MySQL 5.5.1-m2 リリース!
MySQL 5.5.1-m2 がリリースされました。これは MySQL 5.5 シリーズの最新バージョンです。
MySQL 5.5 シリーズは「マイルストンリリース」という位置づけで、このシリーズは "Betony" とも呼ばれています。
マイルストンリリースモデルについては、こちらを参照ください:
http://forge.mysql.com/wiki/Development_Cycle
SSL接続を有効にしている場合、以下の問題があるようです(今回の 5.5シリーズに限らず、他のバージョンでも同様の問題がある可能性があります)。
以下開発チームからの情報を要約します。
-----------------------------------------
このバージョンのリリース準備中に、MySQLチームは SSL 接続部分にセキュリティ上の問題があることを知った(サーバクラッシュの可能性もあり)。
これは YaSSL ライブラリのバッファオーバフローによって引き起こされるものであり、OpenSSLを使っている場合は大丈夫だ。
(YaSSLを使った)SSLを有効にしている場合にのみ発生する。
この問題について、色々なバージョン、コンフィギャ、プラットフォームに対して詳細調査中だ。
調査完了次第、修正し、影響のあるバージョンのバイナリをリリースする予定。
ただ、たくさんのコンフィギャとたくさんのプラットフォームのバイナリをビルドしてテストするには明らかにそれなりの時間を必要とする。
本件の CVE ID は以下:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4484
MySQLのバグシステムでは現時点で private モードにしているが、バイナリがリリースされたら以下で公開する予定。
http://bugs.mysql.com/50227
それまでの間、一般的なセキュリティ上のヒントを書くと:
明らかに外部のマシンからMySQLサーバへのアクセスが必要ないならば、firewallで接続ポートをブロックすることをお勧めする。
-----------------------------------------
ダウンロードはこちらから:
http://dev.mysql.com/downloads/mysql/5.5.html
----------
以下、チェンジログ:
■MySQL 5.5 で加わった機能
* Support for an interface for semisynchronous replication:
A commit performed on the master side blocks before returning
to the session that performed the transaction until at least
one slave acknowledges that it has received and logged the events
for the transaction.
Semisynchronous replication is implemented through an optional
plugin component. See Section 16.2.8, "Semisynchronous Replication"
* Support for the SQL standard SIGNAL and RESIGNAL statements.
See Section 12.8.8, "SIGNAL and RESIGNAL".
* Enhancements to XML functionality, including a new LOAD XML
statement.
* Two new types of user-defined partitioning:
RANGE COLUMNS partitioning is an extension to RANGE partitioning;
LIST COLUMNS partitioning is an extension to LIST partitioning.
Each of these extensions provides two enhancements to MySQL
partitioning capabilities:
1. It is possible to define partitioning ranges or lists based on
DATE, DATETIME, or string values (such as CHAR or VARCHAR).
You can also define ranges or lists based on multiple column
values when partitioning tables by RANGE COLUMNS or LIST COLUMNS,
respectively. Such a range or list may refer to up to 16 columns.
2. For tables defined using these partitioning types, partition
pruning can now optimize queries with WHERE conditions that use
multiple comparisons between (different) column values and
constants, such as
a = 10 AND b > 5 or a < "2005-11-25" AND b = 10 AND c = 50.
For more information, see Section 17.2.1, "RANGE Partitioning",
and Section 17.2.2, "LIST Partitioning".
* It is now possible to delete all rows from one or more partitions
of a partitioned table using the ALTER TABLE ... TRUNCATE
PARTITION statement. Executing the statement deletes rows without
affecting the structure of the table. The partitions named in the
TRUNCATE PARTITION clause do not have to be contiguous.
* Key caches are now supported for indexes on partitioned MyISAM
tables, using the CACHE INDEX and LOAD INDEX INTO CACHE statements.
In addition, a key cache can be defined for and loaded with indexes
from an entire partitioned table, or for one or more partitions.
