Dear MySQL users,
MySQL Community Server 5.0.37, a new version of the popular Open Source
Database Management System, has been released. The release is now
available in source and binary form from our download pages at
and mirror sites.
Note that not all mirror sites may be up to date at this point in time,
so if you can't find this version on some mirror, please try again later
or choose another download site.
This is our second full (source and binary) release of the MySQL
Community Server since we made the split between the Community and
Enterprise Version. It includes all bug fixes applied to up to and
including the MySQL 5.0.36 Enterprise Server.
This release also resolves a crashing bug that could be exploited as a
potential local Denial of Service attack,
We would like to thank Stefan Streichsbier from SEC Consult, who also
informed us about this bug via our security@stripped mail address - he
will send out a separate advisory about his findings.
In addition to these bug fixes we'd like to thank Jeremy Cole for the
contribution of two new features, the SHOW PROFILE statement which
provides access to various profiling information useful to analyze
performance bottlenecks. This information is also visible in the
corresponding INFORMATION_SCHEMA.PROFILING table.
Unfortunately the SHOW PROFILE implementation as of 5.0.37 still has a
small gotcha, that we will resolve for the next release: the MySQL
command line client hangs if you issue the SHOW PROFILE command without
having enabled the @@profiling session variable before:
So when you evaluate this new feature, make sure to enable it by issuing
"SET @@profiling = 1;" before.
Jeremy also contributed a patch to display the
"Uptime_since_flush_status" status variable, which indicates the number
of seconds since the most recent FLUSH STATUS statement.
We welcome and appreciate your feedback, bug reports, bug fixes,
The following section lists the changes from version to version in the
MySQL source code as compared to the last released version of MySQL
Community Server, the MySQL Community Server 5.0.33 source only release.
It can also be viewed online at
Functionality added or changed:
* Added the SHOW PROFILES and SHOW PROFILE statements to display
statement profile data, and the accompanying
INFORMATION_SCHEMA.PROFILING table. Profiling is controlled
via the profiling and profiling_history_size session
variables. see Section 188.8.131.52, "SHOW PROFILES and SHOW
PROFILE Syntax," and Section 20.17, "The INFORMATION_SCHEMA
PROFILING Table." (From Jeremy Cole)
* Added the Uptime_since_flush_status status variable, which
indicates the number of seconds since the most recent FLUSH
STATUS statement. (From Jeremy Cole)
* Incompatible change: Previously, the DATE_FORMAT() function
returned a binary string. Now it returns a string with a
character set and collation given by character_set_connection
and collation_connection so that it can return month and
weekday names containing non-ASCII characters.
* NDB Cluster: The LockPagesInMainMemory configuration parameter
has changed its type and possible values. For more
information, see LockPagesInMainMemory.
Important: The values true and false are no longer accepted
for this parameter. If you were using this parameter and had
it set to false in a previous release, you must change it to
0. If you had this parameter set to true, you should instead
use 1 to obtain the same behavior as previously, or 2 to take
advantage of new functionality introduced with this release
described in the section cited above.
* Important: When using MERGE tables the definition of the MERGE
table and the MyISAM tables are checked each time the tables
are opened for access (including any SELECT or INSERT
statement. Each table is compared for column order, types,
sizes and associated. If there is a difference in any one of
the tables then the statement will fail.
* The localhost anonymous user account created during MySQL
installation on Windows now has no global privileges. Formerly
this account had all global privileges. For operations that
require global privileges, the root account can be used
instead. (Bug#24496: http://bugs.mysql.com/24496)
* The bundled yaSSL library was upgraded to version 1.5.8.
* The --skip-thread-priority option now is enabled by default
for binary Mac OS X distributions. Use of thread priorities
degrades performance on Mac OS X.
* Added the --disable-grant-options option to configure. If
configure is run with this option, the --bootstrap,
--skip-grant-tables, and --init-file options for mysqld are
disabled and cannot be used. For Windows, the configure.js
script recognizes the DISABLE_GRANT_OPTIONS flag, which has
the same effect.
