Log message:
*: Recursive revbump from Boost 1.81.0

Log message:
mysql57: updated to 5.7.40

Changes in MySQL 5.7.40

Functionality Added or Changed

Important Change: The linked OpenSSL library for MySQL Server has been updated \ 
to version 1.1.1q. Issues fixed in OpenSSL version 1.1.1q are described at \ 
https://www.openssl.org/news/cl111.txt and \ 
https://www.openssl.org/news/vulnerabilities.html.

The linked curl library for MySQL Server (Enterprise Edition) has been updated \ 
to version 7.84.0.

MySQL Server’s AES_ENCRYPT() and AES_DECRYPT() functions now support the use \ 
of a key derivation function (KDF) to create a cryptographically strong secret \ 
key from information such as a password or a passphrase that you pass to the \ 
function. The derived key is used to encrypt and decrypt the data, and it \ 
remains in the MySQL Server instance and is not accessible to users. Using a KDF \ 
is highly recommended, as it provides better security than specifying your own \ 
premade key or deriving it by a simpler method when you use the function. The \ 
functions support HKDF (available from OpenSSL 1.1.0), for which you can specify \ 
an optional salt and context-specific information to include in the keying \ 
material, and PBKDF2 (available from OpenSSL 1.0.2), for which you can specify \ 
an optional salt and set the number of iterations used to produce the key.

Bugs Fixed

InnoDB: In debug builds, a descending b-tree scan raised a debug assertion failure.

InnoDB: An index latch order violation in dict_table_x_lock_indexes() caused an \ 
assertion failure.

InnoDB: A TRUNCATE TABLE operation failed to free an acquired mutex in specific \ 
cases.

The server did not always process nested views as expected.

mysqlpump might not be given the correct permissions to use derived tables \ 
(tables that are generated by a query FROM clause), causing the dump process to \ 
stop if these were present. Derived tables are now handled separately and \ 
privileges are set for them.

When using --log-timestamps=SYSTEM, ISO 8601 timestamps in log messages did not \ 
take account of daylight saving time.

The GRANT OPTION privilege was treated as related to database operations.

Changes in MySQL 5.7.39

Compilation Notes

Added macOS/ARM support.

On Windows, improved the generated INFO_BIN and INFO_SRC files.

Keyring Notes

The keyring_aws plugin has been updated to use the latest AWS Encryption SDK for \ 
C (version 1.9.186).

The keyring_aws_region variable supports the additional AWS regions supported by \ 
the new SDK. Refer to the variable description for a list of supported AWS \ 
regions.

Performance Schema Notes

The SHOW PROCESSLIST statement provides process information by collecting thread \ 
data from all active threads. However, because the implementation iterates \ 
across active threads from within the thread manager while holding a global \ 
mutex, it has negative performance consequences, particularly on busy systems.

An alternative SHOW PROCESSLIST implementation is now available based on the new \ 
Performance Schema processlist table. This implementation queries active thread \ 
data from the Performance Schema rather than the thread manager and does not \ 
require a mutex:

To enable the alternative implementation, enable the \ 
performance_schema_show_processlist system variable.

Note
The processlist table is automatically created in the Performance Schema for new \ 
installations of MySQL 5.7.39, or higher, and upgrades to MySQL 5.7.39, or \ 
higher.

The alternative implementation of SHOW PROCESSLIST also applies to the \ 
mysqladmin processlist command.

The alternative implementation does not apply to the INFORMATION_SCHEMA \ 
PROCESSLIST table or the COM_PROCESS_INFO command of the MySQL client/server \ 
protocol.

To ensure that the default and alternative implementations yield the same \ 
information, certain configuration requirements must be met; see The processlist \ 
Table.

Functionality Added or Changed

Important Change: The linked curl library for MySQL Server (Enterprise Edition) \ 
has been updated to version 7.83.1.

Important Change: The linked OpenSSL library for MySQL Server has been updated \ 
to version 1.1.1o. Issues fixed in OpenSSL version 1.1.1o are described at \ 
https://www.openssl.org/news/cl111.txt and \ 
https://www.openssl.org/news/vulnerabilities.html.

The myisam_repair_threads system variable and myisamchk --parallel-recover \ 
option were removed.

Bugs Fixed

InnoDB: A 4GB tablespace file size limit on Windows 32-bit systems has been \ 
removed. The limit was due to an incorrect calculation performed while extending \ 
the tablespace.

Replication: The write sets extracted by MySQL Replication from transactions \ 
when the transaction_write_set_extraction system variable is enabled (which is \ 
the default) are extracted from primary keys, unique keys, and foreign keys. \ 
They are used to detect dependencies and conflicts between transactions. \ 
Previously, write sets involving multi-column foreign keys were incorrectly \ 
identifying each column as a separate foreign key. The issue has now been fixed \ 
and foreign key write sets include all referenced key columns.

