* Windows builds now use the default runtime libraries (builds use the /MD flag).
* CMake support was added for compiling with Developer Studio 12.6.
MySQL failed to compile if -DENABLE_DEBUG_SYNC=OFF AND -DWITH_DEBUG=ON were both given. The ENABLE_DEBUG_SYNC option has been removed and enabling WITH_DEBUG enables Debug Sync.
* Changes in RPM package structure require a larger set of packages to be removed to install MySQL Server cleanly.
* To avoid potential race conditions, Debian packages now use the GNU install utility rather than a combination of mkdir, touch, and chown.
* CMake-generated packaging for Debian/Ubuntu packages was refactored for improved maintainability. The change includes updated logic for correctly replacing native distribution packaging in Debian and Ubuntu.
* Reminder: MySQL 5.6 requires the Microsoft Visual C++ 2010 Redistributable Package to run on Windows platforms. Users should make sure the package has been installed on the system before starting the server. The package is available at the Microsoft Download Center.
* The linked OpenSSL library for the MySQL Commercial Server has been updated to version 1.0.2k. For a description of issues fixed in this version, see http://www.openssl.org/news/vulnerabilities.html.
* The mysql_options() C API function now supports a MYSQL_OPT_SSL_MODE option.
Security Notes
--------------
Incompatible Change: These changes were made to mysqld_safe:
* Unsafe use of rm and chown in mysqld_safe could result in privilege escalation. chown now can be used only when the target directory is /var/log. An incompatible change is that if the directory for the Unix socket file is missing, it is no longer created; instead, an error occurs. Due to these changes, /bin/bash is required to run mysqld_safe on Solaris. /bin/sh is still used on other Unix/Linux platforms.
* The --ledir option now is accepted only on the command line, not in option files.
* mysqld_safe ignores the current working directory.
Other related changes:
* Initialization scripts that invoke mysqld_safe pass --basedir explicitly.
* Initialization scripts create the error log file only if the base directory is /var/log or /var/lib.
* Unused systemd files for SLES were removed.
* MySQL Server now includes a plugin library that enables administrators to introduce an increasing delay in server response to clients after a certain number of consecutive failed connection attempts. This capability provides a deterrent that slows down brute force attacks that attempt to access MySQL user accounts. For more information, see The Connection-Control Plugin.
* OpenSSL is ending support for version 1.0.1 in December 2016; see https://www.openssl.org/policies/releasestrat.html. Consequently, MySQL Commercial Server builds now use version 1.0.2 rather than version 1.0.1, and the linked OpenSSL library for the MySQL Commercial Server has been updated from version 1.0.1 to version 1.0.2j. For a description of issues fixed in this version, see https://www.openssl.org/news/vulnerabilities.html.
This change does not affect the Oracle-produced MySQL Community build of MySQL Server, which uses the yaSSL library instead.
Functionality Added or Changed
------------------------------
* InnoDB: By default, InnoDB reads uncommitted data when calculating statistics. In the case of an uncommitted transaction that deletes rows from a table, InnoDB excludes records that are delete-marked when calculating row estimates and index statistics, which can lead to non-optimal execution plans for other transactions that are operating on the table concurrently using a transaction isolation level other than READ UNCOMMITTED. To avoid this scenario, a new configuration option, innodb_stats_include_delete_marked, can be enabled to ensure that InnoDB includes delete-marked records when calculating persistent optimizer statistics. (Bug 23333990)
* Unit testing now uses Google Mock 1.8. (Bug 24572381, Bug 82823)
Bugs Fixed
Packaging Notes
---------------
RPM and Debian packages now create the /var/lib/mysql-files directory, which is now the default value of the secure_file_priv system variable that specifies a directory for import and export operations.
Security Notes
--------------
Incompatible Change: The secure_file_priv system variable is used to limit the effect of data import and export operations.
Functionality Added or Changed
------------------------------
yaSSL was upgraded to version 2.4.2. This upgrade corrects issues with: Potential AES side channel leaks; DSA padding for unusual sizes; the SSL_CTX_load_verify_locations() OpenSSL compatibility function failing to handle long path directory names.
Test Suite Notes
----------------
In mysql-test-run.pl, a limit of 50 was imposed on the number of workers for parallel testing, which on systems with more than 50 CPUs resulted in exhaustion of unique thread IDs. The ID-exhaustion problem has been corrected, and the limit of 50 on number of workers has been lifted. Thanks to Daniel Black for the patch on which this change was based. Additionally, these changes were made:
To avoid idle workers, the number of parallel workers now is limited to the number of tests.
Previously, if --parallel=auto was given and the MTR_MAX_PARALLEL environment variable was not set, a limit of 8 was imposed on the number of parallel workers. This limit has been lifted.
