[AUTO-CHERRYPICK] Upgrade mysql to 8.0.42 for fixing 25 CVEs - branch 3.0-dev (#13987)

CBL-Mariner-Bot · Kanishk-Bansal · Kanishk Bansal · web-flow · commit 2a5b11fc0688 · 2025-06-13T15:28:06.000-04:00
Signed-off-by: Kanishk Bansal &lt;kanbansal@microsoft.com&gt;
Co-authored-by: Kanishk Bansal &lt;103916909+Kanishk-Bansal@users.noreply.github.com&gt;
Co-authored-by: Kanishk Bansal &lt;kanbansal@microsoft.com&gt;
diff --git a/SPECS/mysql/mysql.signatures.json b/SPECS/mysql/mysql.signatures.json
@@ -1,5 +1,5 @@
 {
   "Signatures": {
-    "mysql-boost-8.0.41.tar.gz": "719589993b1a6769edb82b59f28e0dab8d47df94fa53ac4e9340b7c5eaba937c"
+    "mysql-boost-8.0.42.tar.gz": "c2aa67c618edfa1bc379107fe819ca8e94cba5d85f156d1053b8fedc88cc5f8f"
   }
 }
diff --git a/SPECS/mysql/mysql.spec b/SPECS/mysql/mysql.spec
@@ -2,7 +2,7 @@
 
 Summary:        MySQL.
 Name:           mysql
-Version:        8.0.41
+Version:        8.0.42
 Release:        1%{?dist}
 License:        GPLv2 with exceptions AND LGPLv2 AND BSD
 Vendor:         Microsoft Corporation
@@ -108,6 +108,12 @@ sudo -u test make test || { cat Testing/Temporary/LastTest.log; false; }
 %{_libdir}/pkgconfig/mysqlclient.pc
 
 %changelog
+* Wed Jun 04 2025 Kanishk Bansal <kanbansal@microsoft.com> - 8.0.42-1
+- Upgrade to 8.0.42 to fix CVE-2025-30687, CVE-2025-30705, CVE-2025-30699, CVE-2025-30681, CVE-2025-30721, CVE-2025-21581, CVE-2025-30685,
+  CVE-2025-30704, CVE-2025-30703, CVE-2025-30683, CVE-2025-30689, CVE-2025-21579, CVE-2025-30695, CVE-2025-21585, CVE-2025-30715,
+  CVE-2025-21574, CVE-2025-30682, CVE-2025-21580, CVE-2025-21575, CVE-2025-21577, CVE-2025-30693, CVE-2025-30696, CVE-2025-30688,
+  CVE-2025-21584, CVE-2025-30684
+
 * Tue Mar 26 2025 Kanishk Bansal <kanbansal@microsoft.com> - 8.0.41-1
 - Upgrade to 8.0.41 to fix CVE-2025-21490 & CVE-2024-11053
 - Remove patch for CVE-2024-9681
diff --git a/cgmanifest.json b/cgmanifest.json
@@ -13732,8 +13732,8 @@
         "type": "other",
         "other": {
           "name": "mysql",
-          "version": "8.0.41",
-          "downloadUrl": "https://dev.mysql.com/get/Downloads/MySQL-8.0/mysql-boost-8.0.41.tar.gz"
+          "version": "8.0.42",
+          "downloadUrl": "https://dev.mysql.com/get/Downloads/MySQL-8.0/mysql-boost-8.0.42.tar.gz"
         }
       }
     },

Original file line number	Diff line number	Diff line change
`@@ -1,5 +1,5 @@`
`1`	`1`	`{`
`2`	`2`	`"Signatures": {`
`3`		`- "mysql-boost-8.0.41.tar.gz": "719589993b1a6769edb82b59f28e0dab8d47df94fa53ac4e9340b7c5eaba937c"`
	`3`	`+ "mysql-boost-8.0.42.tar.gz": "c2aa67c618edfa1bc379107fe819ca8e94cba5d85f156d1053b8fedc88cc5f8f"`
`4`	`4`	`}`
`5`	`5`	`}`
Original file line number	Diff line number	Diff line change
`@@ -13732,8 +13732,8 @@`
`13732`	`13732`	`"type": "other",`
`13733`	`13733`	`"other": {`
`13734`	`13734`	`"name": "mysql",`
`13735`		`- "version": "8.0.41",`
`13736`		`- "downloadUrl": "https://dev.mysql.com/get/Downloads/MySQL-8.0/mysql-boost-8.0.41.tar.gz"`
	`13735`	`+ "version": "8.0.42",`
	`13736`	`+ "downloadUrl": "https://dev.mysql.com/get/Downloads/MySQL-8.0/mysql-boost-8.0.42.tar.gz"`
`13737`	`13737`	`}`
`13738`	`13738`	`}`
`13739`	`13739`	`},`