Next | Query returned 67 messages, browsing 51 to 60 | Previous

History of commit frequency

CVS Commit History:


   2010-11-15 17:24:09 by Jonathan Perkin | Files touched by this commit (2)
Log message:
Drop maintainer, ENOTIME.
   2010-11-04 16:57:07 by Takahiro Kambe | Files touched by this commit (4)
Log message:
Update mysql51-{client,server} package from 5.1.51 to 5.1.52.

This is maintainous release and pleare refer in detail:

	http://dev.mysql.com/doc/refman/5.1/en/news-5-1-52.html

One note from the changes:

* Security Fix: In prepared-statement mode, EXPLAIN for a SELECT from
  a derived table caused a server crash. (Bug#54488)
   2010-10-06 14:37:59 by Takahiro Kambe | Files touched by this commit (7)
Log message:
Update mysql51-{client,server} package to 5.1.51, MySQL 5.1.51.

For full changes, please refer:
	http://dev.mysql.com/doc/refman/5.1/en/news-5-1-51.html

Here is summary for security fixes:

* Security Fix: During evaluation of arguments to extreme-value
  functions (such as LEAST() and GREATEST()), type errors did not
  propagate properly, causing the server to crash. (Bug#55826)

* Security Fix: The server could crash after materializing a derived
  table that required a temporary table for grouping. (Bug#55568)

* Security Fix: A user-variable assignment expression that is
  evaluated in a logical expression context can be precalculated in a
  temporary table for GROUP BY. However, when the expression value is
  used after creation of the temporary table, it was re-evaluated, not
  read from the table and a server crash resulted. (Bug#55564)

* Security Fix: Pre-evaluation of LIKE predicates during view
  preparation could cause a server crash. (Bug#54568)

* Security Fix: GROUP_CONCAT() and WITH ROLLUP together could cause a
  server crash. (Bug#54476)

* Security Fix: Queries could cause a server crash if the GREATEST()
  or LEAST() function had a mixed list of numeric and LONGBLOB
  arguments, and the result of such a function was processed using an
  intermediate temporary table. (Bug#54461)

* Security Fix: Queries with nested joins could cause an infinite loop
  in the server when used from stored procedures and prepared
  statements. (Bug#53544)

* Security Fix: The PolyFromWKB() function could crash the server when
  improper WKB data was passed to the function. (Bug#51875)
   2010-09-21 17:57:30 by Takahiro Kambe | Files touched by this commit (20)
Log message:
* Install my_compiler.h as public header.  It is already fixed in
  MySQL's repository.
* Add comments to patches.

Bump PKGREVISION and it fixes P$ pkg/43887.
   2010-09-08 18:24:57 by Takahiro Kambe | Files touched by this commit (5)
Log message:
Update mysql51-{client,server} to 5.1.50.

Please refer http://dev.mysql.com/doc/refman/5.1/en/news-5-1-50.html
for full changes .

InnoDB Notes:

InnoDB Plugin has been upgraded to version 1.0.11. This version is
considered of General Availability (GA) quality.

In this release, the InnoDB Plugin is included in source and binary
distributions, except RHEL3, RHEL4, SuSE 9 (x86, x86_64, ia64),
generic Linux RPM packages, and any builds produced with the icc
compiler. It also does not work for FreeBSD 6 and HP-UX or for Linux
on generic ia64.

Bugs fixed:

Important Change: Replication: The LOAD DATA INFILE statement is now
considered unsafe for statement-based replication. When using
statement-based logging mode, the statement now produces a warning;
when using mixed-format logging, the statement is made using the
row-based format. (Bug#34283)

Partitioning: UPDATE and INSERT statements affecting partitioned
tables performed poorly when using row-based replication. (Bug#52517)

Partitioning: INSERT ON DUPLICATE KEY UPDATE statements performed
poorly on tables having many partitions. This was because the handler
function for reading a row from a specific index was not optimized in
the partitioning handler. (Bug#52455)

The server could crash on shutdown, if started with
--innodb-use-system-malloc=0. (Bug#55581)

GROUP BY operations used max_sort_length inconsistently. (Bug#55188)

Building MySQL on Solaris 8 x86 failed when using Sun Studio due to
gcc inline assembler code. (Bug#55061)

In debug builds, an assertion could be raised when the server tried to
send an OK packet to the client after having failed to detect errors
during processing of the WHERE condition of an UPDATE
statement. (Bug#54734)

