Dear MySQL users,

MySQL Server 5.7.21, a new version of the popular Open Source
Database Management System, has been released. MySQL 5.7.21 is
recommended for use on production systems.

For an overview of what's new in MySQL 5.7, please see

http://dev.mysql.com/doc/refman/5.7/en/mysql-nutshell.html

For information on installing MySQL 5.7.21 on new servers, please see
the MySQL installation documentation at

http://dev.mysql.com/doc/refman/5.7/en/installing.html

MySQL Server 5.7.21 is available in source and binary form for a number of
platforms from our download pages at

http://dev.mysql.com/downloads/mysql/

MySQL Server 5.7.21 is also available from our repository for Linux
platforms, go here for details:

http://dev.mysql.com/downloads/repo/

Windows packages are available via the Installer for Windows or .ZIP
(no-install) packages for more advanced needs. The point and click
configuration wizards and all MySQL products are available in the
unified Installer for Windows:

http://dev.mysql.com/downloads/installer/

5.7.21 also comes with a web installer as an alternative to the full
installer.

The web installer doesn't come bundled with any actual products
and instead relies on download-on-demand to fetch only the
products you choose to install. This makes the initial download
much smaller but increases install time as the individual products
will need to be downloaded.

We welcome and appreciate your feedback, bug reports, bug fixes,
patches, etc.:

http://bugs.mysql.com/report.php

The following link lists the changes in the MySQL 5.7 since the
the release of MySQL 5.7.20.

http://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-21.html

Enjoy!

Changes in MySQL 5.7.21 (2018-01-15, General Availability)

   Configuration Notes

     * For RHEL, SLES, and Fedora RPMs, the default plugin
       directory for debug builds has been changed from
       /usr/lib64/mysql/plugin to /usr/lib64/mysql/plugin/debug.
       (Bug #27072155, Bug #88363)

     * The installation scripts for MySQL Enterprise Audit and
       MySQL Enterprise Firewall now create their associated
       tables in the mysql system database as InnoDB rather than
       MyISAM tables. (Bug #26323351, Bug #26906601)

     * The hardcoded memory page size of 8KB for the
       memory-mapped transaction coordinator was too small for
       platforms such as ARM64 and PowerPC where the page size
       is much larger. The server now invokes a system call to
       get the page size of the current platform rather than
       using a hardcoded value. A consequence for the
       --log-tc-size option is that the minimum and default
       values are now 6 times the page size. Also, the value
       must be a multiple of the page size. Thanks to Alexey
       Kopytov for the patch. (Bug #23014086, Bug #80818, Bug
       #26931470, Bug #87995)

   Performance Schema Notes

     * The Performance Schema setup_timers table is now
       deprecated, to be removed in MySQL 8.0, as is the TICK
       row in the performance_timers table.

   Pluggable Authentication

     * For the LDAP authentication plugins, handling of the
       group search attribute indicated by the
       authentication_ldap_sasl_group_search_attr and
       authentication_ldap_simple_group_search_attr system
       variables is more flexible. If the group search attribute
       is isMemberOf, LDAP authentication directly retrieves the
       user attribute isMemberOf value and assign it as group
       information. If the group search attribute is not
       isMemberOf, LDAP authentication searches for all groups
       where the user is a member. (The latter is the default
       behavior.) This behavior is based on how LDAP group
       information can be stored two ways: 1) A group entry can
       have an attribute named memberUid or member with a value
       that is a user name; 2) A user entry can have an
       attribute named isMemberOf with values that are group
       names. (Bug #26317645)

     * The LDAP authentication plugins now permit the
       authentication string that provides user DN information
       to begin with a + character. In the absence of this
       character, the authentication string value is treated as
       is without modification, as it has been previously. If
       the authentication string begins with +, the plugin
       constructs the full user DN value from the account user
       name as the cn attribute value, together with the
       authentication string (with the + removed). The
       authentication string is stored as given in the
       mysql.user system table, with the full user DN
       constructed on the fly before authentication.
       This account authentication string does not have + at the
       beginning, so it is taken as the full user DN:
       CREATE USER 'admin'
         IDENTIFIED WITH authentication_ldap_simple
         BY "cn=admin,ou=People,dc=example,dc=com";

