For full changes, see http://dev.mysql.com/doc/refman/5.1/en/news-5-1-47.html.
Here is important changes:
InnoDB Plugin Notes:
* InnoDB Plugin has been upgraded to version 1.0.8. This version
is considered of General Availability (GA) quality. InnoDB
Plugin Change History, may contain information in addition to
those changes reported here.
In this release, the InnoDB Plugin is included in source and
binary distributions, except RHEL3, RHEL4, SuSE 9 (x86, x86_64,
ia64), and generic Linux RPM packages. It also does not work for
FreeBSD 6 and HP-UX or for Linux on generic ia64.
Functionality added or changed:
* InnoDB stores redo log records in a hash table during
recovery. On 64-bit systems, this hash table was 1/8 of the
buffer pool size. To reduce memory usage, the dimension of the
hash table was reduced to 1/64 of the buffer pool size (or 1/128
on 32-bit systems). (Bug#53122)
Security fixed:
* Security Fix: The server failed to check the table name argument
of a COM_FIELD_LIST command packet for validity and compliance
to acceptable table name standards. This could be exploited to
bypass almost all forms of checks for privileges and table-level
grants by providing a specially crafted table name argument to
COM_FIELD_LIST.
In MySQL 5.0 and above, this allowed an authenticated user with
SELECT privileges on one table to obtain the field definitions
of any table in all other databases and potentially of other
MySQL instances accessible from the server's file system.
Additionally, for MySQL version 5.1 and above, an authenticated
user with DELETE or SELECT privileges on one table could delete or
read content from any other table in all databases on this server,
and potentially of other MySQL instances accessible from the
server's file system. (Bug#53371, CVE-2010-1848)
* Security Fix: The server was susceptible to a buffer-overflow
attack due to a failure to perform bounds checking on the table
name argument of a COM_FIELD_LIST command packet. By sending
long data for the table name, a buffer is overflown, which could
be exploited by an authenticated user to inject malicious
code. (Bug#53237, CVE-2010-1850)
* Security Fix: The server could be tricked into reading packets
indefinitely if it received a packet larger than the maximum
size of one packet. (Bug#50974, CVE-2010-1849)
Optional provides simple, flexible, optional compilation of LaTeX
documents. Option switches may be given via package options, by the
\UseOption command, or interactively via the \AskOption command (help
text may be provided, by defining the \ExplainOptions command). The
package is not robust, in the way that comment package is, against
ill-behaved text. In particular, verbatim text may not be directly
included in optional sections (whether they're included or not). Package
documentation is included in comments within the package itself.
If you have \cite commands in \section-like commands, or in \caption,
the citation will also appear in the table of contents, or list of
whatever. If you are also using an unsrt- like bibliography style, these
citations will come at the very start of the bibliography, which is
confusing. This package suppresses the effect.
Use \nolbreaks{some text} to prevent line breaks in "some text". This
has the advantage over \mbox{} that glue (rubber space) remains
flexible. Most common cases are handled here (\linebreak is disabled,
for example) but spaces hidden in macros or { } can still create
break-points.
* set LICENSE=ruby-license
* back to use extconf from gems.
C ext ruby module from gems install header files into unwanted location.
It confuse build of package using those modules.
Moreover, gems module will not be loaded by rb_require from C module.
It introduce unwanted behaviour to packages using directly/indirectly
using the module.
Bump PKGREVISION.
* Sun Apr 20 2010 Eric S. Raymond <esr@snark.thyrsus.com> - 2.94
Error-checking in the 50bps subframe code has been greatly improved.
The Garmin GPS driver can now use libusb, if it is present, to do
device discovery. The libgps library has been split apart; the
service functions used by the daemon now live in libgpsd. This
will shave some code volume from GPSD client applications. A packaging
error that resulted in xgps not being shipped in 2.93 has been
corrected. We now have stronger checking for valid ephemeris before
extracting the leap-second offset; they should prevent many cases
where gpsd migh previously have used an invalid leap-second offset.