Replication: When the --replicate-same-server-id option was used to make the \ 
replica not skip events that have its own server ID, if the log file was \ 
rotated, replication stopped with an error. The log rotation event now checks \ 
and applies the current value of the option.

Under certain circumstances TRUNCATE performance_schema.accounts caused \ 
duplicated counts in global_status.

This occurred only if the following was true:

If show_compatibility_56 is set to 0, aggregating status variables by accounts, \ 
users and hosts.

If some hosts were not instrumented. For example, if \ 
performance_schema_hosts_size was set to a low value.

Our thanks to Yuxiang Jiang and the Tencent team for the contribution.

Upgraded the bundled zlib library to zlib 1.2.12. Also made zlib 1.2.12 the \ 
minimum zlib version supported, and removed WITH_ZLIB from the WITH_SYSTEM_LIBS \ 
CMake option.

If an incorrect value was set for the binlog_checksum system variable during a \ 
session, a COM_BINLOG_DUMP command made in the same session to request a binary \ 
log stream from a source failed. The server now validates the specified checksum \ 
value before starting the checksum algorithm setup process.

Log message:
*: recursive bump for perl 5.36

Log message:
mysql57: updated to 5.7.38

Changes in MySQL 5.7.38

SQL Function and Operator Notes

When the mysql client was started with --default-character-set=utf8mb4, \ 
successive calls to the UUID() function returned duplicate values.

Security Notes

The linked OpenSSL library for MySQL Server has been updated to version 1.1.1n \ 
from 1.1.1l. Issues fixed in OpenSSL are described at \ 
https://www.openssl.org/news/cl111.txt and at \ 
http://www.openssl.org/news/vulnerabilities.html.

Functionality Added or Changed

The default for the group_replication_transaction_size_limit system variable, \ 
which sets the maximum transaction size that a replication group accepts, is \ 
changed from zero (no limit) to 150000000 bytes (approximately 143 MB), which is \ 
the same as the default in MySQL 8.0. Setting a limit for this system variable \ 
by default helps to avoid delays or errors caused by excessively large \ 
transactions. Transactions above the limit are rolled back and are not sent to \ 
Group Replication's Group Communication System (GCS) for distribution to the \ 
group. If your Group Replication servers previously accepted transactions larger \ 
than the new default limit, and you were allowing \ 
group_replication_transaction_size_limit to default to the old zero limit, those \ 
transactions will start to fail after the upgrade to the new default. You must \ 
either specify an appropriate size limit that allows the maximum message size \ 
you need the group to tolerate (which is the recommended solution), or specify 
a zero setting to restore the previous behavior.

The myisam_repair_threads system variable and myisamchk --parallel-recover \ 
option are deprecated; expect support for both to be removed in a future release \ 
of MySQL.

Values other than 1 (the default) for myisam_repair_threads produce a warning.

Bugs Fixed

InnoDB: A missing null pointer check for an index instance caused a failure.

InnoDB: Purge threads processed undo records of an encrypted table for which the \ 
tablespace was not loaded, causing a failure.

InnoDB: Incorrect AUTO_INCREMENT values were generated when the maximum integer \ 
column value was exceeded. The error was due to the maximum column value not \ 
being considered. The previous valid AUTO_INCREMENT value should have been \ 
returned in this case, causing a duplicate key error.

Partitioning: In some cases, establishing a connection to MySQL server could \ 
fail if the .ibd file for a partition was missing.

Statements that cannot be parsed (due, for example, to syntax errors) are no \ 
longer written to the slow query log.

It was not possible to revoke the DROP privilege on the Performance Schema.

A page cleaner thread timed out as it waited for an exclusive lock on an index \ 
page held by a full-text index creation operation on a large table.

A memory leak occurred if mysqldump was used on more than one table with the \ 
--order-by-primary option. The memory allocated for sorting each table’s rows \ 
is now freed after every table, rather than only once.

mysqld_safe log message textual errors were corrected.

Log message:
mysql57: updated to 5.7.37

Changes in MySQL 5.7.37

Audit Log Notes

Previously, each event logged by MySQL Enterprise Audit included the SQL \ 
statement literal text. To provide an alternative (because it is possible that \ 
statements contain sensitive information), the audit log filtering language now \ 
supports logging a statement's digest rather than its literal text. For example, \ 
instead of logging this statement:

SELECT * FROM orders WHERE some_sensitive_column=1234567
The audit log plugin can log this digest:

SELECT * FROM `orders` WHERE `some_sensitive_column` = ?
This is similar to what is already logged for prepared statements, for which \ 
parameter markers appear rather than actual data values.

To perform digest logging, use audit filter definitions that replace the \ 
statement literal text by its corresponding digest, as discussed in Replacement \ 
of Event Field Values.

