Author: paul
Date: 2006-05-25 22:37:22 +0200 (Thu, 25 May 2006)
New Revision: 2206
Log:
r10054@polar: paul | 2006-05-25 15:34:59 -0500
Document bugfixes:
Bug#19700
Bug#19816
Modified:
trunk/
trunk/refman-common/news-4.1.xml
trunk/refman-common/news-5.0.xml
trunk/refman-common/news-5.1.xml
Property changes on: trunk
___________________________________________________________________
Name: svk:merge
- 4767c598-dc10-0410-bea0-d01b485662eb:/mysqldoc-local/mysqldoc/trunk:10053
b5ec3a16-e900-0410-9ad2-d183a3acac99:/mysqldoc-local/mysqldoc/trunk:10691
bf112a9c-6c03-0410-a055-ad865cd57414:/mysqldoc-local/mysqldoc/trunk:7517
+ 4767c598-dc10-0410-bea0-d01b485662eb:/mysqldoc-local/mysqldoc/trunk:10054
b5ec3a16-e900-0410-9ad2-d183a3acac99:/mysqldoc-local/mysqldoc/trunk:10691
bf112a9c-6c03-0410-a055-ad865cd57414:/mysqldoc-local/mysqldoc/trunk:7517
Modified: trunk/refman-common/news-4.1.xml
===================================================================
--- trunk/refman-common/news-4.1.xml 2006-05-25 20:37:07 UTC (rev 2205)
+++ trunk/refman-common/news-4.1.xml 2006-05-25 20:37:22 UTC (rev 2206)
@@ -4494,8 +4494,8 @@
and isolation level of the transaction is not set to
serializable then <literal>InnoDB</literal> uses a consistent
read for select in clauses like <literal>INSERT
- INTO…SELECT</literal> and
- <literal>UPDATE…(SELECT)</literal> that do not specify
+ INTO ... SELECT</literal> and
+ <literal>UPDATE ... (SELECT)</literal> that do not specify
<literal>FOR UPDATE</literal> or <literal>IN SHARE
MODE</literal>. Thus no locks are set to rows read from
selected table.
Modified: trunk/refman-common/news-5.0.xml
===================================================================
--- trunk/refman-common/news-5.0.xml 2006-05-25 20:37:07 UTC (rev 2205)
+++ trunk/refman-common/news-5.0.xml 2006-05-25 20:37:22 UTC (rev 2206)
@@ -402,6 +402,22 @@
<listitem>
<para>
+ Subqueries that produced a <literal>BIGINT UNSIGNED</literal>
+ value were being treated as returning a signed value. (Bug
+ #19700)
+ </para>
+ </listitem>
+
+ <listitem>
+ <para>
+ The patch for Bug #17164 introduced the problem that some
+ outer joins were incorrectly converted to inner joins. (Bug
+ #19816)
+ </para>
+ </listitem>
+
+ <listitem>
+ <para>
<literal>BLOB</literal> or <literal>TEXT</literal> arguments
to or values returned from stored functions were not copied
properly if too long and could become garbled. (Bug #18587)
Modified: trunk/refman-common/news-5.1.xml
===================================================================
--- trunk/refman-common/news-5.1.xml 2006-05-25 20:37:07 UTC (rev 2205)
+++ trunk/refman-common/news-5.1.xml 2006-05-25 20:37:22 UTC (rev 2206)
@@ -775,6 +775,34 @@
<listitem>
<para>
+ <emphasis role="bold">Security fix</emphasis>: A malicious
+ client, using specially crafted invalid login or
+ <literal>COM_TABLE_DUMP</literal> packets was able to read
+ uninitialized memory, which potentially, though unlikely in
+ MySQL, could have led to an information disclosure.
+ (<ulink url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1516">CVE-2006-1516</ulink>,
+ <ulink url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1517">CVE-2006-1517</ulink>)
+ Thanks to Stefano Di Paola
+ <email>stefano.dipaola@stripped</email> for finding and
+ reporting this bug.
+ </para>
+ </listitem>
+
+ <listitem>
+ <para>
+ <emphasis role="bold">Security fix</emphasis>: A malicious
+ client, using specially crafted invalid
+ <literal>COM_TABLE_DUMP</literal> packets was able to trigger
+ an exploitable buffer overflow on the server.
+ (<ulink url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1518">CVE-2006-1518</ulink>)
+ Thanks to Stefano Di Paola
+ <email>stefano.dipaola@stripped</email> for finding and
+ reporting this bug.
+ </para>
+ </listitem>
+
+ <listitem>
+ <para>
<literal>NDB Cluster</literal> (Replication): Using the
<option>--binlog-do-db</option> option caused problems with
<literal>CREATE TABLE</literal> on the cluster acting as the
@@ -811,34 +839,14 @@
<listitem>
<para>
- <emphasis role="bold">Security fix</emphasis>: A malicious
- client, using specially crafted invalid login or
- <literal>COM_TABLE_DUMP</literal> packets was able to read
- uninitialized memory, which potentially, though unlikely in
- MySQL, could have led to an information disclosure.
- (<ulink url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1516">CVE-2006-1516</ulink>,
- <ulink url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1517">CVE-2006-1517</ulink>)
- Thanks to Stefano Di Paola
- <email>stefano.dipaola@stripped</email> for finding and
- reporting this bug.
+ The patch for Bug #17164 introduced the problem that some
+ outer joins were incorrectly converted to inner joins. (Bug
+ #19816)
</para>
</listitem>
<listitem>
<para>
- <emphasis role="bold">Security fix</emphasis>: A malicious
- client, using specially crafted invalid
- <literal>COM_TABLE_DUMP</literal> packets was able to trigger
- an exploitable buffer overflow on the server.
- (<ulink url="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1518">CVE-2006-1518</ulink>)
- Thanks to Stefano Di Paola
- <email>stefano.dipaola@stripped</email> for finding and
- reporting this bug.
- </para>
- </listitem>
-
- <listitem>
- <para>
A <literal>NUL</literal> byte within a comment in a statement
string caused the rest of the string not to be written to the
query log, allowing logging to be bypassed.
| Thread |
|---|
| • svn commit - mysqldoc@docsrva: r2206 - in trunk: . refman-common | paul | 25 May |