* Incompatible change: For ENUM columns that had enumeration
values containing commas, the commas were mapped to 0xff
internally. However, this rendered the commas
indistinguishable from true 0xff characters in the values.
This no longer occurs. However, the fix requires that you dump
and reload any tables that have ENUM columns containing true
0xff in their values: Dump the tables using mysqldump with the
current server before upgrading from a version of MySQL 5.0
older than 5.0.36 to version 5.0.36 or newer.
* If the duplicate key value was present in the table, INSERT
... ON DUPLICATE KEY UPDATE reported a row count indicating
that a record was updated, even when no record actually
changed due to the old and new values being the same. Now it
reports a row count of zero.
* Some UPDATE statements were slower than in previous versions
when the search key could not be converted to a valid value
for the type of the search column.
* The WITH CHECK OPTION clause for views was ignored for updates
of multiple-table views when the updates could not be
performed on fly and the rows to update had to be put into
temporary tables first.
* Using ORDER BY or GROUP BY could yield different results when
selecting from a view and selecting from the underlying table.
* LAST_INSERT_ID() was not reset to 0 if INSERT ... SELECT
inserted no rows. (Bug#23170: http://bugs.mysql.com/23170)
* Storing values specified as hexadecimal values 64 or more bits
long into BIT(64), BIGINT, or BIGINT UNSIGNED columns did not
raise any warning or error if the value was out of range.
* Inserting DEFAULT into a column with no default value could
result in garbage in the column. Now the same result occurs as
when inserting NULL into a NOT NULL column.
* The presence of ORDER BY in a view definition prevented the
MERGE algorithm from being used to resolve the view even if
nothing else in the definition required the TEMPTABLE
algorithm. (Bug#12122: http://bugs.mysql.com/12122)
* ISNULL(DATE(NULL)) and ISNULL(CAST(NULL AS DATE)) erroneously
returned false. (Bug#23938: http://bugs.mysql.com/23938)
* If a slave server closed its relay log (for example, due to an
error during log rotation), the I/O thread did not recognize
this and still tried to write to the log, causing a server
crash. (Bug#10798: http://bugs.mysql.com/10798)
* Using an INFORMATION_SCHEMA table with ORDER BY in a subquery
could cause a server crash.
* Collation for LEFT JOIN comparisons could be evaluated
incorrectly, leading to improper query results.
* For the IF() and COALESCE() function and CASE expressions,
large unsigned integer values could be mishandled and result
in warnings. (Bug#22026: http://bugs.mysql.com/22026)
* The number of setsockopt() calls performed for reads and
writes to the network socket was reduced to decrease system
call overhead. (Bug#22943: http://bugs.mysql.com/22943)
* A WHERE clause that used BETWEEN for DATETIME values could be
treated differently for a SELECT and a view defined as that
SELECT. (Bug#26124: http://bugs.mysql.com/26124)
* ORDER BY on DOUBLE values could change the set of rows
returned by a query. (Bug#19690: http://bugs.mysql.com/19690)
* The code for generating USE statements for binary logging of
CREATE PROCEDURE statements resulted in confusing output from
mysqlbinlog for DROP PROCEDURE statements.
* LOAD DATA INFILE did not work with pipes.
* DISTINCT queries that were executed using a loose scan for an
InnoDB table that had been emptied caused a server crash.
* The InnoDB parser sometimes did not account for null bytes,
causing spurious failure of some queries.
* Type conversion errors during formation of index search
conditions were not correctly checked, leading to incorrect
query results. (Bug#22344: http://bugs.mysql.com/22344)
* Within a stored routine, accessing a declared routine variable
with PROCEDURE ANALYSE() caused a server crash.