Because text replacement occurs at an early auditing stage (during filtering), \ 
the choice of whether to log statement literal text or digest values applies \ 
regardless of log format written later (that is, whether the audit log plugin \ 
produces XML or JSON output).

Compilation Notes

Binary packages that include curl rather than linking to the system curl library \ 
have been upgraded to use curl 7.80.0.

SQL Function and Operator Notes

Queries making use of the MBRContains() function did not employ all available \ 
spatial indexes.

The FORMAT() function returned a formatted number without showing the thousands \ 
separator and grouping between separators when either the es_ES or es_MX locale \ 
was specified.

Packaging Notes

The GnuPG build key used to sign MySQL downloadable packages has been updated. \ 
The previous GnuPG build key is set to expire on 2022-02-16. For information \ 
about verifying the integrity and authenticity of MySQL downloadable packages \ 
using GnuPG signature checking, or to obtain a copy of our public GnuPG build \ 
key, see Signature Checking Using GnuPG.

Due to the GnuPG key update, systems configured to use repo.mysql.com may report \ 
a signature verification error when upgrading to MySQL 5.7.37 and higher or to \ 
MySQL 8.0.28 and higher using apt or yum. Use one of the following methods to \ 
resolve this issue:

Manually reinstall the MySQL APT or YUM repository setup package from \ 
https://dev.mysql.com/downloads/.

Download the MySQL GnuPG public key and add it your system GPG keyring.

For MySQL APT repository instructions, see Appendix A: Adding and Configuring \ 
the MySQL APT Repository Manually.

For MySQL YUM repository instructions, see Upgrading MySQL with the MySQL Yum \ 
Repository.

Bugs Fixed

InnoDB: The buf_validate() function in the InnoDB sources was optimized, \ 
improving performance on debug builds.

Thanks to Hobert Lu for the contribution.

Partitioning: Creating a table with nondeterministic functions in generated \ 
column expressions should not be possible, but this was not enforced in all \ 
cases; a series of one or more ALTER TABLE statements could be employed to \ 
arrive at a partitioned table with one or more such generated columns. When \ 
attempting to execute the CREATE TABLE statement obtained by running SHOW CREATE \ 
TABLE against this table, MySQL rejected the statement with a misleading error \ 
message referring to the partitioning expression rather than to the problematic \ 
column, despite the fact that the partitioning expression itself was legal.

This was caused by the result of a check for any unsafe expressions defined for \ 
a generated column (in the internal variable thd->safe_to_cache_query), which \ 
was later checked again without being cleared while parsing the partition \ 
expression, leading to an error even when the partition expression did not refer \ 
to the problematic generated column expression. Now in such cases, we reset \ 
thd->safe_to_cache_query before parsing the partition function.

The issue of allowing the use of certain nondeterminstic functions \ 
(AES_ENCRYPT(), AES_DECRYPT(), RANDOM_BYTES()) in generated columns is handled \ 
separately.

Partitioning: A query using an index other than the primary key of a partitioned \ 
table sometimes resulted in excessive CPU load.

Replication: When the PAD_CHAR_TO_FULL_LENGTH SQL mode was enabled on a replica \ 
server, trailing spaces could be added to a replication channel’s name in the \ 
replication metadata repository tables, resulting in errors in replication \ 
operations that identified the channel using that data. The issue has now been \ 
fixed in MySQL 8.0 by using VARCHAR for character columns, and in MySQL 5.7 by \ 
disabling the SQL mode when reading from those tables. Thanks to Brian Yue for \ 
the contribution.

MySQL 5.7 did not handle the thread_stack variable in the same manner as MySQL \ 
5.6 or MySQL 8.0.

It was possible in some cases to create a generated column of type SERIAL, which \ 
is not allowed.

See Numeric Data Type Syntax, and CREATE TABLE and Generated Columns, for more \ 
information

Statements which commit a transaction implicitly or explicitly are not allowed \ 
inside a trigger or a stored function. Both CREATE TRIGGER and CREATE FUNCTION \ 
should report an error (ER_COMMIT_NOT_ALLOWED_IN_SF_OR_TRG) in this case, but \ 
did not correctly handle DROP TABLESPACE.

The MySQL session used for online keyring migration was not closed gracefully \ 
after the migration was complete, resulting in an “Aborted connection” note \ 
being printed to the error log.

SHOW PROCESSLIST could read freed memory when accessing the query string \ 
belonging to a connection that was in the process of deleting a prepared \ 
statement.

Privileges were not checked correctly for ALTER USER ... IDENTIFIED WITH ... BY.

Log message:
*: Recursive revbump from boost 1.78.0

Log message:
mysql57-client: Support OpenSSL 3.