In the latter case, the partitions are not required to be contiguous.
* The TO_SECONDS() function is added. This function converts a date or
datetime expression to a number of seconds since the year 0. You may
use this function in partitioning expressions, and partition pruning
is supported for table defined using such expressions.
The following constructs are deprecated and will be removed in a future
MySQL release. Where alternatives are shown, applications should be
updated to use them.
* The table_type system variable (use storage_engine).
The TYPE table option to specify the storage engine for
CREATE TABLE or ALTER TABLE (use ENGINE).
The SHOW TABLE TYPES SQL statement (use SHOW ENGINES).
* The log_bin_trust_routine_creators variable
(use log_bin_trust_function_creators).
* TIMESTAMP(N): The ability to specify a display width of N
(use without N).
* The SHOW INNODB STATUS and SHOW MUTEX STATUS SQL statements
(use SHOW ENGINE INNODB STATUS for both of these).
* The LOAD TABLE ... FROM MASTER and LOAD DATA FROM MASTER SQL
statements.
* The SHOW PLUGIN SQL statement (use SHOW PLUGINS).
* The BACKUP TABLE and the RESTORE TABLE SQL statements.
* The --master-xxx server options to set replication parameters
(use the CHANGE MASTER TO statement instead):
--master-host, --master-user, --master-password, --master-port,
--master-connect-retry, --master-ssl, --master-ssl-ca,
--master-ssl-capath, --master-ssl-cert, --master-ssl-cipher,
--master-ssl-key.
■RPM Note(5.5.1-m2):
* The version information in RPM package files has been changed:
+ The "level" field of a MySQL version number is now also
included in the RPM version and in the package file name.
+ The RPM "release" value now starts to count from 1, not 0.
For example, the generic x86 server RPM file of 5.5.1-m2 is
named MySQL-server-5.5.1_m2-1.glibc23.i386.rpm. This improves
consistency with other formats that also include the level
(for this version: "m2") in the file name. For example, the
tar.gz filename is mysql-5.5.1-m2-linux-i686-glibc23.tar.gz.
The different separator, underscore '_' for RPM, is required
by the syntax of RPM.
■InnoDB Plugin Note(5.5.1-m2):
* InnoDB Plugin has been upgraded to version 1.0.6. This version
is considered of Release Candidate (RC) quality. The InnoDB
Plugin Change History
(http://www.innodb.com/doc/innodb_plugin-1.0/innodb-changes.ht
ml) may contain information in addition to those changes
reported here.
■機能の追加と変更(5.5.1-m2)
* Partitioning: The UNIX_TIMESTAMP() function is now supported
in partitioning expressions using TIMESTAMP columns. For
example, it now possible to create a partitioned table such as
this one:
CREATE TABLE t (c TIMESTAMP)
PARTITION BY RANGE ( UNIX_TIMESTAMP(c) ) (
PARTITION p0 VALUES LESS THAN (631148400),
PARTITION p1 VALUES LESS THAN (946681200),
PARTITION p2 VALUES LESS THAN (MAXVALUE)
);
All other expressions involving TIMESTAMP values are now
rejected with an error when attempting to create a new
partitioned table or to alter an existing partitioned table.
When accessing an existing partitioned table having a
timezone-dependent partitioning function (where the table was
using a previous version of MySQL), a warning rather than an
error is issued. In such cases, you should fix the table. One
way of doing this is to alter the table's partitioning
expression so that it uses UNIX_TIMESTAMP().
(Bug#42849: http://bugs.mysql.com/bug.php?id=42849)
■バグ修正(5.5.1-m2)
* Performance: When the query cache is fragmented, the size of
the free block lists in the memory bins grows, which causes
query cache invalidation to become slow. There is now a 50ms
timeout for a SELECT statement waiting for the query cache
lock. If the timeout expires, the statement executes without
using the query cache.