* Use of already freed memory caused SSL connections to hang
forever. (Bug#19209: http://bugs.mysql.com/19209)
* mysql.server stop timed out too quickly (35 seconds) waiting
for the server to exit. Now it waits up to 15 minutes, to
ensure that the server exits.
* A yaSSL program named test was installed, causing conflicts
with the test system utility. It is no longer installed.
* perror crashed on some platforms due to failure to handle a
NULL pointer. (Bug#25344: http://bugs.mysql.com/25344)
* mysql_stmt_fetch() did an invalid memory deallocation when
used with the embedded server.
* mysql_kill() caused a server crash when used on an SSL
connection. (Bug#25203: http://bugs.mysql.com/25203)
* The readline library wrote to uninitialized memory, causing
mysql to crash. (Bug#19474: http://bugs.mysql.com/19474)
* yaSSL was sensitive to the presence of whitespace at the ends
of lines in PEM-encoded certificates, causing a server crash.
* mysqld_multi and mysqlaccess looked for option files in /etc
even if the --sysconfdir option for configure had been given
to specify a different directory.
* The SEC_TO_TIME() and QUARTER() functions sometimes did not
handle NULL values correctly.
* With ONLY_FULL_GROUP_BY enables, the server was too strict:
Some expressions involving only aggregate values were rejected
as non-aggregate (for example, MAX(a) - MIN(a)).
* The arguments of the ENCODE() and the DECODE() functions were
not printed correctly, causing problems in the output of
EXPLAIN EXTENDED and in view definitions.
* An error in the name resolution of nested JOIN ... USING
constructs was corrected.
* A return value of -1 from user-defined handlers was not
handled well and could result in conflicts with server code.
* The server might fail to use an appropriate index for DELETE
when ORDER BY, LIMIT, and a non-restricting WHERE are present.
* Use of ON DUPLICATE KEY UPDATE defeated the usual restriction
against inserting into a join-based view unless only one of
the underlying tables is used.
* Some queries against INFORMATION_SCHEMA that used subqueries
failed. (Bug#23299: http://bugs.mysql.com/23299).
* SHOW COLUMNS reported some NOT NULL columns as NULL.
* View definitions that used the ! operator were treated as
containing the NOT operator, which has a different precedence
and can produce different results.
* For a UNIQUE index containing many NULL values, the optimizer
would prefer the index for col IS NULL conditions over other
more selective indexes.
* GROUP BY and DISTINCT did not group NULL values for columns
that have a UNIQUE index.
* ALTER TABLE ... ENABLE KEYS acquired a global lock, preventing
concurrent execution of other statements that use tables.
* For an InnoDB table with any ON DELETE trigger, TRUNCATE TABLE
mapped to DELETE and activated triggers. Now a fast truncation
occurs and triggers are not activated.
* For ALTER TABLE, using ORDER BY expression could cause a
server crash. Now the ORDER BY clause allows only column names
to be specified as sort criteria (which was the only
documented syntax, anyway).
* readline detection did not work correctly on NetBSD.
* The --with-readline option for configure does not work for
commercial source packages, but no error message was printed
to that effect. Now a message is printed.
* If an ORDER BY or GROUP BY list included a constant expression
being optimized away and, at the same time, containing
single-row subselects that return more that one row, no error
was reported. If a query requires sorting by expressions
containing single-row subselects that return more than one
row, execution of the query may cause a server crash.
* Attempts to access a MyISAM table with a corrupt column
definition caused a server crash.
* To enable installation of MySQL RPMs on Linux systems running
RHEL 4 (which includes SE-Linux) additional information was
provided to specify some actions that are allowed to the MySQL
binaries. (Bug#12676: http://bugs.mysql.com/12676)
* When SET PASSWORD was written to the binary log double quotes
were included in the statement. If the slave was running in
with the sql_mode set to ANSI_QUOTES the event would fail and
halt the replication process.
* Accessing a fixed record format table with a crashed key
definition results in server/myisamchk segmentation fault.