(Bug 22342399, Bug 79585)
Functionality Added or Changed
------------------------------
CMake support for compiling with Solaris Studio 12.5 was added. (Bug 82249, Bug 24303829, Bug 81274, Bug 23212938)
Bugs Fixed
----------
InnoDB: An operation that dropped and created a full-text search table raised an assertion. (Bug 24315031)
InnoDB: Accessing full-text search auxiliary tables while dropping the indexed table raised an assertion. (Bug 24009272)
InnoDB: An online DDL operation on a table with indexed BLOB columns raised an assertion during logging of table modifications. (Bug 23760086)
Replication: mysqlbinlog --read-from-remote-server log1 log2 was opening a new connection for log2 without freeing the connection used for log1. Thanks to Laurynas Biveinis for the contribution. (Bug 81675, Bug 23540182)
Replication: With binlog_row_image=FULL, when updating single tables temporary tables were unnecessarily being used. The fix ensures single table update follows the same pattern as multi-table update. (Bug 79867, Bug 22510353)
For mysqld_safe, the argument to --malloc-lib now must be one of the directories /usr/lib, /usr/lib64, /usr/lib/i386-linux-gnu, or /usr/lib/x86_64-linux-gnu. In addition, the --mysqld and --mysqld-version options can be used only on the command line and not in an option file. (Bug 24464380)
It was possible to write log files ending with .ini or .cnf that later could be parsed as option files. The general query log and slow query log can no longer be written to a file ending with .ini or .cnf. (Bug 24388753)
Privilege escalation was possible by exploiting the way REPAIR TABLE used temporary files. (Bug 24388746)
If the basedir system variable was set at server startup from the command line or option file, the value was not normalized (on Windows, / was not replaced with /). (Bug 23747899, Bug 82125)
In-place ALTER TABLE operations which when executed separately caused no table rebuild could when combined into a single statement result in a table rebuild. (Bug 23475211, Bug 81587)
A blank server name in CREATE SERVER statements produced a server exit rather than an error. (Bug 23295288)
A prepared statement that used a parameter in the select list of a derived table that was part of a join could cause a server exit. (Bug 22392374, Bug 24380263)
MEDIUMINT columns used in operations with long integer values could result in buffer overflow. (Bug 19984392)
A spurious ER_NO_SUCH_TABLE error could occur when attempting to execute a prepared CREATE TABLE ... SELECT statement that used a temporary table in the FROM clause and called a stored function. The same error could occur for a nonprepared version of the statement if used in a stored procedure when the procedure was re-executed. (Bug 16672723, Bug 68972)
EINTR handling in the client library has been fixed so that interrupted read and write calls are retried. Previously, EINTR was ignored. (Bug 82019, Bug 23703570)
Bugs Fixed
InnoDB: Full-text search auxiliary tables could be dropped by one session while being access by another.
InnoDB: Selecting full-text index information schema tables for a deleted table caused a segmentation fault.
InnoDB: Rollback of a full-text index synchronization operation raised an assertion. The rollback operation attempted to acquire a mutex still held by the background synchronization thread.
InnoDB: Setting innodb_monitor_enable to all did not enable all counters.
Replication: After issuing a PURGE BINARY LOGS statement, if the binary log index file was not available, for example because it had been opened by another application such as MEB, the server could stop unexpectedly. Although this situation was rare, the handling has been made more robust to avoid unexpected halts and more informative errors are provided.
Replication: When using row-based replication and InnoDB, replication slaves reverted to using an older locking scheme when a transaction had already acquired an AUTOINC lock related to a LOAD FILE or INSERT ... SELECT type of statement, reducing replication slave performance. The fix ensures that sql_command is set correctly for any of the DML events such as WRITE_ROWS_EVENT, UPDATE_EVENT, and DELETE_EVENT.
Replication: A MySQL version 5.5 slave does not have a server_uuid and replication identified servers by their server_id. Starting from MySQL version 5.6, replication masters detected a zombie dump thread based only on a slave's server_uuid value, under the assumption that each slave has a unique UUID. Connecting a MySQL 5.5 slave to a MySQL 5.6 and later master meant that the master was unable to detect zombie dump threads that were created to serve slaves running versions older than MySQL 5.6. The fix ensures that a master now first checks if a slave has a server_uuid set. If it is set, zombie dump thread detection happens based on the slave's UUID. If a slave's server_uuid is not set, zombie dump thread detection happens based on server_id.
Replication: With slave_skip_errors enabled there were still special cases when slave errors were not being correctly ignored. For example:
When opening and locking a table failed.
When field conversions failed on a server running row-based replication.
In these cases the error was considered critical and it was not respecting the state of slave_skip_errors. The fix ensures that with slave_skip_errors enabled, all errors reported during applying a transaction are correctly handled. This means that in such a set up, upon receiving an error with the log_warnings option set to greater than 1, if the error can be ignored then the warning is printed into the error log and the server continues as it does in the case of other ignored errors.
Replication: When using statement-based or mixed binary logging format with --read-only=ON, it was not possible to modify temporary tables.
MySQL Server upgrades performed using RPM packages failed when upgrading from MySQL 5.5 Community to MySQL 5.6 Community or MySQL 5.5 Commercial to MySQL 5.6 Commercial.
The code for reading character set information from Performance Schema statement events tables (for example, events_statements_current) did not prevent simultaneous writing to that information. As a result, the SQL query text character set could be invalid, which could result in a server exit. Now an invalid character set causes SQL_TEXT column truncation.
A buffer overflow in the regex library was fixed.
Certain arguments to NAME_CONST() could cause a server exit.
For unit-testing with the MySQL test suite, the make unit-test command is no longer available. The ctest program should be used instead. See Unit Tests Added to Main Test Runs.
ST_Distance() could raise an assertion for NULL return values.
With the query cache enabled, executing a prepared statement with CURSOR_TYPE_READ_ONLY and then again with CURSOR_TYPE_NO_CURSOR caused the server to return an error.
mysql_real_connect() was not thread-safe when invoked with the MYSQL_READ_DEFAULT_FILE or MYSQL_READ_DEFAULT_GROUP option enabled.
Installing MySQL from a yum or zypper repository resulted in /var/log/mysqld.log being created with incorrect user and group permissions.
