Log message:
mysql57: updated to 5.7.44

Changes in MySQL 5.7.44

SQL Function and Operator Notes

The STR_TO_DATE() function did not perform complete range checking on the string \ 
to be converted, so that it was possible to pass to it a string which would \ 
yield an invalid date, such as '2021-11-31'.

Packaging Notes

On Windows, the MSI package definition files were updated to work with the \ 
Windows Installer XML (WiX) toolset version 4. Note that they can no longer be \ 
used with previous versions of the toolset.

The bundled libedit library was upgraded to version 20221030-3.1.

Functionality Added or Changed

Important Change: The linked OpenSSL library for MySQL Server has been updated \ 
to version 3.0.10. Issues fixed in OpenSSL version 3.0.10 are described at \ 
https://www.openssl.org/news/cl30.txt.

Bugs Fixed

InnoDB: Fixed processing of single character tokens by a FTS parser plugin.

Our thanks to Shaohua Wang for the contribution.

InnoDB: The last detected deadlock section of the engine status log was only \ 
showing 1024 characters for the combined thread and query information. Fixing by \ 
removing the printed query string limit.

Some complex queries using multiple common table expressions were not always \ 
handled correctly.

Log message:
*: recursive bump for icu 74.1

Log message:
*: bump for openssl 3

Log message:
mysql57: updated to 5.7.43

Changes in MySQL 5.7.43

Compilation Notes

Improved Clang 15 usage, although it's not officially supported in v5.7.

Functionality Added or Changed

Important Change: The linked OpenSSL library for MySQL Server has been upgraded \ 
from OpenSSL 1.1.1 to OpenSSL 3.0. The exact version is now 3.0.9. More \ 
information on changes from 1.1.1 to 3.0 can be found at \ 
https://www.openssl.org/docs/man3.0/man7/migration_guide.html.

The linked curl library for MySQL Server (Enterprise Edition) has been updated \ 
to version 8.1.1.

Bugs Fixed

Group Replication: After one machine halted and restarted in a three-node MySQL \ 
InnoDB Cluster, one node failed to start; after restarting all nodes, the \ 
cluster shut down unexpectedly.

Our thanks to Zetang Zeng for the contribution.

Fortified parsing of the network packet data sent by the server to the client.

Some floating-point literals were not always handled correctly.

Executing a query with an implicit aggregation should return exactly one row, \ 
unless the query has a HAVING clause that filters out the row, but a query with \ 
a HAVING clause which evaluated to FALSE sometimes ignored this, and returned a \ 
row regardless.

During optimization, range-select tree creation uses logic which differs based \ 
on the left-hand side of the IN() predicate. For a field item, each value on the \ 
right-hand side is added to an OR tree to create the necessary expression. In \ 
the case of a row item comparison (example: WHERE (a,b) IN ((n1,m1), (n2, m2), \ 
...)), an expression in disjunctive normal form (DNF) is needed. A DNF \ 
expression is created by adding an AND tree with column values to an OR tree for \ 
each set of RHS values, but instead the OR tree was added to the AND tree \ 
causing the tree merge to require exponential time due to O(n2) runtime \ 
complexity.

Log message:
mysql57: updated to 5.7.42

Changes in MySQL 5.7.42

Functionality Added or Changed

Important Change: The linked OpenSSL library for MySQL Server has been updated \ 
to version 1.1.1t. Issues fixed in OpenSSL version 1.1.1t are described at \ 
https://www.openssl.org/news/cl111.txt.

The linked curl library for MySQL Server (Enterprise Edition) has been updated \ 
to version 7.88.1.

Bugs Fixed

InnoDB: Prevent online DDL operations from accessing out-of-bounds memory.

Replication: Some binary log events were not always handled correctly.

Replication: Setting binlog_order_commits to OFF could lead to a missed GTID in \ 
the next binary log file's Previous_gtids event.

Our thanks to Yewei Xu and the Tencent team for the contribution.

A client setting the character set to an impermissible client character set \ 
(ucs2, utf16, utf16le, or utf32) could cause unexpected behavior when the client \ 
used an authentication plugin.

The scope of the connect_timeout limit was extended to full-packet reads.

Using --single-transaction with mysqldump version 5.7.41 required either the \ 
RELOAD or FLUSH_TABLES privilege. This requirement now applies only when both \ 
gtid_mode=ON (default OFF) and with --set-gtid-purged = ON|AUTO (default AUTO).

Log message:
*: Recursive revbump from Boost 1.81.0

Log message:
mysql57: updated to 5.7.40

Changes in MySQL 5.7.40

Functionality Added or Changed

Important Change: The linked OpenSSL library for MySQL Server has been updated \ 
to version 1.1.1q. Issues fixed in OpenSSL version 1.1.1q are described at \ 
https://www.openssl.org/news/cl111.txt and \ 
https://www.openssl.org/news/vulnerabilities.html.

The linked curl library for MySQL Server (Enterprise Edition) has been updated \ 
to version 7.84.0.

MySQL Server’s AES_ENCRYPT() and AES_DECRYPT() functions now support the use \ 
of a key derivation function (KDF) to create a cryptographically strong secret \ 
key from information such as a password or a passphrase that you pass to the \ 
function. The derived key is used to encrypt and decrypt the data, and it \ 
remains in the MySQL Server instance and is not accessible to users. Using a KDF \ 
is highly recommended, as it provides better security than specifying your own \ 
premade key or deriving it by a simpler method when you use the function. The \ 
functions support HKDF (available from OpenSSL 1.1.0), for which you can specify \ 
an optional salt and context-specific information to include in the keying \ 
material, and PBKDF2 (available from OpenSSL 1.0.2), for which you can specify \ 
an optional salt and set the number of iterations used to produce the key.

Bugs Fixed

InnoDB: In debug builds, a descending b-tree scan raised a debug assertion failure.

InnoDB: An index latch order violation in dict_table_x_lock_indexes() caused an \ 
assertion failure.

InnoDB: A TRUNCATE TABLE operation failed to free an acquired mutex in specific \ 
cases.

The server did not always process nested views as expected.

mysqlpump might not be given the correct permissions to use derived tables \ 
(tables that are generated by a query FROM clause), causing the dump process to \ 
stop if these were present. Derived tables are now handled separately and \ 
privileges are set for them.

When using --log-timestamps=SYSTEM, ISO 8601 timestamps in log messages did not \ 
take account of daylight saving time.

The GRANT OPTION privilege was treated as related to database operations.

Changes in MySQL 5.7.39

Compilation Notes

Added macOS/ARM support.

On Windows, improved the generated INFO_BIN and INFO_SRC files.

Keyring Notes

The keyring_aws plugin has been updated to use the latest AWS Encryption SDK for \ 
C (version 1.9.186).

The keyring_aws_region variable supports the additional AWS regions supported by \ 
the new SDK. Refer to the variable description for a list of supported AWS \ 
regions.

Performance Schema Notes

The SHOW PROCESSLIST statement provides process information by collecting thread \ 
data from all active threads. However, because the implementation iterates \ 
across active threads from within the thread manager while holding a global \ 
mutex, it has negative performance consequences, particularly on busy systems.

An alternative SHOW PROCESSLIST implementation is now available based on the new \ 
Performance Schema processlist table. This implementation queries active thread \ 
data from the Performance Schema rather than the thread manager and does not \ 
require a mutex:

To enable the alternative implementation, enable the \ 
performance_schema_show_processlist system variable.

Note
The processlist table is automatically created in the Performance Schema for new \ 
installations of MySQL 5.7.39, or higher, and upgrades to MySQL 5.7.39, or \ 
higher.

The alternative implementation of SHOW PROCESSLIST also applies to the \ 
mysqladmin processlist command.

The alternative implementation does not apply to the INFORMATION_SCHEMA \ 
PROCESSLIST table or the COM_PROCESS_INFO command of the MySQL client/server \ 
protocol.

To ensure that the default and alternative implementations yield the same \ 
information, certain configuration requirements must be met; see The processlist \ 
Table.

Functionality Added or Changed

Important Change: The linked curl library for MySQL Server (Enterprise Edition) \ 
has been updated to version 7.83.1.

Important Change: The linked OpenSSL library for MySQL Server has been updated \ 
to version 1.1.1o. Issues fixed in OpenSSL version 1.1.1o are described at \ 
https://www.openssl.org/news/cl111.txt and \ 
https://www.openssl.org/news/vulnerabilities.html.

The myisam_repair_threads system variable and myisamchk --parallel-recover \ 
option were removed.

Bugs Fixed

InnoDB: A 4GB tablespace file size limit on Windows 32-bit systems has been \ 
removed. The limit was due to an incorrect calculation performed while extending \ 
the tablespace.

Replication: The write sets extracted by MySQL Replication from transactions \ 
when the transaction_write_set_extraction system variable is enabled (which is \ 
the default) are extracted from primary keys, unique keys, and foreign keys. \ 
They are used to detect dependencies and conflicts between transactions. \ 
Previously, write sets involving multi-column foreign keys were incorrectly \ 
identifying each column as a separate foreign key. The issue has now been fixed \ 
and foreign key write sets include all referenced key columns.