* When opening a corrupted .frm file during a query, the server
crashes. (Bug#24358: http://bugs.mysql.com/24358)
* If there was insufficient memory to store or update a blob
record in a MyISAM table then the table will marked as
crashed. (Bug#23196: http://bugs.mysql.com/23196)
* When updating a table that used a JOIN of the table itself
(for example, when building trees) and the table was modified
on one side of the expression, the table would either be
reported as crashed or the wrong rows in the table would be
updated. (Bug#21310: http://bugs.mysql.com/21310)
* Queries that evaluate NULL IN (SELECT ... UNION SELECT ...)
could produce an incorrect result (FALSE instead of NULL).
* When reading from the standard input on Windows, mysqlbinlog
opened the input in text mode rather than binary mode and
consequently misinterpreted some characters such as Control-Z.
* Within stored routines or prepared statements, inconsistent
results occurred with multiple use of INSERT ... SELECT ... ON
DUPLICATE KEY UPDATE when the ON DUPLICATE KEY UPDATE clause
erroneously tried to assign a value to a column mentioned only
in its SELECT part. (Bug#24491: http://bugs.mysql.com/24491)
* Expressions of the form (a, b) IN (SELECT a, MIN(b) FROM t
GROUP BY a) could produce incorrect results when column a of
table t contained NULL values while column b did not.
* Expressions of the form (a, b) IN (SELECT c, d ...) could
produce incorrect results if a, b, or both were NULL.
* No warning was issued for use of the DATA DIRECTORY or INDEX
DIRECTORY table options on a platform that does not support
them. (Bug#17498: http://bugs.mysql.com/17498)
* When a prepared statement failed during the prepare operation,
the error code was not cleared when it was reused, even if the
subsequent use was successful.
* mysql_upgrade failed when called with a basedir pathname
containing spaces. (Bug#22801: http://bugs.mysql.com/22801)
* Hebrew-to-Unicode conversion failed for some characters.
Definitions for the following Hebrew characters (as specified
by the ISO/IEC 8859-8:1999) were added: LEFT-TO-RIGHT MARK
(LRM), RIGHT-TO-LEFT MARK (RLM)
* An AFTER UPDATE trigger on an InnoDB table with a composite
primary key caused the server to crash.
* A query that contained an EXIST subquery with a UNION over
correlated and uncorrelated SELECT queries could cause the
server to crash. (Bug#25219: http://bugs.mysql.com/25219)
* A query with ORDER BY and GROUP BY clauses where the ORDER BY
clause had more elements than the GROUP BY clause caused a
memory overrun leading to a crash of the server.
* If there was insufficient memory available to mysqld, this
could sometimes cause the server to hang during startup.
* If a prepared statement accessed a view, access to the tables
listed in the query after that view was checked in the
security context of the view.
* A query using WHERE unsigned_column NOT IN ('negative_value')
could cause the server to crash.
* A FETCH statement using a cursor on a table which was not in
the table cache could sometimes cause the server to crash.
* SSL connections could hang at connection shutdown.
* The STDDEV() function returned a positive value for data sets
consisting of a single value.
* mysqltest incorrectly tried to retrieve result sets for some
queries where no result set was available.
* mysqltest crashed with a stack overflow.
* Passing a NULL value to a user-defined function from within a
stored procedure crashes the server.
* The row count for MyISAM tables was not updated properly,
causing SHOW TABLE STATUS to report incorrect values.
* The BUILD/check-cpu script did not recognize Celeron
processors. (Bug#20061: http://bugs.mysql.com/20061)
* On Windows, the SLEEP() function could sleep too long,
especially after a change to the system clock.
* A stored routine containing semicolon in its body could not be
reloaded from a dump of a binary log.
* For SET, SELECT, and DO statements that invoked a stored
function from a database other than the default database, the
function invocation could fail to be replicated.
* SET lc_time_names = value allowed only exact literal values,
not expression values.