The database server could crash when renaming a table that had active
transactions. (This issue only affected the database server when built
for debugging.) (Bug#54453)

The server could crash during the recovery phase of startup, if it
previously crashed while inserting BLOB or other large columns that
use off-page storage into an InnoDB table created with
ROW_FORMAT=REDUNDANT or ROW_FORMAT=COMPACT. (Bug#54408)

For an InnoDB table created with ROW_FORMAT=COMPRESSED or
ROW_FORMAT=DYNAMIC, a query using the READ UNCOMMITTED isolation level
could cause the server to stop with an assertion error, if BLOB or
other large columns that use off-page storage were being inserted at
the same time. (Bug#54358)

A client could supply data in chunks to a prepared statement parameter other \ 
than of type TEXT or BLOB using the mysql_stmt_send_long_data() C API function \ 
(or COM_STMT_SEND_LONG_DATA command). This led to a crash because other data \ 
types are not valid for long data. (Bug#54041)

mysql_secure_installation did not properly identify local accounts and
could incorrectly remove nonlocal root accounts. (Bug#54004)

Transactions could be incorrectly committed during recovery, rather
than rolled back, if the server crashed and was restarted after
performing ALTER TABLE...ADD PRIMARY KEY on an InnoDB table, or some
other operation that involves copying the entire table. (Bug#53756)

Portability problems in SHOW STATUS could lead to incorrect results on
some platforms. (Bug#53493)

Builds of MySQL generated a large number of warnings. (Bug#53445)

With lower_case_table_names set to a nonzero value, searches for table
or database names in INFORMATION_SCHEMA tables could produce incorrect
results. (Bug#53095)

The ABI check for MySQL failed to compile with gcc 4.5. (Bug#52514)

mysql_secure_installation sometimes failed to locate the mysql
client. (Bug#52274)

Reading a ucs2 data file with LOAD DATA INFILE was subject to three
problems. 1) Incorrect parsing of the file as ucs2 data, resulting in
incorrect length of the parsed string. This is fixed by truncating the
invalid trailing bytes (incomplete multibyte characters) when reading
from the file. 2) Reads from a proper ucs2 file did not recognize
newline characters. This is fixed by first checking whether a byte is
a newline (or any other special character) before reading it as a part
of a multibyte character. 3) When using user variables to hold column
data, the character set of the user variable was set incorrectly to
the database charset. This is fixed by setting it to the character set
specified in the LOAD DATA INFILE statement, if any. (Bug#51876)

Searches in INFORMATION_SCHEMA tables for rows matching a nonexistent
database produced an error instead of an empty query
result. (Bug#49542)

On FreeBSD, memory mapping for MERGE tables could fail if underlying
tables were empty. (Bug#47139)

The my_like_range_xxx() functions returned badly formed maximum
strings for Asian character sets, which caused problems for storage
engines. (Bug#45012)

A debugging assertion could be raised after a write failure to a
closed socket. (Bug#42496)

An assertion failure occurred within yaSSL for very long keys. (Bug#29784)

See also Bug#53463.
   2010-08-12 01:18:04 by Takahiro Kambe | Files touched by this commit (8)
Log message:
Update mysql51-client and mysql51-server to 5.1.49.

Please refer http://dev.mysql.com/doc/refman/5.1/en/news-5-1-49.html
for full changes.

* InnoDB Plugin has been upgraded to version 1.0.10. This version is
  considered of General Availability (GA) quality.

  In this release, the InnoDB Plugin is included in source and binary
  distributions, except RHEL3, RHEL4, SuSE 9 (x86, x86_64, ia64), and
  generic Linux RPM packages. It also does not work for FreeBSD 6 and
  HP-UX or for Linux on generic ia64.