Replication: When the --replicate-same-server-id option was used to make the \ 
replica not skip events that have its own server ID, if the log file was \ 
rotated, replication stopped with an error. The log rotation event now checks \ 
and applies the current value of the option.

Under certain circumstances TRUNCATE performance_schema.accounts caused \ 
duplicated counts in global_status.

This occurred only if the following was true:

If show_compatibility_56 is set to 0, aggregating status variables by accounts, \ 
users and hosts.

If some hosts were not instrumented. For example, if \ 
performance_schema_hosts_size was set to a low value.

Our thanks to Yuxiang Jiang and the Tencent team for the contribution.

Upgraded the bundled zlib library to zlib 1.2.12. Also made zlib 1.2.12 the \ 
minimum zlib version supported, and removed WITH_ZLIB from the WITH_SYSTEM_LIBS \ 
CMake option.

If an incorrect value was set for the binlog_checksum system variable during a \ 
session, a COM_BINLOG_DUMP command made in the same session to request a binary \ 
log stream from a source failed. The server now validates the specified checksum \ 
value before starting the checksum algorithm setup process.

Log message:
*: recursive bump for perl 5.36

Log message:
mysql57: updated to 5.7.38

Changes in MySQL 5.7.38

SQL Function and Operator Notes

When the mysql client was started with --default-character-set=utf8mb4, \ 
successive calls to the UUID() function returned duplicate values.

Security Notes

The linked OpenSSL library for MySQL Server has been updated to version 1.1.1n \ 
from 1.1.1l. Issues fixed in OpenSSL are described at \ 
https://www.openssl.org/news/cl111.txt and at \ 
http://www.openssl.org/news/vulnerabilities.html.

Functionality Added or Changed

The default for the group_replication_transaction_size_limit system variable, \ 
which sets the maximum transaction size that a replication group accepts, is \ 
changed from zero (no limit) to 150000000 bytes (approximately 143 MB), which is \ 
the same as the default in MySQL 8.0. Setting a limit for this system variable \ 
by default helps to avoid delays or errors caused by excessively large \ 
transactions. Transactions above the limit are rolled back and are not sent to \ 
Group Replication's Group Communication System (GCS) for distribution to the \ 
group. If your Group Replication servers previously accepted transactions larger \ 
than the new default limit, and you were allowing \ 
group_replication_transaction_size_limit to default to the old zero limit, those \ 
transactions will start to fail after the upgrade to the new default. You must \ 
either specify an appropriate size limit that allows the maximum message size \ 
you need the group to tolerate (which is the recommended solution), or specify 
a zero setting to restore the previous behavior.

The myisam_repair_threads system variable and myisamchk --parallel-recover \ 
option are deprecated; expect support for both to be removed in a future release \ 
of MySQL.

Values other than 1 (the default) for myisam_repair_threads produce a warning.

Bugs Fixed

InnoDB: A missing null pointer check for an index instance caused a failure.

InnoDB: Purge threads processed undo records of an encrypted table for which the \ 
tablespace was not loaded, causing a failure.

InnoDB: Incorrect AUTO_INCREMENT values were generated when the maximum integer \ 
column value was exceeded. The error was due to the maximum column value not \ 
being considered. The previous valid AUTO_INCREMENT value should have been \ 
returned in this case, causing a duplicate key error.

Partitioning: In some cases, establishing a connection to MySQL server could \ 
fail if the .ibd file for a partition was missing.

Statements that cannot be parsed (due, for example, to syntax errors) are no \ 
longer written to the slow query log.

It was not possible to revoke the DROP privilege on the Performance Schema.

A page cleaner thread timed out as it waited for an exclusive lock on an index \ 
page held by a full-text index creation operation on a large table.

A memory leak occurred if mysqldump was used on more than one table with the \ 
--order-by-primary option. The memory allocated for sorting each table’s rows \ 
is now freed after every table, rather than only once.

mysqld_safe log message textual errors were corrected.

Log message:
mysql57: updated to 5.7.37

Changes in MySQL 5.7.37

Audit Log Notes

Previously, each event logged by MySQL Enterprise Audit included the SQL \ 
statement literal text. To provide an alternative (because it is possible that \ 
statements contain sensitive information), the audit log filtering language now \ 
supports logging a statement's digest rather than its literal text. For example, \ 
instead of logging this statement:

SELECT * FROM orders WHERE some_sensitive_column=1234567
The audit log plugin can log this digest:

SELECT * FROM `orders` WHERE `some_sensitive_column` = ?
This is similar to what is already logged for prepared statements, for which \ 
parameter markers appear rather than actual data values.

