Path to this page:
Subject: CVS commit: [pkgsrc-2017Q2] pkgsrc/databases
From: S.P.Zeidler
Date: 2017-07-29 22:10:59
Message id: 20170729201059.2AACBFACD@cvs.NetBSD.org
Log Message:
Pullup ticket #5525 - requested by taca
databases/mysql56-client: security update
databases/mysql56-server: security update
Revisions pulled up:
- databases/mysql55-client/Makefile 1.25
- databases/mysql55-client/Makefile.common 1.41
- databases/mysql55-client/distinfo 1.43
- databases/mysql55-server/Makefile 1.33
- databases/mysql55-server/PLIST 1.30
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: adam
Date: Wed Jul 19 18:48:22 UTC 2017
Modified Files:
pkgsrc/databases/mysql55-client: Makefile Makefile.common distinfo
pkgsrc/databases/mysql55-server: Makefile PLIST
pkgsrc/databases/mysql56-client: Makefile Makefile.common distinfo
pkgsrc/databases/mysql56-server: Makefile PLIST
Log Message:
Security Notes
* Security Fix: The linked OpenSSL library for the MySQL Commercial Server \
has been updated to version 1.0.2l. Issues fixed in the new OpenSSL version are \
described at http://www.openssl.org/news/vulnerabilities.html.
This change does not affect the Oracle-produced MySQL Community build of \
MySQL Server, which uses the yaSSL library instead.
Platform-Specific Notes
* Linux: The generic Linux build for MySQL 5.6 is now built on Oracle Linux 6 \
using glibc 2.12. Systems that use the build need to have glibc 2.12 or later \
installed on them.
Functionality Added or Changed
* For Windows, MSI installer packages now include a check for the required \
Visual Studio redistributable package, and produce a message asking the user to \
install it if it is missing.
* The mysql client now supports a --binary-as-hex option that causes display \
of binary data using hexadecimal notation (0xvalue). Thanks to Daniƫl van Eeden \
for the patch.
* mysqlaccess now looks for its configuration file only in the SYSCONFDIR \
directory and /etc.
Bugs Fixed
* InnoDB: The server allocated memory unnecessarily for an operation that \
rebuilt the table.
* InnoDB: When using an index merge optimizer switch, a SELECT COUNT(*) \
operation sometimes returned 0. Partitioning code incorrectly performed a memcpy \
instead of a column copy of columns read by the index, causing the wrong records \
to be copied.
* Replication: A USE statement that followed a SET GTID_NEXT statement \
sometimes had no effect.
* Replication: If the binary log on a master server was rotated and a full \
disk condition occurred on the partition where the binary log file was being \
stored, the server could stop unexpectedly. The fix adds a check for the \
existence of the binary log when the dump thread switches to next binary log \
file. If the binary log is disabled, all binary logs up to the current active \
log are transmitted to slave and an error is returned to the receiver thread.
* Replication: If a relay log index file named relay log files that did not \
exist, RESET SLAVE ALL sometimes did not fully clean up properly.
* Replication: mysqlbinlog, if invoked with the --raw option, does not flush \
the output file until the process terminates. But if also invoked with the \
--stop-never option, the process never terminates, thus nothing is ever written \
to the output file. Now the output is flushed after each event.
* Replication: A memory leak in mysqlbinlog was fixed. The leak happened when \
processing fake rotate events, or when using --raw and the destination log file \
could not be created. The leak only occurred when processing events from a \
remote server. Thanks to Laurynas Biveinis for his contribution to fixing this \
bug.
* Replication: Multi-threaded slaves could not be configured with small queue \
sizes using slave_pending_jobs_size_max if they ever needed to process \
transactions larger than that size. Any packet larger than \
slave_pending_jobs_size_max was rejected with the error \
ER_MTS_EVENT_BIGGER_PENDING_JOBS_SIZE_MAX, even if the packet was smaller than \
the limit set by slave_max_allowed_packet.
* With this fix, slave_pending_jobs_size_max becomes a soft limit rather than \
a hard limit. If the size of a packet exceeds slave_pending_jobs_size_max but is \
less than slave_max_allowed_packet, the transaction is held until all the slave \
workers have empty queues, and then processed. All subsequent transactions are \
held until the large transaction has been completed. The queue size for slave \
workers can therefore be limited while still allowing occasional larger \
transactions.
* mysqldump could write database names in USE statements incorrectly.
* If the mysql_stmt_close() C API function was called, it freed memory that \
later could be accessed if mysql_stmt_error(), mysql_stmt_errno(), or \
mysql_stmt_sqlstate() was called. To obtain error information after a call to \
mysql_stmt_close(), call mysql_error(), mysql_errno(), or mysql_sqlstate() \
instead.
* Queries could be cached incorrectly, leading to incorrect query results, \
under these circumstances: InnoDB table; rows are being inserted but have not \
yet been committed; a query uses the table as a base table in a derived table; \
the optimizer chooses to materialize the derived table.
* Man pages for a few utilities were missing from Debian/Ubuntu packages.
* The field-t unit test failed to run with AddressSanitizer enabled. Thanks \
to Laurynas Biveinis for the patch.
* Debian client packages were missing information about conflicts with native \
packages.
* The Perl path in #! lines at the beginning of Perl scripts has been \
adjusted to /usr/local/bin/perl for FreeBSD 11.
* The server exited abnormally attempting to access invalid memory.
* A race condition could occur for CREATE TABLE statements with DATA \
DIRECTORY or INDEX DIRECTORY clauses.
* MySQL compilation in different directories produced different builds to \
leakage of absolute paths into debug information and __FILE__.
* mysqld_failed to start the server if the --datadir option was specified \
with a relative path name.
* With read_only enabled, creation of non-TEMPORARY tables by non-SUPER users \
was permitted under certain conditions.
*Certain stored functions, if used in a query WHERE clause, could be handled \
using Index Condition Pushdown (which should not happen), resulting in a server \
exit.
* On x86 machines, the uint3korr() macro read 4 bytes of data instead of the \
intended 3 bytes.
* An assertion was raised during a fetch operation by the memcached plugin.
* Queries that contained UNION in a subquery and GROUP BY could return \
incorrect results.
* LOAD XML INFILE performance became noticeably slower when the XML file \
being read contained a great many spaces, such as those introduced by indenting \
or pretty-printing. Now all leading whitespace is trimmed from each such value \
before reading it into memory.
To generate a diff of this commit:
cvs rdiff -u -r1.24 -r1.25 pkgsrc/databases/mysql56-client/Makefile
cvs rdiff -u -r1.40 -r1.41 pkgsrc/databases/mysql56-client/Makefile.common
cvs rdiff -u -r1.42 -r1.43 pkgsrc/databases/mysql56-client/distinfo
cvs rdiff -u -r1.32 -r1.33 pkgsrc/databases/mysql56-server/Makefile
cvs rdiff -u -r1.29 -r1.30 pkgsrc/databases/mysql56-server/PLIST
Files: