List:Packagers« Previous MessageNext Message »
From:Joerg Bruehe Date:May 1 2006 10:22pm
Subject:MySQL 5.0.21 has been released
View as plain text  
Hi,


MySQL 5.0.21, a new version of the popular Open Source Database
Management System, has been released. The Community Edition is now
available in source and binary form for a number of platforms from our
download pages at
      http://dev.mysql.com/downloads/ and mirror sites.

Note that not all mirror sites may be up to date at this point in time -
if you can't find this version on some mirror, please try again later or
choose another download site.

This is a bugfix release for the current production release family.

This MySQL 5.0.21 release includes the patches for recently reported
security vulnerabilites in the MySQL client-server protocol. We would
like to thank Stefano Di Paola <stefano.dipaola@stripped> for finding
and reporting these to us.

This section documents all changes and bug fixes that have been
applied since the last official MySQL release. If you would like
to receive more fine-grained and personalised update alerts about
fixes that are relevant to the version and features you use,
please consider subscribing to MySQL Network (a commercial MySQL
offering). For more details please see
http://www.mysql.com/network/advisors.html.

We welcome and appreciate your feedback!


Functionality added or changed:
    * Security enhancement: Added the global max_prepared_stmt_count
      system variable to limit the total number of prepared
      statements in the server. This limits the potential for
      denial-of-service attacks based on causing the server to run
      causing the server to run out of memory by preparing huge numbers
      of statements. The current number of prepared statements is
      available through the 'prepared_stmt_count' status variable.
      (Bug#16365: http://bugs.mysql.com/16365)
    * NDB Cluster: It is now possible to perform a partial start of
      a cluster. That is, it is now possible to bring up the cluster
      without running ndbd --initial on all configured data nodes
      first. (Bug#18606: http://bugs.mysql.com/18606)
    * NDB Cluster: It is now possible to install MySQL with Cluster
      support to a non-default location and change the search path
      for font description files using either the --basedir or
      --character-sets-dir options. (Previously in MySQL 5.0, ndbd
      searched only the default path for character sets.)
    * In result set metadata, the MYSQL_FIELD.length value for BIT
      columns now is reported in number of bits. For example, the
      value for a BIT(9) column is 9. (Formerly, the value was
      related to number of bytes.)
      (Bug#13601: http://bugs.mysql.com/13601)
    * The default for the innodb_thread_concurrency system variable
      was changed to 8. (Bug#15868: http://bugs.mysql.com/15868)