If a stored function updated a view for which the view table had a trigger defined that updated another table, it could fail and report an error that an existing table did not exist.
If an INSTALL PLUGIN statement contained invalid UTF-8 characters in the shared library name, it caused the server to hang (or to raise an assertion in debug builds).
For multibyte character sets, LOAD DATA could fail to allocate space correctly and ignore input rows as a result.
Security Notes
The linked OpenSSL library for the MySQL Commercial Server has been updated to version 1.0.1t. Issues fixed in the new version are described at http://www.openssl.org/news/vulnerabilities.html.
This change does not affect the Oracle-produced MySQL Community build of MySQL Server, which uses the yaSSL library instead. (Bug 23229564)
Functionality Added or Changed
A new CMake option, WITH_SYMVER16, if enabled, causes the libmysqlclient client library to contain extra symbols to be compatible with libmysqlclient on RHEL/OEL 5, 6, 7, and Fedora releases. All symbols present in libmysqlclient.so.16 are tagged with symver 16 in libmsqlclient.so.18, making those symbols have both symver 16 and 18. (Bug 22980983)
support-files/MacOSX/ReadMe.txt is no longer included in MySQL distributions. (Bug 81038, Bug 23088916)
The version of the tcmalloc library included in MySQL distributions was very old. It has been removed and is no longer included with MySQL. (Bug 80994, Bug 23068660)
Bugs Fixed
InnoDB: MySQL failed to build on Fedora 24 using GCC 6. (Bug 23227804)
InnoDB: Potential buffer overflow issues were corrected for the InnoDB memcached plugin. (Bug 23187607)
InnoDB: The full-text index cache was freed during a background index cache synchronization. (Bug 22996488)
InnoDB: A full-text index operation raised an assertion. (Bug 22963169)
InnoDB: An INSERT operation on a table with a FULLTEXT index and FTS_DOC_ID column failed because the inserted FTS_DOC_ID value exceeded the permitted gap between consecutive FTS_DOC_ID values. To avoid this problem, the permitted gap between the largest used FTS_DOC_ID value and new FTS_DOC_ID value was raised from 10000 to 65535. (Bug 22679185)
InnoDB: With innodb_autoinc_lock_mode=0, multiple threads waiting for a table-level lock caused an unexpected deadlock. (Bug 21983865, Bug 78761)
InnoDB: A FLUSH TABLES ... FOR EXPORT operation appeared to stall. A loop in the ibuf_contract_in_background function failed to exit. (Bug 21133329, Bug 77011)
InnoDB: A full-text query raised an assertion. Under certain circumstances, DDL operations such as ALTER TABLE ... RENAME caused full-text auxiliary tables to be removed on server restart. (Bug 13651665)
Replication: In the next_event() function, which is called by a slave's SQL thread to read the next even from the relay log, the SQL thread did not release the relaylog.log_lock it acquired when it ran into an error (for example, due to a closed relay log), causing all other threads waiting to acquire a lock on the relay log to hang. With this fix, the lock is released before the SQL thread leaves the function under the situation. (Bug 21697821)
References: See also: Bug 20492319.
Replication: If a multi-threaded replication slave running with relay_log_recovery=1 stopped unexpectedly, during restart the relay log recovery process could fail. This was due to transaction inconsistencies not being filled, see Handling an Unexpected Halt of a Replication Slave. Prior to this fix, to recover from this situation required manually setting relay_log_recovery=0, starting the slave with START SLAVE UNTIL SQL_AFTER_MTS_GAPS to fix any transaction inconsistencies and then restarting the slave with relay_log_recovery=1. This process has now been automated, enabling relay log recovery of a multi-threaded slave upon restart automatically. (Bug 77496, Bug 21507981)
INSERT with ON DUPLICATE KEY UPDATE and REPLACE on a table with a foreign key constraint defined failed with an incorrect “duplicate entry” error rather than a foreign key constraint violation error. (Bug 23135731)
References: This issue is a regression of: Bug 78853, Bug 22037930.
For debug builds, CONCAT_WS() could raise an assertion if there was nothing to append. (Bug 22888420)
Invoking Enterprise Encryption functions in multiple threads simultaneously could cause a server exit. (Bug 22839278)
Attempting to use Enterprise Encryption functions after creating and dropping them could cause a server exit. (Bug 22669012)
Setting sort_buffer_size to a very large value could cause some operations to fail with an out-of-memory error. (Bug 22594514)
An assertion could be raised when a deadlock occurred due to a SELECT ... GROUP BY ... FOR UPDATE query executed using a Loose Index Scan. (Bug 22187476)
Several potential buffer overflow issues were corrected. (Bug 21977380, Bug 23187436, Bug 23202778, Bug 23195370, Bug 23202699)
If the CA certificate as given to the --ssl-ca option had an invalid path, yaSSL returned an error message different from OpenSSL. Now both return SSL connection error: SSL_CTX_set_default_verify_paths failed. (Bug 21920657)
Some string functions returned one or a combination of their parameters as their result. If one of the parameters had a non-ASCII character set, the result string had the same character set, resulting in incorrect behavior when an ASCII string was expected. (Bug 18740222)
On Windows, MySQL installation could result in MySQL being placed under C:\Program Files\Canon\Easy-WebPrint EX. (Bug 14583183)
References: See also: Bug 70918, Bug 68821, Bug 68227.
