Hi,
MySQL 4.1.19, a new version of the popular Open Source Database
Management System, has been released. The Community Edition is now
available in source and binary form for a number of platforms from our
download pages at
http://dev.mysql.com/downloads/ and mirror sites.
Note that not all mirror sites may be up to date at this point in time -
if you can't find this version on some mirror, please try again later or
choose another download site.
This is a bugfix release for the recent production release family.
This MySQL 4.1.19 release includes the patches for recently reported
security vulnerabilites in the MySQL client-server protocol. We would
like to thank Stefano Di Paola <[EMAIL PROTECTED]> for finding
and reporting these to us.
This section documents all changes and bug fixes that have been
applied since the last official MySQL release. If you would like
to receive more fine-grained and personalised update alerts about
fixes that are relevant to the version and features you use,
please consider subscribing to MySQL Network (a commercial MySQL
offering). For more details please see
http://www.mysql.com/network/advisors.html.
We welcome and appreciate your feedback!
Functionality added or changed:
* Security enhancement: Added the global max_prepared_stmt_count
system variable to limit the total number of prepared
statements in the server. This limits the potential for
denial-of-service attacks based on running the server out of
memory by preparing huge numbers of statements. The current
number of prepared statements is available through the
prepared_stmt_count system variable.
(Bug#16365: http://bugs.mysql.com/16365)
* InnoDB now caches a list of unflushed files instead of
scanning for unflushed files during a table flush operation.
This improves performance when --innodb-file-per-table is set
on a system with a large number of InnoDB tables.
(Bug#15653: http://bugs.mysql.com/15653)
* New charset command added to mysql command-line client. By
typing charset name or \C name (such as \C UTF8), the client
character set can be changed without reconnecting.
(Bug#16217: http://bugs.mysql.com/16217)
* Large file support was re-enabled for the MySQL server binary
for the AIX 5.2 platform.
(Bug#13571: http://bugs.mysql.com/13571)
* When using the GROUP_CONCAT() function where the
group_concat_max_len system variable was greater than 512, the
type of the result was BLOB only if the query included an
ORDER BY clause; otherwise the result was a VARCHAR.
The result type of the GROUP_CONCAT() function is now VARCHAR
only if the value of the group_concat_max_len system variable
is less than or equal to 512. Otherwise, this function returns
a BLOB. (Bug#14169: http://bugs.mysql.com/14169)
Bugs fixed:
* Security fix: A malicious client, using specially crafted
invalid login or COM_TABLE_DUMP packets was able to read
uninitialized memory, which potentially, though unlikely in
MySQL, could have led to an information disclosure. Thanks to
Stefano Di Paola <[EMAIL PROTECTED]> for finding and
reporting this bug.
* NDB Cluster: A simultaneous DROP TABLE and table update
operation utilising a table scan could trigger a node failure.
(Bug#18597: http://bugs.mysql.com/18597)
* NDB Cluster: Backups could fail for large clusters with many
tables, where the number of tables approached MaxNoOfTables.
(Bug#17607: http://bugs.mysql.com/17607)
* The IN-to-EXISTS transformation was making a reference to a
parse tree fragment that was left out of the parse tree. This
caused problems with prepared statements.
(Bug#18492: http://bugs.mysql.com/18492)
* Attempting to set the default value of an ENUM or SET column
to NULL caused a server crash.
(Bug#19145: http://bugs.mysql.com/19145)
* Index corruption could occur in cases when
key_cache_block_size was not a multiple of myisam_block_size
(for example, with key_cache_block_size=1536 and
myisam_block_size=1024).
(Bug#19079: http://bugs.mysql.com/19079)
* UNCOMPRESS(NULL) could cause subsequent UNCOMPRESS() calls to
return NULL for legal non-NULL arguments.
(Bug#18643: http://bugs.mysql.com/18643)
* Conversion of a number to a CHAR UNICODE string returned an
invalid result. (Bug#18691: http://bugs.mysql.com/18691)
* A call to MIN() with a CASE expression as its argument could
return a non-minimum value.
(Bug#17896: http://bugs.mysql.com/17896)
* A LOCK TABLES statement that failed could cause MyISAM not to
update table statistics properly, causing a subsequent CHECK
TABLE to report table corruption.
(Bug#18544: http://bugs.mysql.com/18544)
* Avoid trying to include <asm/atomic.h> when it doesn't work in
C++ code. (Bug#13621: http://bugs.mysql.com/13621)
* Executing SELECT on a large table that had been compressed
within myisampack could cause a crash.