* Changes to the lc_time_names system variable were not
replicated. (Bug#22645: http://bugs.mysql.com/22645)
* SELECT ... FOR UPDATE, SELECT ... LOCK IN SHARE MODE, DELETE,
and UPDATE statements executed using a full table scan were
not releasing locks on rows that did not satisfy the WHERE
condition. (Bug#20390: http://bugs.mysql.com/20390)
* A stored procedure, executed from a connection using a binary
character set, and which wrote multibyte data, would write
incorrectly escaped entries to the binary log. This caused
syntax errors, and caused replication to fail.
* mysqldump --order-by-primary failed if the primary key name
was an identifier that required quoting.
* Re-execution of CREATE DATABASE, CREATE TABLE, and ALTER TABLE
statements in stored routines or as prepared statements caused
incorrect results or crashes.
* The internal functions for table preparation, creation, and
alteration were not re-execution friendly, causing problems in
code that: repeatedly altered a table; repeatedly created and
dropped a table; opened and closed a cursor on a table,
altered the table, and then reopened the cursor.
* A workaround was implemented to avoid a race condition in the
NPTL pthread_exit() implementation.
* NDB Cluster (Cluster APIs): libndbclient.so was not versioned.
* NDB Cluster: The ndb_size.tmpl file (necessary for using the
ndb_size.pl script) was missing from binary distributions.
* NDB Cluster: A query with an IN clause against an NDB table
employing explicit user-defined partitioning did not always
return all matching rows.
* NDB Cluster: An UPDATE using an IN clause on an NDB table on
which there was a trigger caused mysqld to crash.
* NDB Cluster (Cluster APIs): Deletion of an
Ndb_cluster_connection object took a very long time.
* NDB Cluster: It was not possible to create an NDB table with a
key on two VARCHAR columns where both columns had a storage
length in excess of 256.
* NDB Cluster: In some circumstances, shutting down the cluster
could cause connected mysqld processes to crash.
* NDB Cluster: Memory allocations for TEXT columns were
calculated incorrectly, resulting in space being wasted and
other issues. (Bug#25562: http://bugs.mysql.com/25562)
* NDB Cluster: The failure of a master node during a node
restart could lead to a resource leak, causing later node
failures. (Bug#25554: http://bugs.mysql.com/25554)
* NDB Cluster: The management server did not handle logging of
node shutdown events correctly in certain cases.
* NDB Cluster: A node shutdown occurred if the master failed
during a commit. (Bug#25364: http://bugs.mysql.com/25364)
* NDB Cluster: Creating a non-unique index with the USING HASH
clause silently created an ordered index instead of issuing a
warning. (Bug#24820: http://bugs.mysql.com/24820)
* NDB Cluster: SELECT statements with a BLOB or TEXT column in
the selected column list and a WHERE condition including a
primary key lookup on a VARCHAR primary key produced empty
result sets. (Bug#19956: http://bugs.mysql.com/19956)
* Optimizations that are legal only for subqueries without
tables and WHERE conditions were applied for any subquery
without tables. (Bug#24670: http://bugs.mysql.com/24670)
* The server was built even when configure was run with the
* mysqld_error.h was not installed when only the client
libraries were built. (Bug#21265: http://bugs.mysql.com/21265)
* Using a view in combination with a USING clause caused column
aliases to be ignored.
* A view was not handled correctly if the SELECT part contained
`\Z'. (Bug#24293: http://bugs.mysql.com/24293)
* Inserting a row into a table without specifying a value for a
BINARY(N) NOT NULL column caused the column to be set to
spaces, not zeroes. (Bug#14171: http://bugs.mysql.com/14171)
* An assertion failed incorrectly for prepared statements that
contained a single-row non-correlated subquery that was used
as an argument of the IS NULL predicate.