On Fedora 24, upgrades using a Community MySQL Server RPM failed to replace an installed MariaDB Galera server due to a change in the MariaDB package. (Bug 81390, Bug 23273818)
MySQL did not compile under Solaris 12 using Sun Studio. To correct this, instances of __attribute__ were changed to MY_ATTRIBUTE. (Bug 80748, Bug 22932576)
The INSTALL-SOURCE file had partly outdated information and has been removed from source packages. (Binary packages are unaffected). (Bug 80680, Bug 23081064)
For a server compiled with -DWITH_PERFSCHEMA_STORAGE_ENGINE=0, a memory leak could occur for buffered log messages used during server startup. (Bug 80089, Bug 22578574)
For debug builds, merging a derived table into an outer query block could raise an assertion. (Bug 79502, Bug 22305361, Bug 21139722)
A null pointer dereference of a parser structure could occur during stored procedure name validation. (Bug 79396, Bug 22286421)
Using CREATE USER to create an account with the mysql_native_password or mysql_old_password authentication plugin and using a clause of the form IDENTIFIED WITH plugin AS 'hash_string' caused the account to be created without a password. (Bug 78033, Bug 21616496)
Failure of UNINSTALL PLUGIN could lead to inaccurate or confusing errors for subsequent INSTALL PLUGIN operations. (Bug 74977, Bug 20085672)
mysqld_multi displayed misleading error messages when it was unable to execute my_print_defaults. (Bug 74636, Bug 19920049)
On Windows, MySQL installation failed if the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ registry key was present with a key/value pair of "InstallLocation" and "\Hewlett-Packard\\". (Bug 74631, Bug 19949163)
mysqldump failed silently with no error message when it encountered an error while executing FLUSH LOGS.
under $PKG_SYSCONFDIR, and prevents mysql_install_db from creating
$PREFIX/my.cnf. Brings mysql56-client and mysql56-server in sync
WRT my.cnf location. Bump respective PKGREVISIONs.
Noticed by peterkelm@ on Github.
Security Notes
--------------
The linked OpenSSL library for the MySQL Commercial Server has been updated to version 1.0.1s. Issues fixed in the new version are described at http://www.openssl.org/news/vulnerabilities.html.
This change does not affect the Oracle-produced MySQL Community build of MySQL Server, which uses the yaSSL library instead.
MySQL client programs now support an --ssl-mode option that enables you to specify the security state of the connection to the server. The default value is DISABLED (establish an unencrypted connection). --ssl-mode=REQUIRED) can be specified to require a secure connection, or fail if a secure connection cannot be obtained.
These clients support --ssl-mode: mysql, mysqladmin, mysqlcheck, mysqldump, mysqlimport, mysqlshow, mysqlpump, mysqlslap, mysqltest, mysql_upgrade.
For more information, see Command Options for Secure Connections.
Bugs Fixed
* InnoDB: A new InnoDB configuration option, innodb_tmpdir, allows you to configure a separate temporary file directory for online ALTER TABLE operations. This option was introduced to help avoid tmpdir overflows that could occur as a result of large temporary files created during online ALTER TABLE operations. innodb_tmpdir is a SESSION variable and can be configured dynamically using a SET statement.
* yaSSL was upgraded to version 2.3.9. This upgrade corrects an issue in which yaSSL handled only cases of zero or one leading zeros for the key agreement instead of potentially any number, which in rare cases could cause connections to fail when using DHE cipher suites.
* The Valgrind function signature in mysql-test/valgrind.supp was upgraded for Valgrind 3.11.
* Bugs Fixed
MySQL Server RPM packages now contain a conflict indicator for MySQL Connector C, such that an error occurs when installing MySQL Server if MySQL Connector C is also installed. To install MySQL Server, remove any MySQL Connector C packages first.
mysql_upgrade now attempts to print more informative errors than FATAL ERROR: Upgrade failed.
These client programs now support the --enable-cleartext-plugin option: mysqlcheck, mysqldump, mysqlimport, mysqlshow. This option enables the mysql_clear_password cleartext authentication plugin. (See The Cleartext Client-Side Authentication Plugin.)
Support for building with Solaris Studio 5.13 was added.
Performance Schema digests in DIGEST_TEXT columns have ... appended to the end to indicate when statements exceed the maximum statement size and were truncated. This is also now done for statement text values in SQL_TEXT columns.
Bugs Fixed
Problems found with existing distfiles:
distfiles/D6.data.ros.gz
distfiles/cstore0.2.tar.gz
distfiles/data4.tar.gz
distfiles/sphinx-2.2.7-release.tar.gz
No changes made to the cstore or mariadb55-client distinfo files.
Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden). All existing
SHA1 digests retained for now as an audit trail.
* InnoDB: The new innodb_numa_interleave read-only configuration option allows you to enable the NUMA interleave memory policy for allocation of the InnoDB buffer pool. When innodb_numa_interleave is enabled, the NUMA memory policy is set to MPOL_INTERLEAVE for the mysqld process. After the InnoDB buffer pool is allocated, the NUMA memory policy is set back to MPOL_DEFAULT. This option is only available on NUMA-enabled systems.
* yaSSL was upgraded to version 2.3.8.
* RPM .spec files were updated so that MySQL Server builds from source RPM packages will include the proper files to take advantage of operating system NUMA capabilities. This introduces a runtime dependency on libnuma.so.1. RPM and yum detect this and refuse to install if that library is not installed.
* InnoDB: Reloading a table that was evicted while empty caused an AUTO_INCREMENT value to be reset.
* InnoDB: Memory allocation sanity checks were added to the memcached code.
* InnoDB: A memcached flush_all command raised an assertion. A function that starts a transaction was called from within assertion code.
