|| ||Kent Boortz <kent.boortz-AT-sun.com>|
|| ||announce-AT-lists.mysql.com, mysql-AT-lists.mysql.com, packagers-AT-lists.mysql.com|
|| ||MySQL 5.1.28-rc has been released|
|| ||Sat, 13 Sep 2008 16:15:37 +0200|
Dear MySQL users,
We are proud to present to you the MySQL Server 5.1.28-rc release,
a new "release candidate" version of the popular open source database.
Bear in mind that this is still a "candidate" release, and as with any
other pre-production release, caution should be taken when installing
on production level systems or systems with critical data.
For production level systems using 5.0, we would like to direct your
attention to the product description of MySQL Enterprise at:
The MySQL 5.1.28-rc release is now available in source and binary form
for a number of platforms from our download pages at
and mirror sites. Note that not all mirror sites may be up to date at
this point in time, so if you can't find this version on some mirror,
please try again later or choose another download site.
We welcome and appreciate your feedback, bug reports, bug fixes,
The following section lists the changes from version to version in the
MySQL source code since the latest released version of MySQL 5.1, the
MySQL 5.1.26-rc release. It can also be viewed online at
The MySQL build team at Sun Microsystems
Important bugs fixed (5.1.28):
* Important Change: Security Fix: It was possible to circumvent
privileges through the creation of MyISAM tables employing the
DATA DIRECTORY and INDEX DIRECTORY options to overwrite
existing table files in the MySQL data directory. Use of the
MySQL data directory in DATA DIRECTORY and INDEX DIRECTORY is
now disallowed. This is now also true of these options when
used with partitioned tables and individual partitions of such
tables.(Bug#32167: http://bugs.mysql.com/32167, CVE-2008-2079
* Security Enhancement: The server consumed excess memory while
parsing statements with hundreds or thousands of nested
boolean conditions (such as OR (OR ... (OR ... ))). This could
lead to a server crash or incorrect statement execution, or
cause other client statements to fail due to lack of memory.
The latter result constitutes a denial of service.
* Incompatible Change: An additional correction to the original
MySQL 5.1.23 fix was made to normalize directory names before
adding them to the list of directories. This prevents "/etc/"
and "/etc" from being considered different, for example.
See also Bug#38180: http://bugs.mysql.com/38180
Important bugs fixed (5.1.27, not released):
* Partitioning: Incompatible Change: On Mac OS X with
"lower_case_table_names = 2", the server could not read
partitioned tables whose names contained uppercase letters.
Partitioned tables using mixed case names should be renamed or
dropped before upgrading to this version of the server on Mac
OS X. (Bug#37402: http://bugs.mysql.com/37402)
* Partitioning: Incompatible Change: This restores functionality
missing since the removal of ALTER TABLE ... ANALYZE
PARTITION, ALTER TABLE ... CHECK PARTITION, ALTER TABLE ...
OPTIMIZE PARTITION, and ALTER TABLE ... REPAIR PARTITION in
MySQL 5.1.24. (Bug#20129: http://bugs.mysql.com/20129)
Bugs fixed (5.1.28):
* Partitioning: When a partitioned table had a TIMESTAMP column
defined with CURRENT_TIMESTAMP as the default but with no ON
UPDATE clause, the column's value was incorrectly set to
CURRENT_TIMESTAMP when updating across partitions.
* Partitioning: A LIST partitioned MyISAM table returned
erroneous results when an index was present on a column in the
WHERE clause and NOT IN was used on that column.
Searches using the index were also much slower then if the
index were not present.
* Partitioning: SELECT COUNT(*) was not correct for some
partitioned tables using a storage engine that did not support
HA_STATS_RECORDS_IS_EXACT. Tables using the ARCHIVE storage
engine were known to be affected.
This was because ha_partition::records() was not implemented,
and so the default handler::records() was used in its place.
However, this is not correct behavior if the storage engine
does not support HA_STATS_RECORDS_IS_EXACT.
The solution was to implement ha_partition::records() as a
wrapper around the underlying partition records.
As a result of this fix, the rows column in the output of
EXPLAIN PARTITIONS now includes the total number of records in
the partitioned table.
* Partitioning: When one user was in the midst of a transaction
on a partitioned table, a second user performing an ALTER
TABLE on this table caused the server to hang.
* Replication: Some kinds of internal errors (such as Out of
stack) cuased the server to crash.
* Replication: Row-based replication did not correctly copy
TIMESTAMP values from a big-endian storage engine to a
little-endian storage engine.
