./databases/mysql55-server, MySQL 5, a free SQL database (server)

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 5.5.58, Package name: mysql-server-5.5.58, Maintainer: pkgsrc-users

MySQL is a SQL (Structured Query Language) database server. SQL is the most
popular database language in the world. MySQL is a client-server implementation
that consists of a server daemon `mysqld' and many different client
programs/libraries.

The main goals of MySQL are speed and robustness.

The base upon which MySQL is built is a set of routines that have been used in
a highly demanding production environment for many years. While MySQL is still
in development it already offers a rich and highly useful function set.

The official way to pronounce 'MySQL' is 'My Ess Que Ell' (Not MY-SEQUEL).

This package contains the MySQL server programs and libraries including
embedded server (by PKG_OPTION).

DEINSTALL [+/-]
MESSAGE.sphinx [+/-]

Required to run:
[databases/mysql55-client]

Required to build:
[pkgtools/cwrappers]

Package options: embedded-server

Master sites: (Expand)

SHA1: 37be5e62011113e4c5c1b3095d714cc9800b11df
RMD160: b3cfa70bd59f6a774057d76be6924b06c274b733
Filesize: 20552.59 KB

Version history: (Expand)


CVS history: (Expand)


   2017-07-19 20:48:22 by Adam Ciarcinski | Files touched by this commit (10) | Package updated
Log message:
Security Notes
* Security Fix: The linked OpenSSL library for the MySQL Commercial Server has \ 
been updated to version 1.0.2l. Issues fixed in the new OpenSSL version are \ 
described at http://www.openssl.org/news/vulnerabilities.html.
  This change does not affect the Oracle-produced MySQL Community build of MySQL \ 
Server, which uses the yaSSL library instead.

Platform-Specific Notes
* Linux: The generic Linux build for MySQL 5.6 is now built on Oracle Linux 6 \ 
using glibc 2.12. Systems that use the build need to have glibc 2.12 or later \ 
installed on them.

Functionality Added or Changed
* For Windows, MSI installer packages now include a check for the required \ 
Visual Studio redistributable package, and produce a message asking the user to \ 
install it if it is missing.
* The mysql client now supports a --binary-as-hex option that causes display of \ 
binary data using hexadecimal notation (0xvalue). Thanks to Daniël van Eeden \ 
for the patch.
* mysqlaccess now looks for its configuration file only in the SYSCONFDIR \ 
directory and /etc.