* InnoDB: A data corruption occurred on ARM64. GCC builtins did not issue the correct fences when setting or unsetting the lock word.
* InnoDB: Server shutdown was delayed waiting for the purge thread to exit. To avoid this problem, the number of calls to trx_purge() was reduced, and the trx_purge() batch size was reduced to 20.
* InnoDB: In READ COMMITTED mode, a REPLACE operation on a unique secondary index resulted in a constraint violation.
* InnoDB: The IBUF_BITMAP_FREE bit indicated that there was more free space in the leaf page than was actually available.
* InnoDB: Setting lower_case_table_names=0 on a case-insensitive file system could result in a hang condition when running an INSERT INTO ... SELECT ... FROM tbl_name operation with the wrong tbl_name letter case. An error message is now printed and the server exits when attempting to start the server with --lower_case_table_names=0 on a case-insensitive file system.
* InnoDB: The server failed to start with an innodb_force_recovery setting greater than 3. InnoDB was set to read-only mode before redo logs were applied.
* InnoDB: The trx_sys_read_pertable_file_format_id() function reported the wrong file format.
* Partitioning: CREATE TABLE statements that used an invalid function in a subpartitioning expression did not always fail gracefully as expected.
* Partitioning: Error handling for failed partitioning-related ALTER TABLE operations against non-partitioned tables was not performed correctly
* Partitioning: ALTER TABLE when executed from a stored procedure did not always work correctly with tables partitioned by RANGE.
* Replication: Repeatedly checking for ERR_LOCK_WAIT_TIMEOUT (as done, for example by repeatedly executing SHOW SLAVE STATUS) during a prolonged write lock on a table led to an assert.
* Replication: If statement based logging was in use, when updating multiple tables in a single statement, a single transaction could be logged as two different transactions. This was due to the binary logging process not properly identifying statements which were operating over transactional tables. The fix ensures that they are correctly identified, even if such statements do not change the contents of the tables.
* Security Fix: Due to the LogJam issue (https://weakdh.org/), OpenSSL has changed the Diffie-Hellman key length parameters for openssl-1.0.1n and up.
* Replication: When using a multi-threaded slave, each worker thread has its own queue of transactions to process. In previous MySQL versions, STOP SLAVE waited for all workers to process their entire queue. This logic has been changed so that STOP SLAVE first finds the newest transaction that was committed by any worker thread. Then, it waits for all workers to complete transactions older than that. Newer transactions are not processed. The new logic allows STOP SLAVE to complete faster in case some worker queues contain multiple transactions.
* Previously, the max_digest_length system variable controlled the maximum digest length for all server functions that computed statement digests. However, whereas the Performance Schema may need to maintain many digest values, other server functions such as MySQL Enterprise Firewall need only one digest per session. Increasing the max_digest_length value has little impact on total memory requirements for those functions, but can increase Performance Schema memory requirements significantly. To enable configuring digest length separately for the Performance Schema, its digest length is now controlled by the new performance_schema_max_digest_length system variable.
* Previously, changes to the validate_password plugin dictionary file (named by the validate_password_dictionary_file system variable) while the server was running required a restart for the server to recognize the changes. Now validate_password_dictionary_file can be set at runtime and assigning a value causes the named file to be read without a restart.
In addition, two new status variables are available. validate_password_dictionary_file_last_parsed indicates when the dictionary file was last read, and validate_password_dictionary_file_words_count indicates how many words it contains.
* Bugs fixed
With OpenSSL 1.0.1p upgrade, DH parameters below 1024 bits are now
refused. MySQL hardcodes 512 bits DH parameters and will therefore
fail to run SSL connexions with OpenSSL 1.0.1p
Apply fix from upstream:
866b988a76
Functionality Added or Changed
* MySQL Enterprise Firewall operates on parser states and does not work well together with the query cache, which circumvents the parser. MySQL Enterprise Firewall now checks whether the query cache is enabled. If so, it displays a message that the query cache must be disabled and does not load.
* my_print_defaults now masks passwords. To display passwords in cleartext, use the new --show option.
* MySQL distributions now include an innodb_stress suite of test cases. Thanks to Mark Callaghan for the contribution.
Bugs Fixed
* InnoDB; Partitioning: The CREATE_TIME column of the INFORMATION_SCHEMA.TABLES table now shows the correct table creation time for partitioned InnoDB tables. The CREATE_TIME column of the INFORMATION_SCHEMA.PARTITIONS table now shows the correct partition creation time for a partition of partitioned InnoDB tables.
The UPDATE_TIME column of the INFORMATION_SCHEMA.TABLES table now shows when a partitioned InnoDB table was last updated by an INSERT, DELETE, or UPDATE. The UPDATE_TIME column of the INFORMATION_SCHEMA.PARTITIONS table now shows when a partition of a partitioned InnoDB table was last updated.
* InnoDB: An assertion was raised on shutdown due to XA PREPARE transactions holding explicit locks.
* InnoDB: The strict_* forms of innodb_checksum_algorithm settings (strict_none, strict_innodb, and strict_crc32) caused the server to halt when a non-matching checksum was encountered, even though the non-matching checksum was valid. For example, with innodb_checksum_algorithm=strict_crc32, encountering a valid innodb checksum caused the server to halt. Instead of halting the server, a message is now printed to the error log and the page is accepted as valid if it matches an innodb, crc32 or none checksum.
* InnoDB: The memcached set command permitted a negative expire time value. Expire time is stored internally as an unsigned integer. A negative value would be converted to a large number and accepted. The maximum expire time value is now restricted to INT_MAX32 to prevent negative expire time values.