* Replication: INSTALL PLUGIN and UNINSTALL PLUGIN caused
row-based replication to fail. Note that these statements are
not replicated; howver, when using row-based logging, the
changes they introduce in mysql system tables are written
to the binary log.
* Server-side cursors were not initialized properly, which could
cause a server crash. (Bug#38486: http://bugs.mysql.com/38486)
* A server crash or Valgrind warnings could result when a stored
procedure selected from a view that referenced a function.
* Incorrect handling of aggregate functions when loose index
scan was used caused a server crash.
* Over-aggressive lock acquisition by InnoDB could result in
performance degradation when multiple threads were executing
statements on multi-core machines.
* The fix for Bug#20748: http://bugs.mysql.com/20748 caused a
problem such that on Unix, MySQL programs looked for options
in "~/my.cnf" rather than the standard location of "~/.my.cnf".
* If the table definition cache contained tables with many BLOB
columns, much memory could be allocated to caching BLOB
values. Now a size limit on the cached BLOB values is
enforced. (Bug#38002: http://bugs.mysql.com/38002)
* For InnoDB tables, ORDER BY ... DESC sometimes returned
results in ascending order.
* If a table has a BIT NOT NULL column c1 with a length shorter
than 8 bits and some additional NOT NULL columns c2, ..., and
a SELECT query has a WHERE clause of the form (c1 = constant)
AND c2 ..., the query could return an unexpected result set.
* The server returned unexpected results if a right side of the
NOT IN clause consisted of the NULL value and some constants
of the same type. For example, this query might return 3, 4,
5, and so forth if a table contained those values:
SELECT * FROM t WHERE NOT t.id IN (NULL, 1, 2);
* Setting the session value of the innodb_table_locks system
variable caused a server crash.
* Nesting of IF() inside of SUM() could cause an extreme server
slowdown. (Bug#37662: http://bugs.mysql.com/37662)
* Killing a query that used an EXISTS subquery as the argument
to SUM() or AVG() caused a server crash.
* When using indexed ORDER BY sorting, incorrect query results
could be produced if the optimizer switched from a covering
index to a non-covering index.
* myisamchk failed with an assertion error when analyzing a
partitioned MyISAM table.
* After TRUNCATE TABLE for an InnoDB table, inserting explicit
values into an AUTO_INCREMENT column could fail to increment
the counter and result in a duplicate-key error for subsequent
insertion of NULL. (Bug#37531: http://bugs.mysql.com/37531)
* Within stored programs or prepared statements, REGEXP could
return incorrect results due to improper initialization.
* For a MyISAM table with CHECKSUM = 1 and ROW_FORMAT = DYNAMIC
table options, a data consistency check (maximum record
length) could fail and cause the table to be marked as
corrupted. (Bug#37310: http://bugs.mysql.com/37310)
* The max_length result set metadata value was calculated
incorrectly under some circumstances.
* Some performance problems of SHOW ENGINE INNODB STATUS were
reduced by removing the used cells and Total number of lock
structs in row lock hash table clauses from the output. These
are now present only if UNIV_DEBUG is defined at MySQL build
time. (Bug#36941: http://bugs.mysql.com/36941)
* If the length of a field was 3, internal InnoDB to integer
type conversion didn't work on big-endian machines in the
* The CSV storage engine returned success even when it failed to
open a table's data file.
* SELECT DISTINCT from a simple view on an InnoDB table, where
all selected columns belong to the same unique index key,
returned incorrect results.
* SHOW STATUS took a lot of CPU time for calculating the value
of the Innodb_buffer_pool_pages_latched status variable. Now
this variable is calculated and included in the output of SHOW
STATUS only when the UNIV_DEBUG symbol is defined at server
build time. (Bug#36600: http://bugs.mysql.com/36600)
* Dumping information about locks in use by sending a SIGHUP
signal to the server or by invoking the mysqladmin debug
command could lead to a server crash in debug builds or to
undefined behavior in production builds.
* If initialization of an INFORMATION_SCHEMA plugin failed,
INSTALL PLUGIN freed some internal plugin data twice.
* For InnoDB tables, the DATA_FREE column of the
INFORMATION_SCHEMA.TABLES displayed free space in kilobytes
rather than bytes. Now it displays bytes.
* When the fractional part in a multiplication of DECIMAL values
overflowed, the server truncated the first operand rather than
the longest. Now the server truncates so as to produce more
* The mysql client failed to recognize comment lines consisting
of "--" followed by a newline.
* The server could crash with an assertion failure (or cause the
client to get a "Packets out of order" error) when the
expected query result is that it should terminate with a
"Subquery returns more than 1 row" error.