       This account authentication string does have + at the
       beginning, so it is taken as just part of the full user
       DN:
       CREATE USER 'accounting'
         IDENTIFIED WITH authentication_ldap_simple
         BY "+ou=People,dc=example,dc=com";

       In this case, the full user DN is constructed using
       accounting as the cn attribute together with the
       authentication string, to yield
       "cn=accounting,ou=People,dc=example,dc=com". (Bug
       #26147775)

     * For the LDAP authentication plugins, the group search
       attribute was fixed and not configurable. Two new system
       variables now enable using custom group filters:
       authentication_ldap_sasl_group_search_filter and
       authentication_ldap_simple_group_search_filter. (Bug
       #26091340)

   Security Notes

     * Incompatible Change: Passwords are now restricted to a
       maximum of 256 characters for the sha256_password
       authentication plugin, and for the PASSWORD() function
       when old_passwords=2. Also, the number of password
       hashing rounds is capped to limit CPU time used. (Bug
       #27099029, Bug #27194270)

     * The linked OpenSSL library for the MySQL Commercial
       Server has been updated to version 1.0.2n. Issues fixed
       in the new OpenSSL version are described at
       http://www.openssl.org/news/vulnerabilities.html.
       This change does not affect the Oracle-produced MySQL
       Community build of MySQL Server, which uses the yaSSL
       library instead. (Bug #27212666, Bug #27236394)

   Test Suite Notes

     * Documentation for the MySQL Test Suite is now maintained
       in the MySQL source tree using Doxygen (see

http://dev.mysql.com/doc/dev/mysql-server/latest/PAGE_MYSQL_TEST_RUN.html).
       The related Unix man pages that previously were produced from
       the old test suite manual are no longer updated and have gone
       out of date.
       Consequently, they are no longer included in MySQL
       distributions. (Bug #27021754)

     * The MySQL test suite now includes CRC32() tests. Thanks
       to Daniel Black for the patch. (Bug #26495791, Bug
       #87136)

   Functionality Added or Changed

     * InnoDB: The innodb_undo_tablespaces configuration option
       is deprecated and will be removed in a future release.

     * Replication: Host names can now be specified as part of a
       whitelist for group replication connections, using the
       group_replication_ip_whitelist system variable. Host
       names support CIDR notation. Host names that resolve to
       IPv6 addresses are not supported.
       For host names, name resolution takes place only when a
       connection request is made by another server. A host name
       that cannot be resolved is not considered for whitelist
       validation, and a warning message is written to the error
       log. Forward-confirmed reverse DNS (FCrDNS) verification
       is carried out for resolved host names.
       Warning
       Host names are inherently less secure than IP addresses
       in a whitelist. FCrDNS verification provides a good level
       of protection, but can be compromised by certain types of
       attack. Specify host names in your whitelist only when
       strictly necessary, and ensure that all components used
       for name resolution, such as DNS servers, are maintained
       under your control. You can also implement name
       resolution locally using the hosts file, to avoid the use
       of external components.

     * Replication: The
       group_replication_allow_local_disjoint_gtids_join system
       variable has been deprecated and is scheduled for removal
       in a future version.