(Bug#17917: http://bugs.mysql.com/17917)
* NDB Cluster: In a 2-node cluster with a node failure,
restarting the node with a low value for StartPartialTimeout
could cause the cluster to come up partitioned ("split-brain"
issue). (Bug#16447: http://bugs.mysql.com/16447)
A similar issue could occur when the cluster was first started
with a sufficiently low value for this parameter.
(Bug#18612: http://bugs.mysql.com/18612)
* NDB Cluster: On systems with multiple network interfaces, data
nodes would get "stuck" in startup phase 2 if the interface
connecting them to the management server was working on node
startup while the interface interconnecting the data nodes
experienced a temporary outage.
(Bug#15695: http://bugs.mysql.com/15695)
* mysql_config returned incorrect libraries on x86_64 systems.
(Bug#13158: http://bugs.mysql.com/13158)
* mysql_reconnect() sent a SET NAMES statement to the server,
even for pre-4.1 servers that do not understand the statement.
(Bug#18830: http://bugs.mysql.com/18830)
* During conversion from one character set to ucs2, multi-byte
characters with no ucs2 equivalent were converted to multiple
characters, rather than to 0x003F QUESTION MARK.
(Bug#15375: http://bugs.mysql.com/15375)
* The mysql_close() C API function leaked handles for
share-memory connections on Windows.
(Bug#15846: http://bugs.mysql.com/15846)
* The euro sign (€) was not stored correctly in columns using
the latin1_german1_ci or latin1_general_ci collation.
(Bug#18321: http://bugs.mysql.com/18321)
* The server was always built as though
--with-extra-charsets=complex had been specified.
(Bug#12076: http://bugs.mysql.com/12076)
* SELECT ... WHERE column LIKE 'A%' when column had a key and
used the latin2_czech_cs collation.
(Bug#17374: http://bugs.mysql.com/17374)
* A query using WHERE (column_1, column_2) IN ((value_1,
value_2)[, (..., ...), ...]) would return incorrect results.
(Bug#16248: http://bugs.mysql.com/16248)
* The -lmtmalloc library was removed from the output of
mysql_config on Solaris, as it caused problems when building
DBD::mysql (and possibly other applications) on that platform
that tried to use dlopen() to access the client library.
(Bug#18322: http://bugs.mysql.com/18322)
* When running a query that contained a GROUP_CONCAT( SELECT
GROUP_CONCAT(...) ), the result was NULL except in the ROLLUP
part of the result, if there was one.
(Bug#15560: http://bugs.mysql.com/15560)
* CASTdouble AS SIGNED INT) for large double values outside the
signed integer range truncates the result to be within range,
but the result sometimes had the wrong sign.
(Bug#15098: http://bugs.mysql.com/15098)
* SET value definitions containing commas were not rejected. Now
a definition such as SET('a,b','c,d') results in an error.
(Bug#15316: http://bugs.mysql.com/15316)
* MyISAM: Keys for which the first part of the key was a CHAR or
VARCHAR column using the UTF-8 character set and longer than
254 bytes could become corrupted.
(Bug#17705: http://bugs.mysql.com/17705)
* NDB Cluster: A timeout in the handling of an ABORT condition
with more that 32 operations could yield a node failure.
(Bug#18414: http://bugs.mysql.com/18414)
* NDB Cluster: A node restart immediately following a CREATE
TABLE would fail. Important: This fix supports 2-node Clusters
only. (Bug#18385: http://bugs.mysql.com/18385)
* NDB Cluster: In event of a node failure during a rollback, a
"false" lock could be established on the backup for that node,
which lock could not be removed without restarting the node.
(Bug#18352: http://bugs.mysql.com/18352)
* NDB Cluster: The cluster created a crashed replica of a table
having an ordered index --- or when logging was not enabled,
of a table having a table or unique index --- leading to a
crash of the cluster following 8 successibe restarts.
(Bug#18298: http://bugs.mysql.com/18298)
* NDB Cluster: When replacing a failed master node, the
replacement node could cause the cluster to crash from a
buffer overflow if it had an excessively large amount of data
to write to the cluster log.
(Bug#18118: http://bugs.mysql.com/18118)
* NDB Cluster: Restarting nodes were allowed to start and join
the cluster too early.
(Bug#16772: http://bugs.mysql.com/16772)
* If InnoDB encountered a HA_ERR_LOCK_TABLE_FULL error and
rolled back a transaction, the transaction was still written
to the binary log. (Bug#18283: http://bugs.mysql.com/18283)
* Connecting to a server with a UCS2 default character set with
a client using a non-UCS2 character set crashed the server.
