From ceaea466d0ecd840c105e6514af0025cb759db06 Mon Sep 17 00:00:00 2001
From: CBL-Mariner-Bot <75509084+CBL-Mariner-Bot@users.noreply.github.com>
Date: Tue, 5 Nov 2024 17:01:53 -0500
Subject: [PATCH] [AUTOPATCHER-CORE] Upgrade mariadb to 10.11.10 none (#10934)

---
 .../address-libfmt-issue-with-mariadb.patch   | 36 +++++++++++++++++++
 SPECS/fmt/fmt.spec                            |  6 +++-
 SPECS/mariadb/CVE-2024-0901.patch             | 20 -----------
 SPECS/mariadb/mariadb.signatures.json         |  6 ++--
 SPECS/mariadb/mariadb.spec                    | 11 +++---
 cgmanifest.json                               |  4 +--
 6 files changed, 53 insertions(+), 30 deletions(-)
 create mode 100644 SPECS/fmt/address-libfmt-issue-with-mariadb.patch
 delete mode 100644 SPECS/mariadb/CVE-2024-0901.patch

diff --git a/SPECS/fmt/address-libfmt-issue-with-mariadb.patch b/SPECS/fmt/address-libfmt-issue-with-mariadb.patch
new file mode 100644
index 00000000000..25456a914d5
--- /dev/null
+++ b/SPECS/fmt/address-libfmt-issue-with-mariadb.patch
@@ -0,0 +1,36 @@
+From ad9ba5aa82d2b1e232c71203de165fa61ce02d4c Mon Sep 17 00:00:00 2001
+From: Victor Zverovich <viz@meta.com>
+Date: Fri, 9 Feb 2024 15:58:56 -0800
+Subject: [PATCH] Fix handling of static separator
+
+---
+ include/fmt/format-inl.h | 7 +++++--
+ 1 file changed, 5 insertions(+), 2 deletions(-)
+
+diff --git a/include/fmt/format-inl.h b/include/fmt/format-inl.h
+index efac5d1f..78c52ce8 100644
+--- a/include/fmt/format-inl.h
++++ b/include/fmt/format-inl.h
+@@ -114,7 +114,11 @@ template <typename Char> FMT_FUNC Char decimal_point_impl(locale_ref) {
+ 
+ FMT_FUNC auto write_loc(appender out, loc_value value,
+                         const format_specs<>& specs, locale_ref loc) -> bool {
+-#ifndef FMT_STATIC_THOUSANDS_SEPARATOR
++#ifdef FMT_STATIC_THOUSANDS_SEPARATOR
++  value.visit(loc_writer<>{
++      out, specs, std::string(1, FMT_STATIC_THOUSANDS_SEPARATOR), "\3", "."});
++  return true;
++#else
+   auto locale = loc.get<std::locale>();
+   // We cannot use the num_put<char> facet because it may produce output in
+   // a wrong encoding.
+@@ -123,7 +127,6 @@ FMT_FUNC auto write_loc(appender out, loc_value value,
+     return std::use_facet<facet>(locale).put(out, value, specs);
+   return facet(locale).put(out, value, specs);
+ #endif
+-  return false;
+ }
+ }  // namespace detail
+ 
+-- 
+2.44.0
\ No newline at end of file
diff --git a/SPECS/fmt/fmt.spec b/SPECS/fmt/fmt.spec
index 403aa208766..9789ac8c3ae 100644
--- a/SPECS/fmt/fmt.spec
+++ b/SPECS/fmt/fmt.spec
@@ -1,12 +1,13 @@
 Summary:        Small, safe and fast formatting library for C++
 Name:           fmt
 Version:        10.2.1
-Release:        1%{?dist}
+Release:        2%{?dist}
 License:        BSD
 Vendor:         Microsoft Corporation
 Distribution:   Azure Linux
 URL:            https://github.com/fmtlib/%{name}
 Source0:        https://github.com/fmtlib/%{name}/archive/refs/tags/%{version}.tar.gz#/%{name}-%{version}.tar.gz
+Patch0:         address-libfmt-issue-with-mariadb.patch
 
 BuildRequires:  gcc
 BuildRequires:  gcc-c++
@@ -80,6 +81,9 @@ sed -i "s/'--clean-css',//" doc/build.py
 %{_libdir}/pkgconfig/%{name}.pc
 
 %changelog
+* Tue Nov 05 2024 Nicolas Guibourge <mwani@microsoft.com> - 10.2.1-2
+- Add patch needed to build mariadb
+
 * Fri Jan 05 2024 Muhammad Falak <mwani@microsoft.com> - 10.2.1-1
 - Bump version to 10.2.1
 