* A table created with the ROW_FORMAT = FIXED table option loses
the option if an index is added or dropped with CREATE INDEX
or DROP INDEX. (Bug#23404: http://bugs.mysql.com/23404)
* Dropping a user-defined function sometimes did not remove the
UDF entry from the mysql.proc table.
* Changing the value of MI_KEY_BLOCK_LENGTH in myisam.h and
recompiling MySQL resulted in a myisamchk that saw existing
MyISAM tables as corrupt.
* Instance Manager could crash during shutdown.
* A deadlock could occur, with the server hanging on Closing
tables, with a sufficient number of concurrent INSERT DELAYED,
FLUSH TABLES, and ALTER TABLE operations.
* A user-defined variable could be assigned an incorrect value
if a temporary table was employed in obtaining the result of
the query used to determine its value.
* The optimizer removes expressions from GROUP BY and DISTINCT
clauses if they happen to participate in expression = constant
predicates of the WHERE clause, the idea being that, if the
expression is equal to a constant, then it cannot take on
multiple values. However, for predicates where the expression
and the constant item are of different result types (for
example, when a string column is compared to 0), this is not
valid, and can lead to invalid results in such cases. The
optimizer now performs an additional check of the result types
of the expression and the constant; if their types differ,
then the expression is not removed from the GROUP BY list.
* Referencing an ambiguous column alias in an expression in the
ORDER BY clause of a query caused the server to crash.
* Some CASE statements inside stored routines could lead to
excessive resource usage or a crash of the server.
* Some joins in which one of the joined tables was a view could
return erroneous results or crash the server.
* OPTIMIZE TABLE tried to sort R-tree indexes such as spatial
indexes, although this is not possible (see Section 184.108.40.206,
"OPTIMIZE TABLE Syntax").
* User-defined variables could consume excess memory, leading to
a crash caused by the exhaustion of resources available to the
MEMORY storage engine, due to the fact that this engine is
used by MySQL for variable storage and intermediate results of
GROUP BY queries. Where SET had been used, such a condition
could instead give rise to the misleading error message You
may only use constant expressions with SET, rather than Out of
memory (Needed NNNNNN bytes).
* InnoDB: During a restart of the MySQL Server that followed the
creation of a temporary table using the InnoDB storage engine,
MySQL failed to clean up in such a way that InnoDB still
attempted to find the files associated with such tables.
* A multi-table DELETE QUICK could sometimes cause one of the
affected tables to become corrupted.
* A compressed MyISAM table that became corrupted could crash
myisamchk and possibly the MySQL Server.
* A crash of the MySQL Server could occur when unpacking a BLOB
column from a row in a corrupted MyISAM table. This could
happen when trying to repair a table using either REPAIR TABLE
or myisamchk; it could also happen when trying to access such
a "broken" row using statements like SELECT if the table was
not marked as crashed.
* The FEDERATED storage engine did not support the euckr
character set. (Bug#21556: http://bugs.mysql.com/21556)
* The FEDERATED storage engine did not support the utf8
character set. (Bug#17044: http://bugs.mysql.com/17044)
* NDB Cluster: Hosts in clusters with a large number of nodes
could experience excessive CPU usage while obtaining
configuration data. (Bug#25711: http://bugs.mysql.com/25711)
* NDB Cluster (NDB API): Invoking the NdbTransaction::execute()
method using execution type Commit and abort option
AO_IgnoreError could lead to a crash of the transaction
coordinator (DBTC). (Bug#25090: http://bugs.mysql.com/25090)
* NDB Cluster (NDB API): A unique index lookup on a non-existent
tuple could lead to a data node timeout (error 4012).
* NDB Cluster: When a data node was shut down using the
management client STOP command, a connection event
(NDB_LE_Connected) was logged instead of a disconnection event
Enjoy and regards,
Mads Martin Joergensen, Release Manager
MySQL AB, Odense, Denmark -- www.mysql.com
|• MySQL Community Server 5.0.37 has been released||Mads Martin Joergensen||12 Mar|