(Bug#18004: http://bugs.mysql.com/18004)
* Character set conversion of string constants for UNION of
constant and table column was not done when it was safe to do
so. (Bug#15949: http://bugs.mysql.com/15949)
* Use of TRUNCATE TABLE for a TEMPORARY table on a master server
was propagated to slaves properly, but slaves did not
decrement the Slave_open_temp_tables counter properly.
(Bug#17137: http://bugs.mysql.com/17137)
* SELECT COUNT(*) for a MyISAM table could return different
results depending on whether an index was used.
(Bug#14980: http://bugs.mysql.com/14980)
* Large file support did not work in AIX server binaries.
(Bug#10776: http://bugs.mysql.com/10776)
* Security Improvement: GRANTs to users with wildcards in their
host information could be erroneously applied to similar users
with the same username and similar wildcards. For example, a
privilege granted to [EMAIL PROTECTED] are also applied to user [EMAIL
PROTECTED]
(Bug#14385: http://bugs.mysql.com/14385)
* NDB Cluster: Inserting and deleting BLOB column values while a
backup was in process could cause the loss of an ndbd node.
(Bug#14028: http://bugs.mysql.com/14028)
* Setting the myisam_repair_threads system variable to a value
larger than 1 could cause corruption of large MyISAM tables.
(Bug#11527: http://bugs.mysql.com/11527)
* Security improvement: In grant table comparisons, improper use
of a latin1 collation caused some hostname matches to be true
that should have been false. Thanks to Deomid Ryabkov for
finding this bug and proposing a solution.
(Bug#15756: http://bugs.mysql.com/15756)
* NDB Cluster: ndb_delete_all would run out of memory on tables
containing BLOB columns.
(Bug#16693: http://bugs.mysql.com/16693)
* A statement containing GROUP BY and HAVING clauses could
return incorrect results when the HAVING clause contained
logic that returned FALSE for every row.
(Bug#14927: http://bugs.mysql.com/14927)
* mysqldump tried to dump data from a view. (In MySQL 4.1, this
applies when connecting to a server from MySQL 5.0 or higher.)
(Bug#16389: http://bugs.mysql.com/16389)
* NDB Cluster: An UPDATE with an inner join failed to match any
records if both tables in the join did not have a primary key.
(Bug#17257: http://bugs.mysql.com/17257)
* NDB Cluster: A DELETE with a join in the WHERE clause failed
to retrieve any records if both tables in the join did not
have a primary key. (Bug#17249: http://bugs.mysql.com/17249)
* NDB Cluster: In some cases, LOAD DATA INFILE did not load all
data into NDB tables. (Bug#17081: http://bugs.mysql.com/17081)
* NDB Cluster: The REDO log would become corrupted (and thus
unreadable) in some circumstances, due to a failure in the
query handler. (Bug#17295: http://bugs.mysql.com/17295)
* NDB Cluster: No error message was generated for setting
NoOfFragmentLogFiles too low.
(Bug#13966: http://bugs.mysql.com/13966)
* NDB Cluster: No error message was generated for setting
MaxNoOfAttributes too low.
(Bug#13965: http://bugs.mysql.com/13965)
* Binary distributions for Solaris contained files with group
ownership set to the non-existing wheel group. Now the bin
group is used. (Bug#15562: http://bugs.mysql.com/15562)
* Killing a long-running query containing a subquery could cause
a server crash. (Bug#14851: http://bugs.mysql.com/14851)
* Repeated invocation of my_init() and my_end() caused
corruption of character set data and connection failure.
(Bug#6536: http://bugs.mysql.com/6536)
* A FULLTEXT query in a prepared statement could result in
unexpected behavior. (Bug#14496: http://bugs.mysql.com/14496)
* A FULLTEXT query in a UNION could result in unexpected
behavior. (Bug#16893: http://bugs.mysql.com/16893)
* Server crash when dropping InnoDB constraints named
TABLENAME_ibfk_0. (Bug#16387: http://bugs.mysql.com/16387)
* Corrected race condition when dropping the adaptive hash index
for a B-tree page in InnoDB.
(Bug#16582: http://bugs.mysql.com/16582)
* LOAD DATA FROM MASTER produced invalid warnings and Packet out
of order errors when the database already existed on the
slave. (Bug#15302: http://bugs.mysql.com/15302)
* A key on a MEMORY table would sometimes fail to match a row.
(Bug#12796: http://bugs.mysql.com/12796)
* MYSQL_STMT objects were not preserved following a connection
reset. Attempting to operate on them afterwards caused the
server to crash. (Bug#12744: http://bugs.mysql.com/12744)
Joerg
--
Joerg Bruehe, Senior Production Engineer
MySQL AB, www.mysql.com
Office: (+49 30) 417 01 487 VoIP: [EMAIL PROTECTED]
--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]