diff --git a/SPECS/mariadb/CVE-2024-0901.patch b/SPECS/mariadb/CVE-2024-0901.patch
deleted file mode 100644
index 45c70065da8..00000000000
--- a/SPECS/mariadb/CVE-2024-0901.patch
+++ /dev/null
@@ -1,20 +0,0 @@
-diff --git a/extra/wolfssl/wolfssl/src/internal.c b/extra/wolfssl/wolfssl/src/internal.c
---- a/extra/wolfssl/wolfssl/src/internal.c	2024-06-21 11:46:35.999354801 -0700
-+++ b/extra/wolfssl/wolfssl/src/internal.c	2024-06-21 11:59:43.700966514 -0700
-@@ -19748,11 +19748,11 @@
-                 ssl->keys.decryptedCur = 1;
- #ifdef WOLFSSL_TLS13
-                 if (ssl->options.tls1_3) {
--                    /* end of plaintext */
--                    word16 i = (word16)(ssl->buffers.inputBuffer.idx +
--                                 ssl->curSize - ssl->specs.aead_mac_size);
--
--                    if (i > ssl->buffers.inputBuffer.length) {
-+                    word32 i = (ssl->buffers.inputBuffer.idx +
-+                        ssl->curSize - ssl->specs.aead_mac_size);
-+                    /* check that the end of the logical length doesn't extend
-+                     * past the real buffer */
-+                    if (i > ssl->buffers.inputBuffer.length || i == 0) {
-                         WOLFSSL_ERROR(BUFFER_ERROR);
-                         return BUFFER_ERROR;
-                     }
diff --git a/SPECS/mariadb/mariadb.signatures.json b/SPECS/mariadb/mariadb.signatures.json
index 913e57d700c..89c1435a106 100644
--- a/SPECS/mariadb/mariadb.signatures.json
+++ b/SPECS/mariadb/mariadb.signatures.json
@@ -1,5 +1,5 @@
 {
- "Signatures": {
-  "mariadb-10.11.6.tar.gz": "9938de4f4ad4f75ca15ff67b32421b611a0538faf5f71a084586c61384736b4a"
- }
+  "Signatures": {
+    "mariadb-10.11.10.tar.gz": "82905406675c7fa909ac9afda4c0a78a98523d44a0257afe00d19130119ca422"
+  }
 }
diff --git a/SPECS/mariadb/mariadb.spec b/SPECS/mariadb/mariadb.spec
index ba7bbc34a1e..d68078399d2 100644
--- a/SPECS/mariadb/mariadb.spec
+++ b/SPECS/mariadb/mariadb.spec
@@ -1,7 +1,7 @@
 Summary:        Database servers made by the original developers of MySQL.
 Name:           mariadb
-Version:        10.11.6
-Release:        3%{?dist}
+Version:        10.11.10
+Release:        1%{?dist}
 License:        GPLv2 WITH exceptions AND LGPLv2 AND BSD
 Vendor:         Microsoft Corporation
 Distribution:   Azure Linux
@@ -11,7 +11,6 @@ Group:          Applications/Databases
 # To generate run CBL-Mariner/SPECS/mariadb/generate_source_tarball.sh script
 URL:            https://mariadb.org/
 Source0:        https://github.com/MariaDB/server/archive/mariadb-%{version}.tar.gz
-Patch0:         CVE-2024-0901.patch
 BuildRequires:  cmake
 BuildRequires:  curl-devel
 BuildRequires:  e2fsprogs-devel
@@ -127,7 +126,7 @@ rm %{buildroot}%{_libdir}/mysql/plugin/{auth_gssapi_client.so,caching_sha2_passw
 rm %{buildroot}%{_libdir}/pkgconfig/libmariadb.pc
 rm %{buildroot}%{_includedir}/mysql/{errmsg.h,ma_list.h,ma_pvio.h,ma_tls.h,mysql_version.h,mysqld_error.h,mariadb_com.h,mariadb_ctype.h,mariadb_dyncol.h,mariadb_rpl.h,mariadb_stmt.h,mariadb_version.h,mysql.h}
 rm %{buildroot}%{_includedir}/mysql/mariadb/ma_io.h
-rm %{buildroot}%{_includedir}/mysql/mysql/{client_plugin.h,plugin_auth.h,plugin_auth_common.h}
+rm %{buildroot}%{_includedir}/mysql/mysql/{client_plugin.h,plugin_auth.h}
 
 mv  %{buildroot}%{_datadir}/systemd/mariadb.service %{buildroot}/%{_libdir}/systemd/system/mariadb.service
 mv  %{buildroot}%{_datadir}/systemd/mariadb@.service %{buildroot}/%{_libdir}/systemd/system/mariadb@.service
@@ -363,6 +362,7 @@ fi
 %{_mandir}/man1/wsrep_sst_common.1.gz
 %{_mandir}/man1/wsrep_sst_mysqldump.1.gz
 %{_mandir}/man1/wsrep_sst_rsync.1.gz
+%{_mandir}/man1/wsrep_sst_backup.1.gz
 %{_mandir}/man1/mariabackup.1.gz
 %{_mandir}/man1/mbstream.1.gz
 %{_mandir}/man1/mysql_embedded.1.gz
@@ -469,6 +469,9 @@ fi
 %{_datadir}/mysql/hindi/errmsg.sys
 
 %changelog
+* Tue Nov 05 2024 CBL-Mariner Servicing Account <cblmargh@microsoft.com> - 10.11.10-1
+- Auto-upgrade to 10.11.10 - to address CVE-2024-21096
+
 * Fri Jun 21 2024 Neha Agarwal <nehaagarwal@microsoft.com> - 10.11.6-3
 - Patch CVE-2024-0901
 
diff --git a/cgmanifest.json b/cgmanifest.json
index f5fc36f4594..8609e2ef6c1 100644
--- a/cgmanifest.json
+++ b/cgmanifest.json
@@ -12721,8 +12721,8 @@
         "type": "other",
         "other": {
           "name": "mariadb",
-          "version": "10.11.6",
-          "downloadUrl": "https://github.com/MariaDB/server/archive/mariadb-10.11.6.tar.gz"
+          "version": "10.11.10",
+          "downloadUrl": "https://github.com/MariaDB/server/archive/mariadb-10.11.10.tar.gz"
         }
       }
     },