Bugs fixed:

* Security Fix: After changing the values of the innodb_file_format or
  innodb_file_per_table configuration parameters, DDL statements could
  cause a server crash. (Bug#55039)

* Security Fix: Joins involving a table with with a unique SET column
  could cause a server crash. (Bug#54575)

* Security Fix: Incorrect handling of NULL arguments could lead to a
  crash for IN() or CASE operations when NULL arguments were either
  passed explicitly as arguments (for IN()) or implicitly generated by
  the WITH ROLLUP modifier (for IN() and CASE). (Bug#54477)

* Security Fix: A malformed argument to the BINLOG statement could
  result in Valgrind warnings or a server crash. (Bug#54393)

* Security Fix: Use of TEMPORARY InnoDB tables with nullable columns
  could cause a server crash. (Bug#54044)

* Security Fix: The server could crash if there were alternate reads
  from two indexes on a table using the HANDLER interface. (Bug#54007)

* Security Fix: Using EXPLAIN with queries of the form SELECT
  ... UNION ... ORDER BY (SELECT ... WHERE ...) could cause a server
  crash. (Bug#52711)

* Security Fix: LOAD DATA INFILE did not check for SQL errors and sent
  an OK packet even when errors were already reported. Also, an assert
  related to client-server protocol checking in debug servers
  sometimes was raised when it should not have been. (Bug#52512)
   2010-07-05 05:15:04 by Takahiro Kambe | Files touched by this commit (4)
Log message:
Update mysql51-{client,server} package to 5.1.48.

Secunia Advisory SA40333 (http://secunia.com/advisories/40333/) reports
that this release fixes DoS problem and it refers:

	http://dev.mysql.com/doc/refman/5.1/en/news-5-1-48.html
	http://bugs.mysql.com/bug.php?id=53804

But news-5-1-48.html dosen't contains about bug id 53804...

Anyway, please refer http://dev.mysql.com/doc/refman/5.1/en/news-5-1-48.html
for full changes.
   2010-05-26 03:52:22 by Takahiro Kambe | Files touched by this commit (5)
Log message:
Update mysql51-{client,server} package to 5.1.47.

For full changes, see http://dev.mysql.com/doc/refman/5.1/en/news-5-1-47.html.

Here is important changes:

InnoDB Plugin Notes:

    * InnoDB Plugin has been upgraded to version 1.0.8. This version
      is considered of General Availability (GA) quality. InnoDB
      Plugin Change History, may contain information in addition to
      those changes reported here.

      In this release, the InnoDB Plugin is included in source and
      binary distributions, except RHEL3, RHEL4, SuSE 9 (x86, x86_64,
      ia64), and generic Linux RPM packages. It also does not work for
      FreeBSD 6 and HP-UX or for Linux on generic ia64.

Functionality added or changed:

    * InnoDB stores redo log records in a hash table during
      recovery. On 64-bit systems, this hash table was 1/8 of the
      buffer pool size. To reduce memory usage, the dimension of the
      hash table was reduced to 1/64 of the buffer pool size (or 1/128
      on 32-bit systems). (Bug#53122)

Security fixed:

    * Security Fix: The server failed to check the table name argument
      of a COM_FIELD_LIST command packet for validity and compliance
      to acceptable table name standards. This could be exploited to
      bypass almost all forms of checks for privileges and table-level
      grants by providing a specially crafted table name argument to
      COM_FIELD_LIST.

      In MySQL 5.0 and above, this allowed an authenticated user with
      SELECT privileges on one table to obtain the field definitions
      of any table in all other databases and potentially of other
      MySQL instances accessible from the server's file system.

      Additionally, for MySQL version 5.1 and above, an authenticated
    user with DELETE or SELECT privileges on one table could delete or
    read content from any other table in all databases on this server,
    and potentially of other MySQL instances accessible from the
    server's file system. (Bug#53371, CVE-2010-1848)

    * Security Fix: The server was susceptible to a buffer-overflow
      attack due to a failure to perform bounds checking on the table
      name argument of a COM_FIELD_LIST command packet. By sending
      long data for the table name, a buffer is overflown, which could
      be exploited by an authenticated user to inject malicious
      code. (Bug#53237, CVE-2010-1850)

    * Security Fix: The server could be tricked into reading packets
      indefinitely if it received a packet larger than the maximum
      size of one packet. (Bug#50974, CVE-2010-1849)
   2010-04-30 08:03:36 by OBATA Akio | Files touched by this commit (1)
Log message:
Interix GNU cc doesn't support `-fPIC'.
   2010-04-24 17:59:24 by Takahiro Kambe | Files touched by this commit (6)
Log message:
Update mysql51-client/mysql51-server package to 5.1.46.

This is maintainous release and please refer for full changes:

	http://dev.mysql.com/doc/refman/5.1/en/news-5-1-46.html

Next | Query returned 67 messages, browsing 51 to 60 | Previous