-----BEGIN PGP SIGNED MESSAGE-----
MySQL 3.23.58, a new version of the popular Open Source/Free Software
Database, has been released. It is now available in source and binary form
for a number of platforms from our download pages at
http://www.mysql.com/downloads/ and mirror sites.
Note that not all mirror sites may be up to date at this point in time -
if you can't find this version on some mirror, please try again later or
choose another download site.
This is a bugfix release for the recent production version. It includes a
fix for a potential local security vulnerability which has already been
applied to MySQL 4.0.15 as well.
Please refer to our bug database at http://bugs.mysql.com/ for more
details about the individual bugs fixed in this version.
News from the ChangeLog:
* Fixed buffer overflow in password handling which could potentially
be exploited by MySQL users with `ALTER' privilege on the
`mysql.user' table to execute random code or to gain shell access
with the UID of the mysqld process (thanks to Jedi/Sector One for
spotting and reporting this bug).
* `mysqldump' now correctly quotes all identifiers when communicating
with the server. This assures that during the dump process,
`mysqldump' will never send queries to the server that result in a
syntax error. This problem is *not* related to the `mysqldump'
program's output, which was not changed. (Bug #1148)
* Fixed table/column grant handling - proper sort order (from most
specific to less specific, *note Request access::) was not
honored. (Bug #928)
* Fixed overflow bug in `MyISAM' and `ISAM' when a row is updated in
a table with a large number of columns and at least one `BLOB/TEXT'
* Fixed MySQL so that field length (in C API) for the second column
in `SHOW CREATE TABLE' is always larger than the data length. The
only known application that was affected by the old behaviour was
Borland dbExpress, which truncated the output from the command.
* Fixed `ISAM' bug in `MAX()' optimisation.
* Fixed `Unknown error' when doing `ORDER BY' on reference table
which was used with `NULL' value on `NOT NULL' column. (Bug #479)
Lenz Grimmer <lenz@stripped>
Senior Production Engineer
MySQL GmbH, http://www.mysql.de/
For technical support contracts, visit https://order.mysql.com/?ref=mlgr
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: For info see http://quantumlab.net/pine_privacy_guard/
-----END PGP SIGNATURE-----
|• MySQL 3.23.58 has been released||Lenz Grimmer||15 Sep|