* InnoDB: Removal of a foreign key object from the data dictionary cache during error handling caused the server to exit.
* InnoDB: SHOW ENGINE INNODB STATUS output showed negative reservation and signal count values due to a counter overflow error.
* InnoDB: Failure to check the status of a cursor transaction read-only option before reusing the cursor transaction for a write operation resulted in a server exit during a memcached workload.
* InnoDB: MDL locks taken by memcached clients caused a MySQL Enterprise Backup FLUSH TABLES WITH READ LOCK operation to hang.
* InnoDB: Estimates that were too low for the size of merge chunks in the result sorting algorithm caused a server exit.
* InnoDB: For full-text searches, the optimizer could choose an index that does not produce correct relevancy rankings.
* Partitioning: When creating a partitioned table, partition-level DATA DIRECTORY or INDEX DIRECTORY option values that contained an excessive number of characters were handled incorrectly.
* Partitioning: Executing an ALTER TABLE on a partitioned table on which a write lock was in effect could cause subsequent SQL statements on this table to fail.
* Replication: When binary logging was enabled, using stored functions and triggers resulting in a long running procedure that inserted many records caused the memory use to increase rapidly. This was due to memory being allocated per variable. The fix ensures that in such a situation, memory is allocated once and the same memory is reused.
* Replication: If an error was encountered while adding a GTID to the received GTID set, the log lock was not being correctly released. This could cause a deadlock.
more...
* CMake support was updated to handle CMake version 3.1.
* The server now includes its version number when it writes the initial “starting” message to the error log, to make it easier to tell which server instance error log output applies to. This value is the same as that available from the version system variable.
* ALTER TABLE did not take advantage of fast alterations that might otherwise apply to the operation to be performed, if the table contained temporal columns found to be in pre-5.6.4 format (TIME, DATETIME, and TIMESTAMP columns without support for fractional seconds precision).
* Statement digesting as done previously by the Performance Schema is now done at the SQL level regardless of whether the Performance Schema is compiled in and is available to other aspects of server operation that could benefit from it. The default space available for digesting is 1024 bytes, but can be changed at server startup using the max_digest_length system variable.
* Bug fixes.
* The linked OpenSSL library for the MySQL Commercial Server has been updated from version 1.0.1j to version 1.0.1k.
* Support for the SSL 2.0 and SSL 3.0 protocols has been disabled because they provide weak encryption.
* yaSSL was upgraded to version 2.3.7.
* The valid date range of the SSL certificates in mysql-test/std_data has been extended to the year 2029.
* Bugs Fixed
* Noisy compiler warnings on FreeBSD 10 were silenced.
* CMake workarounds for older Mac OS X and XCode versions were removed. On Mac OS X, compilation always uses Clang, even for 32-bit builds.
* Previously, the MYSQL_MAINTAINER_MODE CMake option was turned on by default for debug builds and off for release builds, and MYSQL_MAINTAINER_MODE caused -Werror to be enabled when building with GCC. This made it cumbersome to enable -Werror under certain conditions, such as when compiling with Clang.
* Build support was modified to produce the same warnings for Clang as for gcc.
* CMake configuration for the Clang compiler sets more appropriate flags for building on Linux. Specifically, -g -fno-omit-frame-pointer -fno-strict-aliasing is now added.
* Bugs fixed.
Intented as a clean implementation (replacement) of wip/mysql-sphinxse.
SphinxSE is MySQL storage engine which can be compiled into MySQL server 5.x
using its pluggable architecture. Despite the name, SphinxSE does not
actually store any data itself. It is actually a built-in client which
allows MySQL server to talk to searchd, run search queries, and obtain
search results. All indexing and searching happen outside MySQL.
See http://sphinxsearch.com/docs/current.html#sphinxse-overview
The --skip-innodb option is now deprecated and its use results in a warning. It will be removed in a future MySQL release. This also applies to its synonyms (--innodb=OFF, --disable-innodb, and so forth).
MySQL Enterprise Edition now includes a set of encryption functions based on the OpenSSL library that expose OpenSSL capabilities at the SQL level.
Replication: The new variable simplified_binlog_gtid_recovery can be used to change the way binary log files are searched for previous GTIDs during recovery, speeding up the process when a large number of binary log files exist.
Internally, spatial data types such as Geometry are represented as BLOB values, so when invoked with the --hex-blob option, mysqldump now displays spatial values in hex.
Bugs Fixed...
Security Fix: The linked OpenSSL library for the MySQL 5.6 Commercial Server has been updated from version 1.0.1g to version 1.0.1h. Versions of OpenSSL prior to and including 1.0.1g are reported to be vulnerable to CVE-2014-0224.
This change does not affect the Oracle-produced MySQL Community build of MySQL Server 5.6, which uses the yaSSL library instead.
DTrace Support
MySQL now includes DTrace support on Oracle Linux 6 or higher with UEK kernel. If DTrace is present, server builds will detect it with no special CMake options required. For information about using DTrace on MySQL, see Tracing mysqld Using DTrace.
InnoDB Notes
Important Change: Redo log writes for large, externally stored BLOB fields could overwrite the most recent checkpoint. The 5.6.20 patch limits the size of redo log BLOB writes to 10% of the redo log file size. The 5.7.5 patch addresses the bug without imposing a limitation. For MySQL 5.5, the bug remains a known limitation.