     * The -DWITH_ASAN_SCOPE CMake option enables the
       AddressSanitizer -fsanitize-address-use-after-scope Clang
       flag for use-after-scope detection. The default is off.
       To use this option, -DWITH_ASAN must also be enabled.
       (Bug #27095089)

   Bugs Fixed

     * Important Change; Partitioning: Checking for tables that
       used the generic partitioning handler could cause delays
       of several minutes when starting the MySQL Server. To
       keep this from happening, the
       --disable-partition-engine-check option is now enabled by
       default. (Bug #85830, Bug #25846957)

     * Performance; JSON: Creating a representation of a JSON
       string now optimizes for the most common case---that the
       string to be processed contains no special characters
       that need to be escaped---scanning for the first special
       character in the string, and copying each sequence of
       characters which do not require escaping in a single
       memcpy() call, rather than checking each character in
       turn to determine whether it needed to be escaped,
       escaping it if so, and then copying it, one by one, as
       was done previously.
       This fix also corrects a failure to escape the control
       character \u001f, or unit separator character. (Bug
       #86898, Bug #26388690, Bug #87722, Bug #26780307)
       References: See also: Bug #25977595.

     * InnoDB: Multiple updates from different clients on a
       partitioned table caused an unexpected lock wait timeout
       due to an incorrectly set lock type. (Bug #26731025, Bug
       #87619)

     * InnoDB: An ALTER TABLE operation caused the server to
       halt. (Bug #26492721)

     * InnoDB: The innodb_table_stats data dictionary table was
       not updated with new partition names when renaming a
       partitioned table. (Bug #26390658, Bug #86927)

     * InnoDB: A FLUSH TABLES operation failed to drop an
       aborted index. While removing the table from the cache,
       the clustered index was dropped prior to checking for the
       aborted index. (Bug #26256456, Bug #86607)

     * InnoDB: An iterative approach to processing foreign
       cascade operations resulted in excessive memory use. (Bug
       #26191879, Bug #86573)
       References: This issue is a regression of: Bug #16244691.

     * InnoDB: An INSERT operation on table with spatial index
       raised an assertion due to a failure that occurred during
       a lock conflict check. (Bug #25729649)

     * InnoDB: While innodb_undo_log_truncate was enabled,
       warnings that should only appear in a debug version of
       MySQL were printed to the error log when the length of
       the history list exceeded 2000000. (Bug #24296076, Bug
       #82213)

     * InnoDB: Attempting to reduce the buffer pool size to less
       than the buffer pool chunk size did not report a warning.
       (Bug #23590280)

     * InnoDB: A "wrong key column" error was added to address
       an unsupported index creation scenario. (Bug #22486025)

     * InnoDB: Full-text search on indexed columns that use a
       binary collation did not return case sensitive matches.
       (Bug #21625016, Bug #78048)

     * Packaging: When trying to install MySQL Server on Fedora
       27 using the MySQL Yum repository, installation failed
       due to a conflict with the native
       mariadb-connector-c-devel package. With this fix, the
       appropriate "obsoletes" have been added for that and
       other native packages. (Bug #26963839)

     * Replication: All servers that belong to a group must have
       unique UUIDs set by server_uuid, but this was not being
       enforced by Group Replication and it was possible to add
       members with duplicated UUIDs. (Bug #27105803)

     * Replication: Group Replication executes internal
       operations on the server during start and stop of the
       plugin, such as enabling or disabling read only mode,
       using an internal session. When this internal session was
       opened, if the total number of sessions exceeded the
       number of permitted open sessions set by max_connections,
       the operation was failing as expected but a thread was
       left behind, which later would cause issues. (Bug
       #27008102, Bug #27016552)

     * Replication: The fix for Bug #26117735 (MySQL Bug 86288)
       could cause a debug assertion when running mysqlbinlog
       with the --read-from-remote-server option and the
       --rewrite-db option, depending on the database names
       specified in the rewrite rule. The issue has now been
       corrected. (Bug #26878022)

     * Replication: With MySQL compiled using yaSSL, and
       semisynchronous replication in use, a deadlock could be
       caused by incorrect handling of acknowledgement packets.
       Multiple acknowledgement packets can be read together by
       yaSSL, but the receiver thread for semisynchronous
       replication only handled the first acknowledgement packet
       seen after polling. Now, the receiver thread handles all
       acknowledgement packets that are present in the buffer.
       (Bug #26865538)