Bugs Fixed
* InnoDB: The server allocated memory unnecessarily for an operation that \ 
rebuilt the table.
* InnoDB: When using an index merge optimizer switch, a SELECT COUNT(*) \ 
operation sometimes returned 0. Partitioning code incorrectly performed a memcpy \ 
instead of a column copy of columns read by the index, causing the wrong records \ 
to be copied.
* Replication: A USE statement that followed a SET GTID_NEXT statement sometimes \ 
had no effect.
* Replication: If the binary log on a master server was rotated and a full disk \ 
condition occurred on the partition where the binary log file was being stored, \ 
the server could stop unexpectedly. The fix adds a check for the existence of \ 
the binary log when the dump thread switches to next binary log file. If the \ 
binary log is disabled, all binary logs up to the current active log are \ 
transmitted to slave and an error is returned to the receiver thread.
* Replication: If a relay log index file named relay log files that did not \ 
exist, RESET SLAVE ALL sometimes did not fully clean up properly.
* Replication: mysqlbinlog, if invoked with the --raw option, does not flush the \ 
output file until the process terminates. But if also invoked with the \ 
--stop-never option, the process never terminates, thus nothing is ever written \ 
to the output file. Now the output is flushed after each event.
* Replication: A memory leak in mysqlbinlog was fixed. The leak happened when \ 
processing fake rotate events, or when using --raw and the destination log file \ 
could not be created. The leak only occurred when processing events from a \ 
remote server. Thanks to Laurynas Biveinis for his contribution to fixing this \ 
bug.
* Replication: Multi-threaded slaves could not be configured with small queue \ 
sizes using slave_pending_jobs_size_max if they ever needed to process \ 
transactions larger than that size. Any packet larger than \ 
slave_pending_jobs_size_max was rejected with the error \ 
ER_MTS_EVENT_BIGGER_PENDING_JOBS_SIZE_MAX, even if the packet was smaller than \ 
the limit set by slave_max_allowed_packet.
* With this fix, slave_pending_jobs_size_max becomes a soft limit rather than a \ 
hard limit. If the size of a packet exceeds slave_pending_jobs_size_max but is \ 
less than slave_max_allowed_packet, the transaction is held until all the slave \ 
workers have empty queues, and then processed. All subsequent transactions are \ 
held until the large transaction has been completed. The queue size for slave \ 
workers can therefore be limited while still allowing occasional larger \ 
transactions.
* mysqldump could write database names in USE statements incorrectly.
* If the mysql_stmt_close() C API function was called, it freed memory that \ 
later could be accessed if mysql_stmt_error(), mysql_stmt_errno(), or \ 
mysql_stmt_sqlstate() was called. To obtain error information after a call to \ 
mysql_stmt_close(), call mysql_error(), mysql_errno(), or mysql_sqlstate() \ 
instead.
* Queries could be cached incorrectly, leading to incorrect query results, under \ 
these circumstances: InnoDB table; rows are being inserted but have not yet been \ 
committed; a query uses the table as a base table in a derived table; the \ 
optimizer chooses to materialize the derived table.
* Man pages for a few utilities were missing from Debian/Ubuntu packages.
* The field-t unit test failed to run with AddressSanitizer enabled. Thanks to \ 
Laurynas Biveinis for the patch.
* Debian client packages were missing information about conflicts with native \ 
packages.
* The Perl path in #! lines at the beginning of Perl scripts has been adjusted \ 
to /usr/local/bin/perl for FreeBSD 11.
* The server exited abnormally attempting to access invalid memory.
* A race condition could occur for CREATE TABLE statements with DATA DIRECTORY \ 
or INDEX DIRECTORY clauses.
* MySQL compilation in different directories produced different builds to \ 
leakage of absolute paths into debug information and __FILE__.
* mysqld_failed to start the server if the --datadir option was specified with a \ 
relative path name.
* With read_only enabled, creation of non-TEMPORARY tables by non-SUPER users \ 
was permitted under certain conditions.
*Certain stored functions, if used in a query WHERE clause, could be handled \ 
using Index Condition Pushdown (which should not happen), resulting in a server \ 
exit.
* On x86 machines, the uint3korr() macro read 4 bytes of data instead of the \ 
intended 3 bytes.
* An assertion was raised during a fetch operation by the memcached plugin.
* Queries that contained UNION in a subquery and GROUP BY could return incorrect \ 
results.
* LOAD XML INFILE performance became noticeably slower when the XML file being \ 
read contained a great many spaces, such as those introduced by indenting or \ 
pretty-printing. Now all leading whitespace is trimmed from each such value \ 
before reading it into memory.
   2017-06-24 17:18:43 by Amitai Schleier | Files touched by this commit (8) | Package updated
Log message:
Disassociate from controlling terminal (using Perl, already a
dependency) and run the logger as ${mysqld_user}, not root.
Bump PKGREVISIONs.
   2016-12-12 20:22:57 by Adam Ciarcinski | Files touched by this commit (3)
Log message:
Changes 5.5.54:

Security Notes
--------------
Incompatible Change: These changes were made to mysqld_safe:
* Unsafe use of rm and chown in mysqld_safe could result in privilege \ 
escalation. chown now can be used only when the target directory is /var/log. An \ 
incompatible change is that if the directory for the Unix socket file is \ 
missing, it is no longer created; instead, an error occurs. Due to these \ 
changes, /bin/bash is required to run mysqld_safe on Solaris. /bin/sh is still \ 
used on other Unix/Linux platforms.
* The --ledir option now is accepted only on the command line, not in option files.
* mysqld_safe ignores the current working directory.

Other related changes:
* Initialization scripts that invoke mysqld_safe pass --basedir explicitly.
* Initialization scripts create the error log file only if the base directory is \ 
/var/log or /var/lib.
* Unused systemd files for SLES were removed.

Bugs Fixed
   2016-10-12 18:57:30 by Adam Ciarcinski | Files touched by this commit (3)
Log message:
Changes 5.5.53:
Packaging Notes
---------------
RPM packages now create the /var/lib/mysql-files directory, which is now the \ 
default value of the secure_file_priv system variable that specifies a directory \ 
for import and export operations.

Security Notes
--------------
Incompatible Change: The secure_file_priv system variable is used to limit the \ 
effect of data import and export operations.