* Fri Apr 16 2010 Eric S. Raymond <esr@snark.thyrsus.com> - 2.93
Support for JSON dumping and parsing of AIS message types 25 and 26,
not yet observed in the wild on AISHub. Fix Debian bug #569703. by
removing non-streaming mode from the Python exerciser. Fix Debian
bug #572900 by unsetting the appropriate in-use flag in the device
array. Change the libgps default from old protocol to JSON. Add a
close() method to the C++ binding. Try to recover better from
sporadic cases of false matches to Trimble packet format from a SiRF
binary datastream. gps_poll() now returns -1 with errno not set when
the gpsd socket closes. TPV now refrains from reporting fields the
fix quality won't support. gpsmon option for listing device types is
now -L to -l can be used to enable logging (to stay consistent with
the l command). There is new FAQ material on improving fix and time
reference accuracy. New sections have been added to NMEA.txt on
error status indications and satellite IDs. New POLL command brings
back polling-mode operation. A Client-HOWTO has been added to the
documentation. gpsd no longer eats CPU when a device is unexpectedly
unplugged. Support for the TNT revolution is back (run mode only).
There is now a gpsdfake diagnostic tool that fakes being gpsd shipping
arbitrary specified data to clients.
* Wed Mar 3 2010 Eric S. Raymond <esr@snark.thyrsus.com> - 2.92
Fix a packaging error. The new Python library module was
inadvertently omitted from the 2.91 tarball. Also, improve the json
import test slightly.
* Mon Mar 1 2010 Eric S. Raymond <esr@snark.thyrsus.com> - 2.91
We have support for NMEA GLONASS sentences, and a regression test.
Clients now get a DEVICE notification on every driver switch. It is
possible to specify a TCP/IP AIS feed such as AISHub as a data
source. Serious bitrot in the NTRIP support has been fixed - it was
probably nonfunctional for several releases before this. Fixed
buggy display of satellite-used flags in cgps. xgps is replaced by
a rewrite in Python that uses pygtk, eliminating a dependency on
Motif; also, it now displays AIS information. Uniform treatment of
display-unit defaulting and -u in xgps, cgps, and lcdgps. Support
for AIS message types 25 and 26. Support for IPv6. A numeric
instability in the earth_distance() function affecting track error
modeling has been fixed. Old protocol has been removed from the
daemon; the library still speaks it.
Pkgsrc changes:
- Adjust dependencies
Upstream changes:
0.9938 Sun May 23 17:13:05 PDT 2010
- ErrorDocument: Added Content-Length to error responses (hachi)
- Improved docs about conditional middleware loading
- XSendfile: Updated (undocumented) environment key to switch frontend
- Auth::Basic: Added notes about how to use it with Apache (mod_perl and CGI) [RT #57436]
0.9937 Fri May 14 23:11:27 PDT 2010
- Fixed -I broken in 0.9936 (juster) #114
0.9936 Fri May 14 15:58:02 PDT 2010
- Remove 'use lib "lib"' from plackup
- Remove HTTP_CONTENT_* environment variables in FastCGI handlers to deal with buggy web servers.
(Justin Davis)
0.9935 Wed May 5 15:17:06 PDT 2010
- Set an empty PATH_INFO if CGI environment doesn't set so (hachi) #109
- Fixed a possible weird combination of SCRIPT_NAME and PATH_INFO in CGI handlers
- localize PATH_INFO and SCRIPT_NAME in App::File and subclasses #100
- updated COPYRIGHT notice for Debian
- Middleware::StackTrace now displays text trace to psgi.errors like Rack::ShowExceptions
(castaway, theorbtwo)
- Middleware::StackTrace: Fixed the text stack trace format to be more readable
0.9934 Tue May 4 15:47:33 PDT 2010
- Added a test in CGIBin where binmode ":utf8" causes bad content-length #110
- Doc fix for the deprecated servers
- Initialize Module::Refresh (hiratara)
- Added mime_type to ErorrDocument (kakuno)
0.9933 Tue Apr 27 14:32:23 PDT 2010
- refactored the app.psgi loading error handling
- Enable type checking of the app in Lint->wrap
- allow plackup -e'...'
- Disable FCGI::Client/Net::FastCGI test by default