As a result of the redo log BLOB write limit introduced for MySQL 5.6, innodb_log_file_size should be set to a value greater than 10 times the largest BLOB data size found in the rows of your tables plus the length of other variable length fields (VARCHAR, VARBINARY, and TEXT type fields). Failing to do so could result in “Row size too large” errors. No action is required if your innodb_log_file_size setting is already sufficiently large or your tables contain no BLOB data.
Functionality Added or Changed
Replication: The new system variable binlog_impossible_mode controls what happens if the server cannot write to the binary log, for example, due to a file error. For backward compatibility, the default for binlog_impossible_mode is IGNORE_ERROR, meaning the server logs the error, halts logging, and continues updates to the database. Setting this variable to ABORT_SERVER makes the server halt logging and shut down if it cannot write to the binary log.
CMake support was updated to handle CMake version 3.
New Debian7, Ubuntu12.04, and Ubuntu14.04 distribution support that was introduced with 5.6.17 now comes with the platform-specific packaging source placed under the packaging directory, in the deb-precise, deb-wheezy, and deb-trusty directories.
Support for LinuxThreads has been removed from the source code. LinuxThreads was superseded by NPTL in Linux 2.6.
By default, mysql_install_db creates a my.cnf file in the installation base directory using a template. This may be undesireable for some deployments. To enable this behavior to be suppressed, mysql_install_db now supports a --keep-my-cnf option to preserve any existing my.cnf file and not create a new my.cnf file.
The mysqlhotcopy utility is now deprecated and will be removed in a future version of MySQL. Among the reasons for this: It works only for the MyISAM and ARCHIVE storage engines; it works on Unix but not Windows. Alternatives include mysqldump and MySQL Enterprise Backup.
The timed_mutexes system variable has no effect and is deprecated.
Bugs Fixed
Functionality Added or Changed
The obsolete and unmaintained charset2html utility has been removed from MySQL distributions.
The mysqlbug, mysql_waitpid, and mysql_zap utilities have been deprecated and will be removed in MySQL 5.7.
Bugs Fixed
InnoDB: After upgrading from 5.6.10 to MySQL versions up to and including MySQL 5.6.18, InnoDB would attempt to rename obsolete full-text search auxiliary tables on server startup, resulting in an assertion failure.
InnoDB: For each insert, memset would be called three times to allocate memory for system fields. To reduce CPU usage, the three memset calls are now combined into a single call.
InnoDB: Enabling the InnoDB Table Monitor would result in a ib_table->stat_initialized assertion failure.
InnoDB: Setting innodb_max_dirty_pages_pct=0 would leave 1% of dirty pages unflushed. Buffer pool flushing is initiated when the percentage of dirty pages is greater innodb_max_dirty_pages_pct. The internal variables that store the innodb_max_dirty_pages_pct value and the percentage of dirty pages (buf_get_modified_ratio_pct and srv_max_buf_pool_modified_pct) were defined as unsigned integer data types, which meant that a innodb_max_dirty_pages_pct value of 0 required a dirty pages percentage of 1 or greater to initiate buffer pool flushing.
To address this problem, the buf_get_modified_ratio_pct and srv_max_buf_pool_modified_pct internal variables are redefined as double data types, which changes the range value for innodb_max_dirty_pages_pct and innodb_max_dirty_pages_pct_lwm from 0 .. 99 to 0 .. 99.99. Additionally, buffer pool flushing is now initiated when the percentage of dirty pages is “greater than or equal to” innodb_max_dirty_pages_pct.
Replication: Log rotation events could cause group_relay_log_pos to be moved forward incorrectly within a group. This meant that, when the transaction was retried, or if the SQL thread was stopped in the middle of a transaction following one or more log rotations (such that the transaction or group spanned multiple relay log files), part or all of the group was silently skipped.
This issue has been addressed by correcting a problem in the logic used to avoid touching the coordinates of the SQL thread when updating the log position as part of a relay log rotation whereby it was possible to update the SQL thread's coordinates when not using a multi-threaded slave, even in the middle of a group.
Replication: When running the server with --gtid-mode=ON, STOP SLAVE followed by START SLAVE resulted in a mismatch between the information provided by INFORMATION_SCHEMA.INNODB_TEMP_TABLE_INFO and the Slave_open_temp_tables status variable: the INNODB_TEMP_TABLE_INFO table showed that no temporary tables existed, but Slave_open_temp_tables had a nonzero value.
Replication: In certain cases, the server mishandled triggers and stored procedures that tried to modify other tables when called by CREATE TABLE ... SELECT. This is now handled correctly as an error.
Replication: When used on a table employing a transactional storage engine, a failed TRUNCATE TABLE was still written to the binary log and thus replayed on the slave. This could lead to inconsistency when the master retained data that was removed on the slave.
Now in such cases TRUNCATE TABLE is logged only when it executes successfully.
Replication: The server did not always handle the auto.cnf file correctly in cases where this file's permissions were incorrect.
Replication: When the binary log was rotated due to receipt of a SIGHUP signal, the new binary log did not contain the Previous_gtid_event required for subsequent processing of that binary log's GTID events. Now when SIGHUP is received, steps are taken to insure that the server writes the necessary Previous_gtid_event to the new log before writing any GTID events to the new log.
Do it for all packages that
* mention perl, or
* have a directory name starting with p5-*, or
* depend on a package starting with p5-
like last time, for 5.18, where this didn't lead to complaints.
Let me know if you have any this time.