Functionality Added or Changed
------------------------------
yaSSL was upgraded to version 2.4.2. This upgrade corrects issues with: \ 
Potential AES side channel leaks; DSA padding for unusual sizes; the \ 
SSL_CTX_load_verify_locations() OpenSSL compatibility function failing to handle \ 
long path directory names.
   2016-09-07 15:13:36 by Adam Ciarcinski | Files touched by this commit (3)
Log message:
Changes in MySQL 5.5.52 (2016-09-06)

Bugs Fixed
----------
Replication: mysqlbinlog --read-from-remote-server log1 log2 was opening a new \ 
connection for log2 without freeing the connection used for log1. Thanks to \ 
Laurynas Biveinis for the contribution. (Bug 81675, Bug 23540182)

For mysqld_safe, the argument to --malloc-lib now must be one of the directories \ 
/usr/lib, /usr/lib64, /usr/lib/i386-linux-gnu, or /usr/lib/x86_64-linux-gnu. In \ 
addition, the --mysqld and --mysqld-version options can be used only on the \ 
command line and not in an option file. (Bug 24464380)

It was possible to write log files ending with .ini or .cnf that later could be \ 
parsed as option files. The general query log and slow query log can no longer \ 
be written to a file ending with .ini or .cnf. (Bug 24388753)

Privilege escalation was possible by exploiting the way REPAIR TABLE used \ 
temporary files. (Bug 24388746)

Certain internal character-handling functions could fail to handle a too-large \ 
character and cause a server exit. (Bug 23296299)

A blank server name in CREATE SERVER statements produced a server exit rather \ 
than an error. (Bug 23295288)

The optimizer failed to check a function return value for an area calculation, \ 
leading to a server exit. (Bug 23280059)

A prepared statement that used a parameter in the select list of a derived table \ 
that was part of a join could cause a server exit. (Bug 22392374, Bug 24380263)

MEDIUMINT columns used in operations with long integer values could result in \ 
buffer overflow. (Bug 19984392)

EINTR handling in the client library has been fixed so that interrupted read and \ 
write calls are retried. Previously, EINTR was ignored. (Bug 82019, Bug \ 
23703570)
   2016-08-04 12:09:46 by Adam Ciarcinski | Files touched by this commit (5) | Package updated
Log message:
Changes 5.5.51:
Bugs Fixed

Replication: When using statement-based or mixed binary logging format with \ 
--read-only=ON, it was not possible to modify temporary tables.

MySQL Server upgrades performed using RPM packages failed when upgrading from \ 
MySQL 5.1 Community to MySQL 5.5 Community or MySQL 5.1 Commercial to MySQL 5.5 \ 
Commercial.

A buffer overflow in the regex library was fixed.

Certain arguments to NAME_CONST() could cause a server exit.

Installing MySQL from a yum or zypper repository resulted in /var/log/mysqld.log \ 
being created with incorrect user and group permissions.

If a stored function updated a view for which the view table had a trigger \ 
defined that updated another table, it could fail and report an error that an \ 
existing table did not exist.

If an INSTALL PLUGIN statement contained invalid UTF-8 characters in the shared \ 
library name, it caused the server to hang (or to raise an assertion in debug \ 
builds).

For multibyte character sets, LOAD DATA could fail to allocate space correctly \ 
and ignore input rows as a result.
   2016-06-14 18:49:17 by Adam Ciarcinski | Files touched by this commit (3) | Package updated
Log message:
Changes 5.5.0:

Functionality Added or Changed

The version of the tcmalloc library included in MySQL distributions was very \ 
old. It has been removed and is no longer included with MySQL.

Bugs Fixed

INSERT with ON DUPLICATE KEY UPDATE and REPLACE on a table with a foreign key \ 
constraint defined failed with an incorrect “duplicate entry” error \ 
rather than a foreign key constraint violation error.

Setting sort_buffer_size to a very large value could cause some operations to \ 
fail with an out-of-memory error.

Several potential buffer overflow issues were corrected.

If the CA certificate as given to the --ssl-ca option had an invalid path, yaSSL \ 
returned an error message different from OpenSSL. Now both return SSL connection \ 
error: SSL_CTX_set_default_verify_paths failed.

Some string functions returned one or a combination of their parameters as their \ 
result. If one of the parameters had a non-ASCII character set, the result \ 
string had the same character set, resulting in incorrect behavior when an ASCII \ 
string was expected.

A null pointer dereference of a parser structure could occur during stored \ 
procedure name validation.

mysqld_multi displayed misleading error messages when it was unable to execute \ 
my_print_defaults.
   2016-06-08 12:16:57 by Jonathan Perkin | Files touched by this commit (89)
Log message:
Remove the stability entity, it has no meaning outside of an official context.