Bugs fixed:
    * Security bugfix: A malicious client, using specially crafted
      invalid COM_TABLE_DUMP packets was able to trigger an exploitable
      buffer overflow on the server. Thanks to Stefano Di Paola
      <stefano.dipaola@stripped> for finding and reporting this bug.
    * Security bugfix: A malicious client, using specially crafted
      invalid login or COM_TABLE_DUMP packets was able to read
      uninitialized memory, which potentially, though unlikely in MySQL,
      could lead to an information disclosure. Thanks to Stefano Di Paola
      <stefano.dipaola@stripped> for finding and reporting this bug.
    * NDB Cluster: A simultaneous DROP TABLE and table update
      operation utilising a table scan could trigger a node failure.
      (Bug#18597: http://bugs.mysql.com/18597)
    * Conversion of a number to a CHAR UNICODE string returned an
      invalid result. (Bug#18691: http://bugs.mysql.com/18691)
    * DELETE and UPDATE statements that used large NOT IN
      (value_list) clauses could use large amounts of memory.
      (Bug#15872: http://bugs.mysql.com/15872)
    * Prevent recursive views caused by using RENAME TABLE on a view
      after creating it. (Bug#14308: http://bugs.mysql.com/14308)
    * A LOCK TABLES statement that failed could cause MyISAM not to
      update table statistics properly, causing a subsequent CHECK
      TABLE to report table corruption.
      (Bug#18544: http://bugs.mysql.com/18544)
    * For a reference to a non-existent stored function in a stored
      routine that had a CONTINUE handler, the server continued as
      though a useful result had been returned, possibly resulting
      in a server crash. (Bug#18787: http://bugs.mysql.com/18787)
    * InnoDB did not use a consistent read for CREATE ... SELECT
      when innodb_locks_unsafe_for_binlog was set.
      (Bug#18350: http://bugs.mysql.com/18350)
    * InnoDB could read a delete mark from its system tables
      incorrectly. (Bug#19217: http://bugs.mysql.com/19217)
    * Corrected a syntax error in mysql-test-run.sh.
      (Bug#19190: http://bugs.mysql.com/19190)
    * A missing DBUG_RETURN() caused the server to emit a spurious
      error message: missing DBUG_RETURN or DBUG_VOID_RETURN macro
      in function "open_table".
      (Bug#18964: http://bugs.mysql.com/18964)
    * DROP DATABASE did not drop stored routines associated with the
      database if the database name was longer than 21 characters.
      (Bug#18344: http://bugs.mysql.com/18344)
    * Avoid trying to include <asm/atomic.h> when it doesn't work in
      C++ code. (Bug#13621: http://bugs.mysql.com/13621)
    * Executing SELECT on a large table that had been compressed
      within myisampack could cause a crash.
      (Bug#17917: http://bugs.mysql.com/17917)
    * NDB Cluster: When attempting to create an index on a BIT or
      BLOB column, Error 743: Unsupported character set in table or
      index was returned instead of Error 906: Unsupported attribute
      type in index.
    * Within stored routines, usernames were parsed incorrectly if
      they were enclosed within quotes.
      (Bug#13310: http://bugs.mysql.com/13310)
    * Casting a string to DECIMAL worked, but casting a trimmed
      string (using LTRIM() or RTRIM()) resulted in loss of decimal
      digits. (Bug#17043: http://bugs.mysql.com/17043)
    * NDB Cluster: On slow networks or CPUs, the management client
      SHOW command could sometimes erroneously show all data nodes
      as being master nodes belonging to nodegroup 0.
      (Bug#15530: http://bugs.mysql.com/15530)
    * If the second or third argument to BETWEEN was a constant
      expression such as '2005-09-01 - INTERVAL 6 MONTH' and the
      other two arguments were columns, BETWEEN was evaluated
      incorrectly. (Bug#18618: http://bugs.mysql.com/18618)
    * If the first argument to BETWEEN was a DATE or TIME column of
      a view and the other arguments were constants, BETWEEN did not
      perform conversion of the constants to the appropriate
      temporary type, resulting in incorrect evaluation.
      (Bug#16069: http://bugs.mysql.com/16069)
    * Server and clients ignored the --sysconfdir option that was
      passed to configure. (Bug#15069: http://bugs.mysql.com/15069)
    * NDB Cluster: In a 2-node cluster with a node failure,
      restarting the node with a low value for StartPartialTimeout
      could cause the cluster to come up partitioned ("split-brain"
      issue). (Bug#16447: http://bugs.mysql.com/16447)
      A similar issue could occur when the cluster was first started
      with a sufficiently low value for this parameter.
      (Bug#18612: http://bugs.mysql.com/18612)
    * NDB Cluster: On systems with multiple network interfaces, data
      nodes would get "stuck" in startup phase 2 if the interface
      connecting them to the management server was working on node
      startup while the interface interconnecting the data nodes
      experienced a temporary outage.
      (Bug#15695: http://bugs.mysql.com/15695)
    * NDB Cluster: Unused open handlers for tables in which the
      metadata had changed were not properly closed. This could
      result in stale results from Cluster tables following an ALTER
      TABLE. (Bug#13228: http://bugs.mysql.com/13228)
    * NDB Cluster: Uninitialised internal variables could lead to
      unexpected results. (Bug#11033: http://bugs.mysql.com/11033,
      Bug#11034: http://bugs.mysql.com/11034)
    * For InnoDB tables, an expression of the form col_name BETWEEN
      col_name2 - INTERVAL x DAY AND col_name2 + INTERVAL x DAY when
      used in a join returned incorrect results.
      (Bug#14360: http://bugs.mysql.com/14360)
    * INSERT DELAYED into a view caused an infinite loop.
      (Bug#13683: http://bugs.mysql.com/13683)
    * Lettercase in database name qualifiers was not consistently
      handled properly in queries when lower_case_table_names was
      set to 1. (Bug#15917: http://bugs.mysql.com/15917)
    * The optimizer could cause a server crash or use a non-optimal
      subset of indexes when evaluating whether to use Index
      Merge/Intersection variant of index_merge optimization.
      (Bug#19021: http://bugs.mysql.com/19021)
    * The presence of multiple equalities in a condition after
      reading a constant table could cause the optimizer not to use
      an index. This resulted in certain queries being much slower
      than in MySQL 4.1. (Bug#16504: http://bugs.mysql.com/16504)
    * A recent change caused the mysql client not to display NULL
      values correctly and to display numeric columns left-justified
      rather than right-justified. The problems have been corrected.
      (Bug#18265: http://bugs.mysql.com/18265)
    * mysql_reconnect() sent a SET NAMES statement to the server,
      even for pre-4.1 servers that do not understand the statement.
      (Bug#18830: http://bugs.mysql.com/18830)
    * COUNT(*) on a MyISAM table could return different results for
      the base table and a view on the base table.
      (Bug#18237: http://bugs.mysql.com/18237)
    * DELETE with LEFT JOIN for InnoDB tables could crash the server
      if innodb_locks_unsafe_for_binlog was enabled.
      (Bug#15650: http://bugs.mysql.com/15650)
    * InnoDB failure to release an adaptive hash index latch could
      cause a server crash if the query cache was enabled.
      (Bug#15758: http://bugs.mysql.com/15758)
    * For mysql.server, if the basedir option was specified after
      datadir in an option file, the setting for datadir was ignored
      and assumed to be located under basedir.
      (Bug#16240: http://bugs.mysql.com/16240)
    * The euro sign (€) was not stored correctly in columns using
      the latin1_german1_ci or latin1_general_ci collation.
      (Bug#18321: http://bugs.mysql.com/18321)
    * EXTRACT(QUARTER FROM date) returned unexpected results.
      (Bug#18100: http://bugs.mysql.com/18100)
    * TRUNCATE did not reset the AUTO_INCREMENT counter for MyISAM
      tables when issued inside a stored procedure.
      (Bug#14945: http://bugs.mysql.com/14945)
      Note: This bug did not affect InnoDB tables. Also, TRUNCATE
      does not reset the AUTO_INCREMENT counter for NDBCluster
      tables regardless of when it is called (see
      Bug#18864: http://bugs.mysql.com/18864).
    * The server was always built as though
      --with-extra-charsets=complex had been specified.
      (Bug#12076: http://bugs.mysql.com/12076)
    * A query using WHERE (column_1, column_2) IN ((value_1,
      value_2)[, (..., ...), ...]) would return incorrect results.
      (Bug#16248: http://bugs.mysql.com/16248)
    * Queries of the form SELECT DISTINCT timestamp_column WHERE
      date_function(timestamp_col) = constant did not return all
      matching rows. (Bug#16710: http://bugs.mysql.com/16710)
    * When running a query that contained a GROUP_CONCAT( SELECT
      GROUP_CONCAT(...) ), the result was NULL except in the ROLLUP
      part of the result, if there was one.
      (Bug#15560: http://bugs.mysql.com/15560)
    * For tables created in a MySQL 4.1 installation upgraded to
      MySQL 5.0 and up, multiple-table updates could update only the
      first matching row. (Bug#16281: http://bugs.mysql.com/16281)
    * NDB Cluster: When multiple node restarts were attempted
      without allowing each restart to complete, the error message
      returned was Array index out of bounds rather than Too many
      crashed replicas. (Bug#18349: http://bugs.mysql.com/18349)
    * CAST (double AS SIGNED INT) for large double values outside the
      signed integer range truncates the result to be within range,
      but the result sometimes had the wrong sign, and no warning
      was generated. (Bug#15098: http://bugs.mysql.com/15098)
    * Updating a field value when also requesting a lock with
      GET_LOCK() would cause slave servers in a replication
      environment to terminate.
      (Bug#17284: http://bugs.mysql.com/17284)

Enjoy!
Joerg

-- 
Joerg Bruehe, Senior Production Engineer
MySQL AB, www.mysql.com

Thread
MySQL 5.0.21 has been releasedJoerg Bruehe2 May