Upgrade mysql to 8.0.37

SPECS/mysql/mysql.signatures.json

@@ -1,5 +1,5 @@
 {
-  "Signatures": {
-    "mysql-boost-8.0.36.tar.gz": "429c5f69f3722e31807e74119d157a023277af210bfee513443cae60ebd2a86d"
-  }
-}
+ "Signatures": {
+  "mysql-boost-8.0.37.tar.gz": "fe0c7986f6a2d6a2ddf65e00aadb90fa6cb73da38c4172dc2b930dd1c2dc4af6"
+ }
+}

SPECS/mysql/mysql.spec

@@ -1,6 +1,6 @@
 Summary:        MySQL.
 Name:           mysql
-Version:        8.0.36
+Version:        8.0.37
 Release:        1%{?dist}
 License:        GPLv2 with exceptions AND LGPLv2 AND BSD
 Vendor:         Microsoft Corporation
@@ -9,7 +9,6 @@ Group:          Applications/Databases
 URL:            https://www.mysql.com
 Source0:        https://dev.mysql.com/get/Downloads/MySQL-8.0/%{name}-boost-%{version}.tar.gz
 Patch0:         CVE-2012-5627.nopatch
-Patch1:         CVE-2023-46218.patch
 BuildRequires:  cmake
 BuildRequires:  libtirpc-devel
 BuildRequires:  openssl-devel
@@ -98,6 +97,10 @@ fi
 %{_libdir}/pkgconfig/mysqlclient.pc
 
 %changelog
+* Thu Oct 17 2024 Sudipta Pandit <[email protected]> - 8.0.37-1
+- Upgrade to 8.0.37 to fix CVE-2024-21096
+- Remove patch for CVE-2023-46218 (fixed in 8.0.37)
+
 * Tue Jun 18 2024 Archana Choudhary <[email protected]> - 8.0.36-1
 - Upgrade to 8.0.36 to fix 10 CVEs
 

cgmanifest.json

@@ -13813,8 +13813,8 @@
         "type": "other",
         "other": {
           "name": "mysql",
-          "version": "8.0.36",
-          "downloadUrl": "https://dev.mysql.com/get/Downloads/MySQL-8.0/mysql-boost-8.0.36.tar.gz"
+          "version": "8.0.37",
+          "downloadUrl": "https://dev.mysql.com/get/Downloads/MySQL-8.0/mysql-boost-8.0.37.tar.gz"
         }
       }
     },