scripts/mysqld_multi.pl.in
-index 84dd4d7c..50397ddd 100644
+index 2f26beba..ba8e47a2 100644
 --- a/scripts/mysqld_multi.pl.in
 +++ b/scripts/mysqld_multi.pl.in
-@@ -586,9 +586,7 @@ sub list_defaults_files
+@@ -587,9 +587,7 @@ sub list_defaults_files
  
    my %seen;  # Don't list the same file more than once
    return grep { defined $_ and not $seen{$_}++ and -f $_ and -r $_ }
diff --git a/mysql.spec b/mysql.spec
index 47643de..cd90711 100644
--- a/mysql.spec
+++ b/mysql.spec
@@ -29,7 +29,7 @@
 %bcond_without conflicts
 %global sameevr   %{?epoch:%{epoch}:}%{version}-%{release}
 Name:                mysql
-Version:             8.0.42
+Version:             8.0.43
 Release:             1
 Summary:             MySQL client programs and shared libraries
 URL:                 http://www.mysql.com
@@ -551,6 +551,14 @@ fi
 %{_mandir}/man1/mysql_config.1*
 
 %changelog
+* Wed Jul 23 2025 yaoxin <1024769339@qq.com> - 8.0.43-1
+- Update to 8.4.6 for fix CVEs (CVE-2025-50068,CVE-2025-50077,CVE-2025-50078,
+  CVE-2025-50079,CVE-2025-50080,CVE-2025-50081,CVE-2025-50082,CVE-2025-50083,
+  CVE-2025-50084,CVE-2025-50085,CVE-2025-50086,CVE-2025-50087,CVE-2025-50091,
+  CVE-2025-50092,CVE-2025-50093,CVE-2025-50094,CVE-2025-50096,CVE-2025-50097,
+  CVE-2025-50098,CVE-2025-50099,CVE-2025-50100,CVE-2025-50101,CVE-2025-50102,
+  CVE-2025-50104,CVE-2025-53023)
+
 * Wed Apr 16 2025 yaoxin <1024769339@qq.com> - 8.0.42-1
 - Update to 8.0.42 for fix CVEs(CVE-2025-21574,CVE-2025-21575,CVE-2025-21577,
   CVE-2025-21580,CVE-2025-21581,CVE-2025-21584,CVE-2025-21585,CVE-2025-30681,
-- 
Gitee