     * Replication: If Group Replication was configured to start
       on server boot when the server was being initialized
       using --initialize or --initialize-insecure, because the
       replication applier infrastructure was not initialized
       this resulted in an assertion. Now, Group Replication is
       not started when the server is being initialized. (Bug
       #26802395)

     * Replication: In a group with heavy load, joining members
       could need to retrieve a large amount of data to gain
       synchrony with the group. If the amount of data retrieved
       exceeded the View_change packet size of 4Mb the members
       would fail to join the group and enter Error state. Now,
       the packet size is taken from slave_max_allowed_packet,
       which defaults to 1GB. Depending on the load your group
       processes, you might want to increase the packet size
       further by configuring slave_max_allowed_packet. (Bug
       #26770576)

     * Replication: With semisynchronous replication in use, if
       RESET MASTER was issued while an active transaction was
       waiting for an acknowledgement from the slave, the count
       of waiting sessions in the
       Rpl_semi_sync_master_wait_sessions server status variable
       was incorrect after the wait was completed. (Bug
       #26748533)

     * Replication: In a group where a joining member
       consistently received transactions, the joining member
       could sometimes not enter the online state. This was due
       to the way the incoming queue of messages was tested.
       (Bug #26731317)
       References: See also: Bug #27049034.

     * Replication: XA ROLLBACK statements that failed because
       an incorrect transaction ID was given, could be recorded
       in the binary log with the correct transaction ID, and
       could therefore be actioned by replication slaves. A
       check is now made for the error situation before binary
       logging takes place, and failed XA ROLLBACK statements
       are not logged. (Bug #26618925, Bug #87393)

     * Replication: The receiver thread for semisynchronous
       replication was not able to receive acknowledgements from
       slaves that used compression of the master/slave protocol
       (slave_compressed_protocol = ON). The receiver thread now
       handles compressed acknowledgements correctly. (Bug
       #26027024, Bug #86230)

     * Replication: On replication slaves, in the XA_STATE field
       in the Performance Schema table
       events_transactions_current, the state of XA transactions
       was incorrectly reported as COMMITTED instead of PREPARED
       after the XA PREPARE statement was applied on the slave.
       (Bug #25940184)

     * Replication: In a multi-source replication topology, a
       memory leak could occur on the slave when
       binlog_rows_query_log_events was enabled on the master,
       and a statement already applied from another channel was
       skipped on the slave. In this situation, the instance of
       the Rows_query log event stored on the slave was not
       being deleted. The log event instance is now cleaned up
       and the memory is freed. Thanks to Vlad Lesin for his
       contribution to the patch. (Bug #25695434, Bug #85371,
       Bug #85034)

     * Replication: A memory leak was fixed in GTID-based
       replication. Memory was not being freed after the
       repository tables were updated for skipped or ignored
       events. (Bug #25656123, Bug #85251)

     * Replication: When a worker thread on a multi-threaded
       slave failed to apply a transaction on which a later
       transaction depended, the coordinator thread could begin
       scheduling the dependent transaction before being
       notified of the issue. If a STOP SLAVE request was made
       during this situation, it caused an assertion to be
       raised in debug builds. (Bug #25585436)

     * Replication: When
       group_replication_enforce_update_everywhere_checks=ON the
       Group Replication plugin checks if there are foreign key
       cascades and disallows updates to such tables. However
       SET NULL operations were not being checked, which could
       cause data inconsistency. Now, when
       group_replication_enforce_update_everywhere_checks=ON,
       operations on child tables are blocked if the table has a
       SET NULL option configured. (Bug #25404162)

     * Replication: On Windows, any errors generated by Group
       Replication now contain the detailed error message rather
       than just the error number. (Bug #24918678)