Functionality Added or Changed
Incompatible Change: The AES_ENCRYPT() and AES_DECRYPT() functions now permit control of the block encryption mode and take an optional initialization vector argument:
The new block_encryption_mode system variable controls the mode for block-based encryption algorithms. Its default value is aes-128-ecb, which signifies encryption using a key length of 128 bits and ECB mode.
An optional init_vector argument provides an initialization vector for encryption modes that require it:
AES_ENCRYPT(str,key_str[,init_vector])
AES_DECRYPT(crypt_str,key_str[,init_vector])
A random string of bytes to use for the initialization vector can be produced by calling the new RANDOM_BYTES() function.
For more information, see Encryption and Compression Functions.
These changes make statements that use AES_ENCRYPT() or AES_DECRYPT() unsafe for statement-based replication and they cannot be stored in the query cache. Queries that use RANDOM_BYTES() are unsafe for statement-based replication and cannot be stored in the query cache.
Incompatible Change: The ERROR_FOR_DIVISION_BY_ZERO, NO_ZERO_DATE, and NO_ZERO_IN_DATE SQL modes now are deprecated and setting the sql_mode value to include any of them generates a warning. In MySQL 5.7, these modes do nothing. Instead, their effects are included in the effects of strict SQL mode (STRICT_ALL_TABLES or STRICT_TRANS_TABLES). The motivation for the change in MySQL 5.7 is to reduce the number of SQL modes with an effect dependent on strict mode and make them part of strict mode itself.
To make advance preparation for an upgrade to MySQL 5.7, see SQL Mode Changes in MySQL 5.7. That discussion provides guidelines to assess whether your applications will be affected by the SQL mode changes in MySQL 5.7.
InnoDB: MySQL now supports rebuilding regular and partitioned InnoDB tables using online DDL (ALGORITHM=INPLACE) for the following operations:
OPTIMIZE TABLE
ALTER TABLE ... FORCE
ALTER TABLE ... ENGINE=INNODB (when run on an InnoDB table)
Online DDL support reduces table rebuild time and permits concurrent DML, which helps reduce user application downtime. For additional information, see Overview of Online DDL.
On Solaris, mysql_config --libs now includes -R/path/to/library so that libraries can be found at runtime.
mysql_install_db provides a more informative diagnostic message when required Perl modules are missing.
The IGNORE clause for ALTER TABLE is now deprecated and will be removed in a future version of MySQL. ALTER IGNORE TABLE causes problems for replication, prevents online ALTER TABLE for unique index creation, and causes problems with foreign keys (rows removed in the parent table).
Bugs Fixed
Functionality Added or Changed
* InnoDB: New global configuration parameters, innodb_status_output and innodb_status_output_locks, allow you to dynamically enable and disable the standard InnoDB Monitor and InnoDB Lock Monitor for periodic output. Enabling and disabling monitors for periodic output by creating and dropping specially named tables is deprecated and may be removed in a future release.
* Previously, ALTER TABLE in MySQL 5.6 could alter a table such that the result had temporal columns in both 5.5 and 5.6 format. Now ALTER TABLE upgrades old temporal columns to 5.6 format for ADD COLUMN, CHANGE COLUMN, MODIFY COLUMN, ADD INDEX, and FORCE operations. This conversion cannot be done using the INPLACE algorithm, so specifying ALGORITHM=INPLACE in these cases results in an error.
* CMake now supports a -DTMPDIR=dir_name option to specify the default tmpdir value. If unspecified, the value defaults to P_tmpdir in <stdio.h>.
Bugs Fixed
* InnoDB; Replication: Using the InnoDB memcached plugin (see InnoDB Integration with memcached) with innodb_api_enable_binlog set to 1 caused the server to leak memory.
* InnoDB: A boolean mode full-text search query would result in a memory access violation during parsing.
* InnoDB: When new indexes are added by an ALTER TABLE operation, instead of only saving table-level statistics and statistics for the new indexes, InnoDB would save statistics for the entire table, including the table's other indexes. This behavior slowed ALTER TABLE performance.
* InnoDB: Due to a parser error, full-text search queries that include a sub-expression could return the wrong result.
* InnoDB: The innochecksum tool did not use a Windows-specific API to retrieve file size information, which resulted in an incorrect error message (Error: ibdata1 cannot be found) when the MySQL 5.6 innochecksum 2GB file size limit was exceeded. innochecksum now provides support for files larger than 2GB in both MySQL 5.6 and MySQL 5.7.
* InnoDB: Due to a regression introduced by the fix for Bug17371537, memory was not allocated for the default memcached engine when using the default memcached engine as the backstore for data instead of InnoDB.
* InnoDB: InnoDB would report an incorrect operating system error code after failing to initialize.
* InnoDB: Manipulating a table after discarding its tablespace using ALTER TABLE ... DISCARD TABLESPACE could result in a serious error.
* InnoDB: Persistent optimizer statistics would cause stalls due to latch contention.
* InnoDB: MATCH() ... AGAINST queries that use a long string as an argument for AGAINST() could result in an error when run on an InnoDB table with a full-text search index.
* InnoDB: An InnoDB full-text search failure would occur due to an “unended” token. The string and string length should be passed for string comparison.
* InnoDB: In debug builds, a merge insert buffer during a page read would cause a memory access violation.
* InnoDB: Truncating a memcached InnoDB table while memcached is performing DML operations would result in a serious error.
* InnoDB: In sync0rw.ic, rw_lock_x_lock_func_nowait would needlessly call os_thread_get_curr_id.
* InnoDB: Attempting to rename a table to a missing database would result in a serious error.
more...