List:Announcements« Previous MessageNext Message »
From:Mads Martin Joergensen Date:March 12 2007 1:23pm
Subject:MySQL Community Server 5.0.37 has been released
View as plain text  
Dear MySQL users,

MySQL Community Server 5.0.37, a new version of the popular Open Source
Database Management System, has been released. The release is now
available in source and binary form from our download pages at

and mirror sites.

Note that not all mirror sites may be up to date at this point in time,
so if you can't find this version on some mirror, please try again later
or choose another download site.

This is our second full (source and binary) release of the MySQL
Community Server since we made the split between the Community and
Enterprise Version.  It includes all bug fixes applied to up to and
including the MySQL 5.0.36 Enterprise Server.

This release also resolves a crashing bug that could be exploited as a
potential local Denial of Service attack,

We would like to thank Stefan Streichsbier from SEC Consult, who also
informed us about this bug via our security@stripped mail address - he
will send out a separate advisory about his findings.

In addition to these bug fixes we'd like to thank Jeremy Cole for the
contribution of two new features, the SHOW PROFILE statement which
provides access to various profiling information useful to analyze
performance bottlenecks. This information is also visible in the

Unfortunately the SHOW PROFILE implementation as of 5.0.37 still has a
small gotcha, that we will resolve for the next release: the MySQL
command line client hangs if you issue the SHOW PROFILE command without
having enabled the @@profiling session variable before:

So when you evaluate this new feature, make sure to enable it by issuing
"SET @@profiling = 1;" before.

Jeremy also contributed a patch to display the
"Uptime_since_flush_status" status variable, which indicates the number
of seconds since the most recent FLUSH STATUS statement.

We welcome and appreciate your feedback, bug reports, bug fixes,
patches etc.:

The following section lists the changes from version to version in the
MySQL source code as compared to the last released version of MySQL
Community Server, the MySQL Community Server 5.0.33 source only release.
It can also be viewed online at

Functionality added or changed:
 * Added the SHOW PROFILES and SHOW PROFILE statements to display
   statement profile data, and the accompanying
   INFORMATION_SCHEMA.PROFILING table. Profiling is controlled
   via the profiling and profiling_history_size session
   variables. see Section, "SHOW PROFILES and SHOW
   PROFILE Syntax," and Section 20.17, "The INFORMATION_SCHEMA
   PROFILING Table." (From Jeremy Cole)
 * Added the Uptime_since_flush_status status variable, which
   indicates the number of seconds since the most recent FLUSH
   STATUS statement. (From Jeremy Cole)
 * Incompatible change: Previously, the DATE_FORMAT() function
   returned a binary string. Now it returns a string with a
   character set and collation given by character_set_connection
   and collation_connection so that it can return month and
   weekday names containing non-ASCII characters.
 * NDB Cluster: The LockPagesInMainMemory configuration parameter
   has changed its type and possible values. For more
   information, see [1]LockPagesInMainMemory.
   Important: The values true and false are no longer accepted
   for this parameter. If you were using this parameter and had
   it set to false in a previous release, you must change it to
   0. If you had this parameter set to true, you should instead
   use 1 to obtain the same behavior as previously, or 2 to take
   advantage of new functionality introduced with this release
   described in the section cited above.
 * Important: When using MERGE tables the definition of the MERGE
   table and the MyISAM tables are checked each time the tables
   are opened for access (including any SELECT or INSERT
   statement. Each table is compared for column order, types,
   sizes and associated. If there is a difference in any one of
   the tables then the statement will fail.
 * The localhost anonymous user account created during MySQL
   installation on Windows now has no global privileges. Formerly
   this account had all global privileges. For operations that
   require global privileges, the root account can be used
   instead. (Bug#24496:
 * The bundled yaSSL library was upgraded to version 1.5.8.
 * The --skip-thread-priority option now is enabled by default
   for binary Mac OS X distributions. Use of thread priorities
   degrades performance on Mac OS X.
 * Added the --disable-grant-options option to configure. If
   configure is run with this option, the --bootstrap,
   --skip-grant-tables, and --init-file options for mysqld are
   disabled and cannot be used. For Windows, the configure.js
   script recognizes the DISABLE_GRANT_OPTIONS flag, which has
   the same effect.

Bugs fixed:
 * Incompatible change: For ENUM columns that had enumeration
   values containing commas, the commas were mapped to 0xff
   internally. However, this rendered the commas
   indistinguishable from true 0xff characters in the values.
   This no longer occurs. However, the fix requires that you dump
   and reload any tables that have ENUM columns containing true
   0xff in their values: Dump the tables using mysqldump with the
   current server before upgrading from a version of MySQL 5.0
   older than 5.0.36 to version 5.0.36 or newer.
 * If the duplicate key value was present in the table, INSERT
   ... ON DUPLICATE KEY UPDATE reported a row count indicating
   that a record was updated, even when no record actually
   changed due to the old and new values being the same. Now it
   reports a row count of zero.
 * Some UPDATE statements were slower than in previous versions
   when the search key could not be converted to a valid value
   for the type of the search column.
 * The WITH CHECK OPTION clause for views was ignored for updates
   of multiple-table views when the updates could not be
   performed on fly and the rows to update had to be put into
   temporary tables first.
 * Using ORDER BY or GROUP BY could yield different results when
   selecting from a view and selecting from the underlying table.
 * LAST_INSERT_ID() was not reset to 0 if INSERT ... SELECT
   inserted no rows. (Bug#23170:
 * Storing values specified as hexadecimal values 64 or more bits
   long into BIT(64), BIGINT, or BIGINT UNSIGNED columns did not
   raise any warning or error if the value was out of range.
 * Inserting DEFAULT into a column with no default value could
   result in garbage in the column. Now the same result occurs as
   when inserting NULL into a NOT NULL column.
 * The presence of ORDER BY in a view definition prevented the
   MERGE algorithm from being used to resolve the view even if
   nothing else in the definition required the TEMPTABLE
   algorithm. (Bug#12122:
   returned false. (Bug#23938:
 * If a slave server closed its relay log (for example, due to an
   error during log rotation), the I/O thread did not recognize
   this and still tried to write to the log, causing a server
   crash. (Bug#10798:
 * Using an INFORMATION_SCHEMA table with ORDER BY in a subquery
   could cause a server crash.
 * Collation for LEFT JOIN comparisons could be evaluated
   incorrectly, leading to improper query results.
 * For the IF() and COALESCE() function and CASE expressions,
   large unsigned integer values could be mishandled and result
   in warnings. (Bug#22026:
 * The number of setsockopt() calls performed for reads and
   writes to the network socket was reduced to decrease system
   call overhead. (Bug#22943:
 * A WHERE clause that used BETWEEN for DATETIME values could be
   treated differently for a SELECT and a view defined as that
   SELECT. (Bug#26124:
 * ORDER BY on DOUBLE values could change the set of rows
   returned by a query. (Bug#19690:
 * The code for generating USE statements for binary logging of
   CREATE PROCEDURE statements resulted in confusing output from
   mysqlbinlog for DROP PROCEDURE statements.
 * LOAD DATA INFILE did not work with pipes.
 * DISTINCT queries that were executed using a loose scan for an
   InnoDB table that had been emptied caused a server crash.
 * The InnoDB parser sometimes did not account for null bytes,
   causing spurious failure of some queries.
 * Type conversion errors during formation of index search
   conditions were not correctly checked, leading to incorrect
   query results. (Bug#22344:
 * Within a stored routine, accessing a declared routine variable
   with PROCEDURE ANALYSE() caused a server crash.
 * Use of already freed memory caused SSL connections to hang
   forever. (Bug#19209:
 * mysql.server stop timed out too quickly (35 seconds) waiting
   for the server to exit. Now it waits up to 15 minutes, to
   ensure that the server exits.
 * A yaSSL program named test was installed, causing conflicts
   with the test system utility. It is no longer installed.
 * perror crashed on some platforms due to failure to handle a
   NULL pointer. (Bug#25344:
 * mysql_stmt_fetch() did an invalid memory deallocation when
   used with the embedded server.
 * mysql_kill() caused a server crash when used on an SSL
   connection. (Bug#25203:
 * The readline library wrote to uninitialized memory, causing
   mysql to crash. (Bug#19474:
 * yaSSL was sensitive to the presence of whitespace at the ends
   of lines in PEM-encoded certificates, causing a server crash.
 * mysqld_multi and mysqlaccess looked for option files in /etc
   even if the --sysconfdir option for configure had been given
   to specify a different directory.
 * The SEC_TO_TIME() and QUARTER() functions sometimes did not
   handle NULL values correctly.
 * With ONLY_FULL_GROUP_BY enables, the server was too strict:
   Some expressions involving only aggregate values were rejected
   as non-aggregate (for example, MAX(a) - MIN(a)).
 * The arguments of the ENCODE() and the DECODE() functions were
   not printed correctly, causing problems in the output of
   EXPLAIN EXTENDED and in view definitions.
 * An error in the name resolution of nested JOIN ... USING
   constructs was corrected.
 * A return value of -1 from user-defined handlers was not
   handled well and could result in conflicts with server code.
 * The server might fail to use an appropriate index for DELETE
   when ORDER BY, LIMIT, and a non-restricting WHERE are present.
 * Use of ON DUPLICATE KEY UPDATE defeated the usual restriction
   against inserting into a join-based view unless only one of
   the underlying tables is used.
 * Some queries against INFORMATION_SCHEMA that used subqueries
   failed. (Bug#23299:
 * SHOW COLUMNS reported some NOT NULL columns as NULL.
 * View definitions that used the ! operator were treated as
   containing the NOT operator, which has a different precedence
   and can produce different results.
 * For a UNIQUE index containing many NULL values, the optimizer
   would prefer the index for col IS NULL conditions over other
   more selective indexes.
 * GROUP BY and DISTINCT did not group NULL values for columns
   that have a UNIQUE index.
 * ALTER TABLE ... ENABLE KEYS acquired a global lock, preventing
   concurrent execution of other statements that use tables.
 * For an InnoDB table with any ON DELETE trigger, TRUNCATE TABLE
   mapped to DELETE and activated triggers. Now a fast truncation
   occurs and triggers are not activated.
 * For ALTER TABLE, using ORDER BY expression could cause a
   server crash. Now the ORDER BY clause allows only column names
   to be specified as sort criteria (which was the only
   documented syntax, anyway).
 * readline detection did not work correctly on NetBSD.
 * The --with-readline option for configure does not work for
   commercial source packages, but no error message was printed
   to that effect. Now a message is printed.
 * If an ORDER BY or GROUP BY list included a constant expression
   being optimized away and, at the same time, containing
   single-row subselects that return more that one row, no error
   was reported. If a query requires sorting by expressions
   containing single-row subselects that return more than one
   row, execution of the query may cause a server crash.
 * Attempts to access a MyISAM table with a corrupt column
   definition caused a server crash.
 * To enable installation of MySQL RPMs on Linux systems running
   RHEL 4 (which includes SE-Linux) additional information was
   provided to specify some actions that are allowed to the MySQL
   binaries. (Bug#12676:
 * When SET PASSWORD was written to the binary log double quotes
   were included in the statement. If the slave was running in
   with the sql_mode set to ANSI_QUOTES the event would fail and
   halt the replication process.
 * Accessing a fixed record format table with a crashed key
   definition results in server/myisamchk segmentation fault.
 * When opening a corrupted .frm file during a query, the server
   crashes. (Bug#24358:
 * If there was insufficient memory to store or update a blob
   record in a MyISAM table then the table will marked as
   crashed. (Bug#23196:
 * When updating a table that used a JOIN of the table itself
   (for example, when building trees) and the table was modified
   on one side of the expression, the table would either be
   reported as crashed or the wrong rows in the table would be
   updated. (Bug#21310:
 * Queries that evaluate NULL IN (SELECT ... UNION SELECT ...)
   could produce an incorrect result (FALSE instead of NULL).
 * When reading from the standard input on Windows, mysqlbinlog
   opened the input in text mode rather than binary mode and
   consequently misinterpreted some characters such as Control-Z.
 * Within stored routines or prepared statements, inconsistent
   results occurred with multiple use of INSERT ... SELECT ... ON
   erroneously tried to assign a value to a column mentioned only
   in its SELECT part. (Bug#24491:
 * Expressions of the form (a, b) IN (SELECT a, MIN(b) FROM t
   GROUP BY a) could produce incorrect results when column a of
   table t contained NULL values while column b did not.
 * Expressions of the form (a, b) IN (SELECT c, d ...) could
   produce incorrect results if a, b, or both were NULL.
 * No warning was issued for use of the DATA DIRECTORY or INDEX
   DIRECTORY table options on a platform that does not support
   them. (Bug#17498:
 * When a prepared statement failed during the prepare operation,
   the error code was not cleared when it was reused, even if the
   subsequent use was successful.
 * mysql_upgrade failed when called with a basedir pathname
   containing spaces. (Bug#22801:
 * Hebrew-to-Unicode conversion failed for some characters.
   Definitions for the following Hebrew characters (as specified
   by the ISO/IEC 8859-8:1999) were added: LEFT-TO-RIGHT MARK
 * An AFTER UPDATE trigger on an InnoDB table with a composite
   primary key caused the server to crash.
 * A query that contained an EXIST subquery with a UNION over
   correlated and uncorrelated SELECT queries could cause the
   server to crash. (Bug#25219:
 * A query with ORDER BY and GROUP BY clauses where the ORDER BY
   clause had more elements than the GROUP BY clause caused a
   memory overrun leading to a crash of the server.
 * If there was insufficient memory available to mysqld, this
   could sometimes cause the server to hang during startup.
 * If a prepared statement accessed a view, access to the tables
   listed in the query after that view was checked in the
   security context of the view.
 * A query using WHERE unsigned_column NOT IN ('negative_value')
   could cause the server to crash.
 * A FETCH statement using a cursor on a table which was not in
   the table cache could sometimes cause the server to crash.
 * SSL connections could hang at connection shutdown.
 * The STDDEV() function returned a positive value for data sets
   consisting of a single value.
 * mysqltest incorrectly tried to retrieve result sets for some
   queries where no result set was available.
 * mysqltest crashed with a stack overflow.
 * Passing a NULL value to a user-defined function from within a
   stored procedure crashes the server.
 * The row count for MyISAM tables was not updated properly,
   causing SHOW TABLE STATUS to report incorrect values.
 * The BUILD/check-cpu script did not recognize Celeron
   processors. (Bug#20061:
 * On Windows, the SLEEP() function could sleep too long,
   especially after a change to the system clock.
 * A stored routine containing semicolon in its body could not be
   reloaded from a dump of a binary log.
 * For SET, SELECT, and DO statements that invoked a stored
   function from a database other than the default database, the
   function invocation could fail to be replicated.
 * SET lc_time_names = value allowed only exact literal values,
   not expression values.
 * Changes to the lc_time_names system variable were not
   replicated. (Bug#22645:
   and UPDATE statements executed using a full table scan were
   not releasing locks on rows that did not satisfy the WHERE
   condition. (Bug#20390:
 * A stored procedure, executed from a connection using a binary
   character set, and which wrote multibyte data, would write
   incorrectly escaped entries to the binary log. This caused
   syntax errors, and caused replication to fail.
 * mysqldump --order-by-primary failed if the primary key name
   was an identifier that required quoting.
   statements in stored routines or as prepared statements caused
   incorrect results or crashes.
 * The internal functions for table preparation, creation, and
   alteration were not re-execution friendly, causing problems in
   code that: repeatedly altered a table; repeatedly created and
   dropped a table; opened and closed a cursor on a table,
   altered the table, and then reopened the cursor.
 * A workaround was implemented to avoid a race condition in the
   NPTL pthread_exit() implementation.
 * NDB Cluster (Cluster APIs): was not versioned.
 * NDB Cluster: The ndb_size.tmpl file (necessary for using the script) was missing from binary distributions.
 * NDB Cluster: A query with an IN clause against an NDB table
   employing explicit user-defined partitioning did not always
   return all matching rows.
 * NDB Cluster: An UPDATE using an IN clause on an NDB table on
   which there was a trigger caused mysqld to crash.
 * NDB Cluster (Cluster APIs): Deletion of an
   Ndb_cluster_connection object took a very long time.
 * NDB Cluster: It was not possible to create an NDB table with a
   key on two VARCHAR columns where both columns had a storage
   length in excess of 256.
 * NDB Cluster: In some circumstances, shutting down the cluster
   could cause connected mysqld processes to crash.
 * NDB Cluster: Memory allocations for TEXT columns were
   calculated incorrectly, resulting in space being wasted and
   other issues. (Bug#25562:
 * NDB Cluster: The failure of a master node during a node
   restart could lead to a resource leak, causing later node
   failures. (Bug#25554:
 * NDB Cluster: The management server did not handle logging of
   node shutdown events correctly in certain cases.
 * NDB Cluster: A node shutdown occurred if the master failed
   during a commit. (Bug#25364:
 * NDB Cluster: Creating a non-unique index with the USING HASH
   clause silently created an ordered index instead of issuing a
   warning. (Bug#24820:
 * NDB Cluster: SELECT statements with a BLOB or TEXT column in
   the selected column list and a WHERE condition including a
   primary key lookup on a VARCHAR primary key produced empty
   result sets. (Bug#19956:
 * Optimizations that are legal only for subqueries without
   tables and WHERE conditions were applied for any subquery
   without tables. (Bug#24670:
 * The server was built even when configure was run with the
   --without-server option.
 * mysqld_error.h was not installed when only the client
   libraries were built. (Bug#21265:
 * Using a view in combination with a USING clause caused column
   aliases to be ignored.
 * A view was not handled correctly if the SELECT part contained
   `\Z'. (Bug#24293:
 * Inserting a row into a table without specifying a value for a
   BINARY(N) NOT NULL column caused the column to be set to
   spaces, not zeroes. (Bug#14171:
 * An assertion failed incorrectly for prepared statements that
   contained a single-row non-correlated subquery that was used
   as an argument of the IS NULL predicate.
 * A table created with the ROW_FORMAT = FIXED table option loses
   the option if an index is added or dropped with CREATE INDEX
   or DROP INDEX. (Bug#23404:
 * Dropping a user-defined function sometimes did not remove the
   UDF entry from the mysql.proc table.
 * Changing the value of MI_KEY_BLOCK_LENGTH in myisam.h and
   recompiling MySQL resulted in a myisamchk that saw existing
   MyISAM tables as corrupt.
 * Instance Manager could crash during shutdown.
 * A deadlock could occur, with the server hanging on Closing
   tables, with a sufficient number of concurrent INSERT DELAYED,
   FLUSH TABLES, and ALTER TABLE operations.
 * A user-defined variable could be assigned an incorrect value
   if a temporary table was employed in obtaining the result of
   the query used to determine its value.
 * The optimizer removes expressions from GROUP BY and DISTINCT
   clauses if they happen to participate in expression = constant
   predicates of the WHERE clause, the idea being that, if the
   expression is equal to a constant, then it cannot take on
   multiple values. However, for predicates where the expression
   and the constant item are of different result types (for
   example, when a string column is compared to 0), this is not
   valid, and can lead to invalid results in such cases. The
   optimizer now performs an additional check of the result types
   of the expression and the constant; if their types differ,
   then the expression is not removed from the GROUP BY list.
 * Referencing an ambiguous column alias in an expression in the
   ORDER BY clause of a query caused the server to crash.
 * Some CASE statements inside stored routines could lead to
   excessive resource usage or a crash of the server.
 * Some joins in which one of the joined tables was a view could
   return erroneous results or crash the server.
 * OPTIMIZE TABLE tried to sort R-tree indexes such as spatial
   indexes, although this is not possible (see Section,
   "OPTIMIZE TABLE Syntax").
 * User-defined variables could consume excess memory, leading to
   a crash caused by the exhaustion of resources available to the
   MEMORY storage engine, due to the fact that this engine is
   used by MySQL for variable storage and intermediate results of
   GROUP BY queries. Where SET had been used, such a condition
   could instead give rise to the misleading error message You
   may only use constant expressions with SET, rather than Out of
   memory (Needed NNNNNN bytes).
 * InnoDB: During a restart of the MySQL Server that followed the
   creation of a temporary table using the InnoDB storage engine,
   MySQL failed to clean up in such a way that InnoDB still
   attempted to find the files associated with such tables.
 * A multi-table DELETE QUICK could sometimes cause one of the
   affected tables to become corrupted.
 * A compressed MyISAM table that became corrupted could crash
   myisamchk and possibly the MySQL Server.
 * A crash of the MySQL Server could occur when unpacking a BLOB
   column from a row in a corrupted MyISAM table. This could
   happen when trying to repair a table using either REPAIR TABLE
   or myisamchk; it could also happen when trying to access such
   a "broken" row using statements like SELECT if the table was
   not marked as crashed.
 * The FEDERATED storage engine did not support the euckr
   character set. (Bug#21556:
 * The FEDERATED storage engine did not support the utf8
   character set. (Bug#17044:
 * NDB Cluster: Hosts in clusters with a large number of nodes
   could experience excessive CPU usage while obtaining
   configuration data. (Bug#25711:
 * NDB Cluster (NDB API): Invoking the NdbTransaction::execute()
   method using execution type Commit and abort option
   AO_IgnoreError could lead to a crash of the transaction
   coordinator (DBTC). (Bug#25090:
 * NDB Cluster (NDB API): A unique index lookup on a non-existent
   tuple could lead to a data node timeout (error 4012).
 * NDB Cluster: When a data node was shut down using the
   management client STOP command, a connection event
   (NDB_LE_Connected) was logged instead of a disconnection event

Enjoy and regards,
        Mads Martin

Mads Martin Joergensen, Release Manager
MySQL AB, Odense, Denmark --
MySQL Community Server 5.0.37 has been releasedMads Martin Joergensen12 Mar