     * Replication: With statement-based replication in use, if
       an UPDATE or DELETE statement was used inside an XA
       transaction ending with XA COMMIT ONE PHASE, and the
       statement did not affect any rows, a replication error
       occurred. An XA END statement was not written to the
       binary log, so slave servers identified the XA
       transaction as still being active at the time of the
       commit request. The required XA END statement is now
       written even if no rows were affected by the transaction.
       (Bug #24812958, Bug #83295)

     * Replication: Regardless of the number of virtual IPs
       configured on a machine, Group Replication could access
       only the first 12 addresses. (Bug #86772, Bug #26324852)

     * Microsoft Windows: On Windows, with the myisam_use_mmap
       and flush system variables enabled, MyISAM did not always
       flush table files properly. (Bug #26880757)

     * Microsoft Windows: On Windows, resolution was improved of
       a timer used for query performance assessment. (Bug
       #22305994, Bug #26734457)

     * JSON: When inserting JSON values created from the result
       of a GROUP BY query, the inserted values could sometimes
       include the concatenation of all the values previously
       inserted into that column. (Bug #87854, Bug #26867509)

     * In event items in filter rules, the audit_log plugin did
       not properly process values specified as a JSON array.
       (Bug #27010045)

     * VALUES() was not handled correctly in some cases. (Bug
       #26881946)
       References: See also: Bug #19601973, Bug #17458914.

     * In some cases, virtual generated column expressions
       containing comparison operators could cause problems with
       subsequent statements accessing the same table. (Bug
       #26881855)

     * For debug builds, validation checks on relevant generated
       columns could be missed for UPDATE statements, leading to
       a server exit. (Bug #26838771)

     * The default value of the
       authentication_ldap_sasl_auth_method_name system variable
       was incorrectly set to SIMPLE rather than SCRAM-SHA-1,
       and the variable could be set to impermissible values.
       (Bug #26838525, Bug #26093370)

     * Following an INSERT statement with BLOB values in the ON
       DUPLICATE KEY UPDATE clause that failed with a constraint
       violation, a similar statement with no reason to return
       an error could cause a server exit. (Bug #26734162)

     * The Performance Schema now stores rewritten rather than
       raw SQL statement text when available. (Bug #26732229)

     * Incorrect results or a server exit could result when
       SHA2() was passed a user-defined variable in some
       character sets. (Bug #26704451)

     * mysqlpump no longer includes the SQL_NO_CACHE modifier in
       statements because that modifier is now deprecated and
       results in deprecation warnings. (Bug #26694675)

     * Building with the -DWITHOUT_SERVER=ON CMake option failed
       due to attempting to link the
       authentication_ldap_sasl_client client-side plugin
       against the embedded server library. (Bug #26665217)

     * Setting authentication_ldap_simple_max_pool_size=0 and
       authentication_ldap_simple_init_pool_size=0 at runtime
       did not disable the LDAP connection pool for the
       authentication_ldap_simple authentication plugin. (Bug
       #26646063)

     * Accounts that use an LDAP authentication plugin and were
       created without any authentication string could be
       authenticated by the LDAP server regardless of password
       specified at connect time. (Bug #26634245)

     * Incorrect results could be returned for queries that used
       an outer join and a derived table referenced a const
       value from an inner table of the outer join. (Bug
       #26627181)

     * AFTER UPDATE triggers were not invoked for INSERT ... ON
       DUPLICATE KEY UPDATE when the value to be updated and the
       new value were the same. (Bug #26626277, Bug #87371)

     * Changing the UMASK and UMASK_DIR environment variables
       from their default values had no effect on database
       directory and table file access. (Bug #26529942)

     * Creating a table with excessive index information could
       cause a server exit. (Bug #26529369)

     * MSI packages for Windows failed to detect when Microsoft
       Visual C++ 2010 Redistributable Package was installed.
       (Bug #26501092, Bug #87139)

     * audit_log plugin THD objects could be created with
       incorrect thread ID information, leading to assertion
       failure. (Bug #26362452)

     * When HASH_SCAN was specified as one of the values for the
       slave_rows_search_algorithms system variable, which is
       the default from MySQL 8.0.2, and row-based replication
       was in effect, updates to a table containing virtual
       generated fields could raise an assertion. The issue was
       caused by an error when generating string representations
       of the virtual generated fields in order to create hashes
       for use in searches. To remove the issue, MySQL no longer
       creates hashes for virtual generated fields. (Bug
       #26280724)

     * Attempting a partial backup with mysqlpump on a
       GTID-enabled server failed and produced an error message
       suggesting incorrectly that this was not possible. (It is
       possible using the --set-gtid-purged option.) (Bug
       #26199978)

     * The Performance Schema could leak memory due to
       nondeletion of file instances created for ALTER TABLE
       operations that used the table-copy algorithm. (Bug
       #26152751, Bug #86482)

     * mysqlpump did not properly parse TABLESPACE clauses in
       the result from SHOW CREATE TABLE statements it executed
       to determine table structure. (Bug #26116415)

     * Some statements could cause a buffer overflow in the
       digest code. Thanks to Laurynas Biveinis and Roel van de
       Paar for the patch. (Bug #26021187)

     * Previously, when the Performance Schema failed to
       initialize, it wrote a nonspecific init failed warning to
       the error log. Now it prints more specific messages about
       which memory allocation failed. (Bug #25996291)

     * Incorrect results could occur on a table with a unique
       index when the optimizer chose a loose index scan even
       though the unique index had no index extensions. (Bug
       #25989915, Bug #86165, Bug #26532061, Bug #87207)
       References: This issue is a regression of: Bug #21749123,
       Bug #78244.

     * Restarting the LDAP server could cause LDAP
       authentication plugins that used a connection pool to
       fail to authenticate properly. (Bug #25989788)

     * CREATE USER IF NOT EXISTS was not written to the binary
       log if the user existed. This could result in
       inconsistent replication behavior if the user did not
       exist on slave servers. A similar issue occurred for
       ALTER USER IF EXISTS. To avoid inconsistencies, these
       statements now are written to the binary log. (Bug
       #25813089, Bug #85733)

     * Incorrect handling of internal memory buffers could cause
       a server exit. (Bug #25737271)

     * MySQL did not compile with GCC 7. (Bug #25643811, Bug
       #26825211)

     * Executing a stored procedure containing a statement that
       created a table from the contents of certain SELECT
       statements could result in a memory leak. (Bug #25586773)

     * When an UPDATE required a temporary table having a
       primary key larger than 1024 bytes and that table was
       created using InnoDB, the server could exit. (Bug
       #25153670)

     * For geometry calculations, invalid input parameters could
       lead to an incorrect result buffer and cause an assertion
       to be raised or a server exit. (Bug #25062396)

     * Under some conditions, the audit_log plugin could
       recursively lock a mutex, resulting in an unresponsive
       server. (Bug #24437533)

     * In some cases, the optimizer chose a loose index scan
       (QUICK_GROUP_MIN_MAX_SELECT) for a GROUP BY query even
       when there was a predicate with a disjunction. This is
       fixed by not performing a range scan when the condition
       in the WHERE clause results in more than one disjoint
       range tree. (Bug #24423143)

     * Setting the MYSQL_GROUP_SUFFIX environment variable had
       no effect. (Bug #23072792)

     * Queries with many left joins were slow if join buffering
       was used (for example, using the block nested loop
       algorithm). (Bug #18898433, Bug #72854)

     * A prepared statement containing an ORDER BY list that
       referred to a parameter was not always handled correctly.
       (Bug #87863, Bug #26867652)

     * The server handled triggers and generated columns
       incorrectly. (Bug #86637, Bug #26251621)

On Behalf of the MySQL/Oracle Release Engineering Team,
Hery Ramilison

--
MySQL General Mailing List
For list archives: http://lists.mysql.com/mysql
To unsubscribe:    http://lists.mysql.com/mysql

Reply via email to