To perform digest logging, use audit filter definitions that replace the \ 
statement literal text by its corresponding digest, as discussed in Replacement \ 
of Event Field Values.

Because text replacement occurs at an early auditing stage (during filtering), \ 
the choice of whether to log statement literal text or digest values applies \ 
regardless of log format written later (that is, whether the audit log plugin \ 
produces XML or JSON output).

Compilation Notes

Binary packages that include curl rather than linking to the system curl library \ 
have been upgraded to use curl 7.80.0.

SQL Function and Operator Notes

Queries making use of the MBRContains() function did not employ all available \ 
spatial indexes.

The FORMAT() function returned a formatted number without showing the thousands \ 
separator and grouping between separators when either the es_ES or es_MX locale \ 
was specified.

Packaging Notes

The GnuPG build key used to sign MySQL downloadable packages has been updated. \ 
The previous GnuPG build key is set to expire on 2022-02-16. For information \ 
about verifying the integrity and authenticity of MySQL downloadable packages \ 
using GnuPG signature checking, or to obtain a copy of our public GnuPG build \ 
key, see Signature Checking Using GnuPG.

Due to the GnuPG key update, systems configured to use repo.mysql.com may report \ 
a signature verification error when upgrading to MySQL 5.7.37 and higher or to \ 
MySQL 8.0.28 and higher using apt or yum. Use one of the following methods to \ 
resolve this issue:

Manually reinstall the MySQL APT or YUM repository setup package from \ 
https://dev.mysql.com/downloads/.

Download the MySQL GnuPG public key and add it your system GPG keyring.

For MySQL APT repository instructions, see Appendix A: Adding and Configuring \ 
the MySQL APT Repository Manually.

For MySQL YUM repository instructions, see Upgrading MySQL with the MySQL Yum \ 
Repository.

Bugs Fixed

InnoDB: The buf_validate() function in the InnoDB sources was optimized, \ 
improving performance on debug builds.

Thanks to Hobert Lu for the contribution.

Partitioning: Creating a table with nondeterministic functions in generated \ 
column expressions should not be possible, but this was not enforced in all \ 
cases; a series of one or more ALTER TABLE statements could be employed to \ 
arrive at a partitioned table with one or more such generated columns. When \ 
attempting to execute the CREATE TABLE statement obtained by running SHOW CREATE \ 
TABLE against this table, MySQL rejected the statement with a misleading error \ 
message referring to the partitioning expression rather than to the problematic \ 
column, despite the fact that the partitioning expression itself was legal.

This was caused by the result of a check for any unsafe expressions defined for \ 
a generated column (in the internal variable thd->safe_to_cache_query), which \ 
was later checked again without being cleared while parsing the partition \ 
expression, leading to an error even when the partition expression did not refer \ 
to the problematic generated column expression. Now in such cases, we reset \ 
thd->safe_to_cache_query before parsing the partition function.

The issue of allowing the use of certain nondeterminstic functions \ 
(AES_ENCRYPT(), AES_DECRYPT(), RANDOM_BYTES()) in generated columns is handled \ 
separately.

Partitioning: A query using an index other than the primary key of a partitioned \ 
table sometimes resulted in excessive CPU load.

Replication: When the PAD_CHAR_TO_FULL_LENGTH SQL mode was enabled on a replica \ 
server, trailing spaces could be added to a replication channel’s name in the \ 
replication metadata repository tables, resulting in errors in replication \ 
operations that identified the channel using that data. The issue has now been \ 
fixed in MySQL 8.0 by using VARCHAR for character columns, and in MySQL 5.7 by \ 
disabling the SQL mode when reading from those tables. Thanks to Brian Yue for \ 
the contribution.

MySQL 5.7 did not handle the thread_stack variable in the same manner as MySQL \ 
5.6 or MySQL 8.0.

It was possible in some cases to create a generated column of type SERIAL, which \ 
is not allowed.

See Numeric Data Type Syntax, and CREATE TABLE and Generated Columns, for more \ 
information

Statements which commit a transaction implicitly or explicitly are not allowed \ 
inside a trigger or a stored function. Both CREATE TRIGGER and CREATE FUNCTION \ 
should report an error (ER_COMMIT_NOT_ALLOWED_IN_SF_OR_TRG) in this case, but \ 
did not correctly handle DROP TABLESPACE.

The MySQL session used for online keyring migration was not closed gracefully \ 
after the migration was complete, resulting in an “Aborted connection” note \ 
being printed to the error log.

SHOW PROCESSLIST could read freed memory when accessing the query string \ 
belonging to a connection that was in the process of deleting a prepared \ 
statement.

Privileges were not checked correctly for ALTER USER ... IDENTIFIED WITH ... BY.