* The UUID() function returned UUIDs with the wrong time; this
was because the offset for the time part in UUIDs was
miscalculated. (Bug#35848: http://bugs.mysql.com/35848)
* The configure script did not allow utf8_hungarian_ci to be
specified as the default collation.
* On 64-bit systems, assigning values of 2 ^63 - 1 or larger to
key_buffer_size caused memory overruns.
* For InnoDB tables, REPLACE statements used "traditional" style
locking, regardless of the setting of
innodb_autoinc_lock_mode. Now REPLACE works the same way as
"simple inserts" instead of using the old locking algorithm.
(REPLACE statements are treated in the same way as as INSERT
statements.) (Bug#35602: http://bugs.mysql.com/35602)
* Freeing of an internal parser stack during parsing of complex
stored programs caused a server crash.
* mysqlbinlog left temporary files on the disk after shutdown,
leading to the pollution of the temporary directory, which
eventually caused mysqlbinlog to fail. This caused problems in
testing and other situations where mysqlbinlog might be
invoked many times in a relatively short period of time.
* Index scans performed with the sort_union() access method
returned bad data when the sort_buffer_size limit was reached.
* MyISAM recovery enabled with the '--myisam-recover' option did
not work for partitioned MyISAM tables.
* Table checksum calculation could cause a server crash for
FEDERATED tables with BLOB columns containing NULL values.
* A significant slowdown occurred when many SELECT statements
that return many rows from InnoDB tables were running
concurrently. (Bug#34409: http://bugs.mysql.com/34409)
* mysql_install_db failed if the server was running with an SQL
mode of TRADITIONAL. This program now resets the SQL mode
internally to avoid this problem.
* Fast ALTER TABLE operations were not fast for columns that
used multibyte character sets.
* The internal functions my_getsystime(), my_micro_time(), and
my_micro_time_and_time() did not work correctly on Windows.
One symptom was that uniqueness of UUID() values could be
compromised. (Bug#33748: http://bugs.mysql.com/33748)
* Cached queries that used 256 or more tables were not properly
cached, so that later query invalidation due to a TRUNCATE
TABLE for one of the tables caused the server to hang.
* mysql_upgrade attempted to use the "/proc" filesystem even on
systems that do not have it.
* mysqlbinlog now supports '--verbose' and
'--base64-output=DECODE-ROWS' options to display row events as
commented SQL statements. (The default otherwise is to display
row events encoded as base-64 strings using BINLOG
statements.) See Section 220.127.116.11, "mysqlbinlog Row Event
Display." (Bug#31455: http://bugs.mysql.com/31455)
* Several MySQL programs could fail if the HOME environment
variable had an empty value.
* On NetWare, mysql_install_db could appear to execute normally
even if it failed to create the initial databases.
* The Serbian translation for the ER_INCORRECT_GLOBAL_LOCAL_VAR
error was corrected. (Bug#29738: http://bugs.mysql.com/29738)
* The BUILD/check-cpu build script failed if gcc had a different
name (such as gcc.real on Debian).
* In some cases, the parser interpreted the ; character as the
end of input and misinterpreted stored program definitions.
* The FLUSH PRIVILEGES statement did not produce an error when
it failed. (Bug#21226: http://bugs.mysql.com/21226)
* After executing a prepared statement that accesses a stored
function, the next execution would fail to find the function
if the stored function cache was flushed in the meantime.
Bugs fixed (5.1.27, not released):
* Replication: Issuing a DROP DATABASE while any temporary
tables were open caused the server to switch to
statement-based mode. (Bug#38773: http://bugs.mysql.com/38773)
* Replication: The '--replicate-*-table' options were not
evaluated correctly when replicating multi-table updates.
As a result of this fix, replication of multi-table updates no
longer fails when an update references a missing table but
does not update any of its columns.
* The fix for Bug#33812: http://bugs.mysql.com/33812 had the
side effect of causing the mysql client not to be able to read
some dump files produced with mysqldump. To address this, that
fix was reverted. (Bug#38158: http://bugs.mysql.com/38158)
Functionality added or changed (5.1.27, not released):
* "mysqltest" now installs signal handlers and generates a stack
trace if it crashes. (Bug#37003: http://bugs.mysql.com/37003)
* "mysql-test-run.pl" now supports '--client-bindir' and
'--client-libdir' options for specifying the directory where
client binaries and libraries are located.
Kent Boortz, Senior Production Engineer
Sun Microsystems Inc., the MySQL team
Office: +46 863 11 363
Mobile: +46 70 279 11 71
to post comments)