Log Message:
mysql57: updated to 5.7.40

Changes in MySQL 5.7.40

Functionality Added or Changed

Important Change: The linked OpenSSL library for MySQL Server has been updated \ 
to version 1.1.1q. Issues fixed in OpenSSL version 1.1.1q are described at \ 
https://www.openssl.org/news/cl111.txt and \ 
https://www.openssl.org/news/vulnerabilities.html.

The linked curl library for MySQL Server (Enterprise Edition) has been updated \ 
to version 7.84.0.

MySQL Server’s AES_ENCRYPT() and AES_DECRYPT() functions now support the use \ 
of a key derivation function (KDF) to create a cryptographically strong secret \ 
key from information such as a password or a passphrase that you pass to the \ 
function. The derived key is used to encrypt and decrypt the data, and it \ 
remains in the MySQL Server instance and is not accessible to users. Using a KDF \ 
is highly recommended, as it provides better security than specifying your own \ 
premade key or deriving it by a simpler method when you use the function. The \ 
functions support HKDF (available from OpenSSL 1.1.0), for which you can specify \ 
an optional salt and context-specific information to include in the keying \ 
material, and PBKDF2 (available from OpenSSL 1.0.2), for which you can specify \ 
an optional salt and set the number of iterations used to produce the key.

Bugs Fixed

InnoDB: In debug builds, a descending b-tree scan raised a debug assertion failure.

InnoDB: An index latch order violation in dict_table_x_lock_indexes() caused an \ 
assertion failure.

InnoDB: A TRUNCATE TABLE operation failed to free an acquired mutex in specific \ 
cases.

The server did not always process nested views as expected.

mysqlpump might not be given the correct permissions to use derived tables \ 
(tables that are generated by a query FROM clause), causing the dump process to \ 
stop if these were present. Derived tables are now handled separately and \ 
privileges are set for them.

When using --log-timestamps=SYSTEM, ISO 8601 timestamps in log messages did not \ 
take account of daylight saving time.

The GRANT OPTION privilege was treated as related to database operations.

Changes in MySQL 5.7.39

Compilation Notes

Added macOS/ARM support.

On Windows, improved the generated INFO_BIN and INFO_SRC files.

Keyring Notes

The keyring_aws plugin has been updated to use the latest AWS Encryption SDK for \ 
C (version 1.9.186).

The keyring_aws_region variable supports the additional AWS regions supported by \ 
the new SDK. Refer to the variable description for a list of supported AWS \ 
regions.

Performance Schema Notes

The SHOW PROCESSLIST statement provides process information by collecting thread \ 
data from all active threads. However, because the implementation iterates \ 
across active threads from within the thread manager while holding a global \ 
mutex, it has negative performance consequences, particularly on busy systems.

An alternative SHOW PROCESSLIST implementation is now available based on the new \ 
Performance Schema processlist table. This implementation queries active thread \ 
data from the Performance Schema rather than the thread manager and does not \ 
require a mutex:

To enable the alternative implementation, enable the \ 
performance_schema_show_processlist system variable.

Note
The processlist table is automatically created in the Performance Schema for new \ 
installations of MySQL 5.7.39, or higher, and upgrades to MySQL 5.7.39, or \ 
higher.

The alternative implementation of SHOW PROCESSLIST also applies to the \ 
mysqladmin processlist command.

The alternative implementation does not apply to the INFORMATION_SCHEMA \ 
PROCESSLIST table or the COM_PROCESS_INFO command of the MySQL client/server \ 
protocol.

To ensure that the default and alternative implementations yield the same \ 
information, certain configuration requirements must be met; see The processlist \ 
Table.

Functionality Added or Changed

Important Change: The linked curl library for MySQL Server (Enterprise Edition) \ 
has been updated to version 7.83.1.

Important Change: The linked OpenSSL library for MySQL Server has been updated \ 
to version 1.1.1o. Issues fixed in OpenSSL version 1.1.1o are described at \ 
https://www.openssl.org/news/cl111.txt and \ 
https://www.openssl.org/news/vulnerabilities.html.

The myisam_repair_threads system variable and myisamchk --parallel-recover \ 
option were removed.

Bugs Fixed

InnoDB: A 4GB tablespace file size limit on Windows 32-bit systems has been \ 
removed. The limit was due to an incorrect calculation performed while extending \ 
the tablespace.

Replication: The write sets extracted by MySQL Replication from transactions \ 
when the transaction_write_set_extraction system variable is enabled (which is \ 
the default) are extracted from primary keys, unique keys, and foreign keys. \ 
They are used to detect dependencies and conflicts between transactions. \ 
Previously, write sets involving multi-column foreign keys were incorrectly \ 
identifying each column as a separate foreign key. The issue has now been fixed \ 
and foreign key write sets include all referenced key columns.

Replication: When the --replicate-same-server-id option was used to make the \ 
replica not skip events that have its own server ID, if the log file was \ 
rotated, replication stopped with an error. The log rotation event now checks \ 
and applies the current value of the option.

Under certain circumstances TRUNCATE performance_schema.accounts caused \ 
duplicated counts in global_status.

This occurred only if the following was true:

If show_compatibility_56 is set to 0, aggregating status variables by accounts, \ 
users and hosts.

If some hosts were not instrumented. For example, if \ 
performance_schema_hosts_size was set to a low value.

Our thanks to Yuxiang Jiang and the Tencent team for the contribution.

Upgraded the bundled zlib library to zlib 1.2.12. Also made zlib 1.2.12 the \ 
minimum zlib version supported, and removed WITH_ZLIB from the WITH_SYSTEM_LIBS \ 
CMake option.

If an incorrect value was set for the binlog_checksum system variable during a \ 
session, a COM_BINLOG_DUMP command made in the same session to request a binary \ 
log stream from a source failed. The server now validates the specified checksum \ 
value before starting the checksum algorithm setup process.