Log message:
databases: Replace RMD160 checksums with BLAKE2s checksums

All checksums have been double-checked against existing RMD160 and
SHA512 hashes

The following distfiles could not be fetched (some may be only fetched
conditionally):

./databases/cstore/distinfo D6.data.ros.gz
./databases/cstore/distinfo cstore0.2.tar.gz
./databases/cstore/distinfo data4.tar.gz

Log message:
mysql57: updated to 5.7.36

Changes in MySQL 5.7.36

Security Notes

Bugs Fixed

Security Notes

The linked OpenSSL library for MySQL Server has been updated to version 1.1.1l. \ 
Issues fixed in the new OpenSSL version are described at \ 
https://www.openssl.org/news/cl111.txt and and \ 
http://www.openssl.org/news/vulnerabilities.html.

Bugs Fixed

Incompatible Change: For all SELECT statements on a view, the query digest was \ 
based on the view definition. As a result, different queries had the same digest \ 
and aggregated together in the Performance Schema table \ 
events_statements_summary_by_digest, so statistics in that table were not usable \ 
for distinguishing distinct SELECT statements.

The query digest for each SELECT statement on a view now is based on the SELECT, \ 
not the view definition. This enables distinguishing distinct SELECT statements \ 
in the events_statements_summary_by_digest table. However, tools that use query \ 
digests may need some adjustment to account for this change. For example, MySQL \ 
Enterprise Firewall and query rewrite plugins rely on query digests and existing \ 
rules for them that are associated with views may need to be updated.

InnoDB: With undo log truncation enabled (innodb_undo_log_truncate=ON), it was \ 
possible for a deadlock and eventual failure to occur when an undo log truncate \ 
operation was initiated after a version upgrade from MySQL 5.6 to MySQL 5.7.34 \ 
or earlier. A patch introduced in MySQL 5.7.35

[Note] InnoDB: Found duplicate reference rseg: 33 space: 1 page: 3
[Note] InnoDB: Reset pre-5.7.2 rseg: 1 after duplicate is found.
If pre-5.7.2 rollback segment slots have no undo data to purge, a message \ 
similar to the following is emitted:

[Note] InnoDB: Successfully reset 32 pre-5.7.2 rseg slots.
If undo data is found in pre-5.7.2 rollback segment slots, a message similar to \ 
the following is emitted recommending a slow shutdown and restart:

[Note] InnoDB: pre-5.7.2 rseg: 2 holds data to be purged.
History length: 1. Recommend slow shutdown with innodb_fast_shutdown=0 and restart

InnoDB: Truncation of an undo tablespace during use by an active transaction \ 
raised an assertion failure. The transaction was prematurely marked as complete, \ 
permitting the truncation operation.

InnoDB: Deleting or updating a row from a parent table initiated a cascading SET \ 
NULL operation on the child table that set a virtual column value to NULL. The \ 
virtual column value should have been derived from the base column value.

Thanks to Yin Peng at Tencent for the contribution.

InnoDB: The InnoDB recovery process did not recognize that page compression had \ 
been applied to data that was being recovered, causing the tablespace data file \ 
to increase in size during the redo log apply phase, which could lead to a \ 
recovery failure for systems approaching a disk-full state.

Replication: The error messages issued by MySQL Replication when GTIDs required \ 
for auto-positioning have been purged could be incorrectly assigned or scrambled \ 
in some situations.

Replication: The contents of the gtid_executed and gtid_purged GTID sets were \ 
not persisted after restoring a dump taken using mysqldump. The dump file \ 
sequence has now been changed so that the mysql schema (which contains the \ 
mysql.gtid_executed table) is not dropped after the gtid_purged GTID set is \ 
written. A new option --skip-mysql-schema is added for mysqldump which lets you \ 
choose not to drop the mysql schema at all.

JSON: Conversion of JSON values to text caused linear growth of the destination \ 
string, resulting in an unnecessarily high number of reallocations. Now this \ 
process uses exponential growth instead, to reduce the number of allocations \ 
required.

This fix originally appeared in MySQL 8.0 and was backported to MySQL 5.7 by \ 
Annirudh Prasad, whom we thank for the contribution.

Concurrent insert operations on multiple tables with full-text indexes caused a \ 
large number of full-text index synchronization requests, resulting in an out of \ 
memory condition.

When a query uses a temporary table for aggregation, the group by item is used \ 
as a unique constraint on the temporary table: If the item value is already \ 
present, the row is updated; otherwise, a new row is inserted into the temporary \ 
table. If the item has a result field or reference item, it it evaluated twice, \ 
once to check whether the result exists in the temporary table and, if not, \ 
again while constructing the row to be inserted. When the group by item was \ 
nondeterministic, the result value used to check for existence differed from \ 
that with which an insert was attempted, causing the insert to be rejected if \ 
the value already existed in the table.

We fix this by using the hash of any nondeterministic items as the unique \ 
constraint, so that the hash is evaluated once only.

Quote handling was improved for the SHOW GRANTS statement.

Log message:
databases: Remove SHA1 distfile hashes