(Bug#39253: http://bugs.mysql.com/bug.php?id=39253)
See also Bug#21074: http://bugs.mysql.com/bug.php?id=21074.
* Important Change: Replication: The following functions have
been marked unsafe for statement-based replication:
+ GET_LOCK()
+ IS_FREE_LOCK()
+ IS_USED_LOCK()
+ MASTER_POS_WAIT()
+ RELEASE_LOCK()
+ SLEEP()
+ SYSDATE()
+ VERSION()
None of the functions just listed are guaranteed to replicate
correctly when using the statement-based format, because they
can produce different results on the master and the slave. The
use of any of these functions while binlog_format is set to
STATEMENT is logged with the warning, Statement is not safe to
log in statement format. When binlog_format is set to MIXED,
the binary logging format is automatically switched to the
row-based format whenever one of these functions is used.
(Bug#47995: http://bugs.mysql.com/bug.php?id=47995)
* Partitioning: When SHOW CREATE TABLE was invoked for a table
that had been created using the COLUMNS keyword or the
TO_SECONDS() function, the output contained the wrong MySQL
version number in the conditional comments.
(Bug#49591: http://bugs.mysql.com/bug.php?id=49591)
* Partitioning: A query that searched on a ucs2 column failed if
the table was partitioned.
(Bug#48737: http://bugs.mysql.com/bug.php?id=48737)
* Partitioning: In some cases, it was not possible to add a new
column to a table that had subpartitions.
(Bug#48276: http://bugs.mysql.com/bug.php?id=48276)
* Partitioning: SELECT COUNT(*) from a partitioned table failed
when using the ONLY_FULL_GROUP_BY SQL mode.
(Bug#46923: http://bugs.mysql.com/bug.php?id=46923)
This regression was introduced by
Bug#45807: http://bugs.mysql.com/bug.php?id=45807.
* Partitioning: SUBPARTITION BY KEY failed with DEFAULT
CHARSET=utf8.
(Bug#45904: http://bugs.mysql.com/bug.php?id=45904)
* Replication: When using row-based logging, TRUNCATE TABLE was
written to the binary log even if the affected table was
temporary, causing replication to fail.
(Bug#48350: http://bugs.mysql.com/bug.php?id=48350)
* Cluster Replication: When expire_logs_days was set, the thread
performing the purge of the log files could deadlock, causing
all binary log operations to stop.
(Bug#49536: http://bugs.mysql.com/bug.php?id=49536)
* For debug builds on Windows, SAFEMALLOC was defined
inconsistently, leading to mismatches when using my_malloc()
and my_free().
(Bug#49811: http://bugs.mysql.com/bug.php?id=49811)
* The mysql.server script had incorrect shutdown logic.
(Bug#49772: http://bugs.mysql.com/bug.php?id=49772)
* The result of comparison between nullable BIGINT and INT
columns was inconsistent.
(Bug#49517: http://bugs.mysql.com/bug.php?id=49517)
* A Valgrind error in make_cond_for_table_from_pred() was
corrected. Thanks to Sergey Petrunya for the patch to fix this
bug. (Bug#49506: http://bugs.mysql.com/bug.php?id=49506)
* When compiling on Windows, an error in the CMake definitions
for InnoDB would cause the engine to be built incorrectly.
(Bug#49502: http://bugs.mysql.com/bug.php?id=49502)
* Incorrect cache initialization prevented storage of converted
constant values and could produce incorrect comparison
results. (Bug#49489: http://bugs.mysql.com/bug.php?id=49489)
* Comparisons involving YEAR values could produce incorrect
results. (Bug#49480: http://bugs.mysql.com/bug.php?id=49480)
See also Bug#43668: http://bugs.mysql.com/bug.php?id=43668.
* Valgrind warnings for CHECKSUM TABLE were corrected.
(Bug#49465: http://bugs.mysql.com/bug.php?id=49465)
* Specifying an index algorithm (such as BTREE) for SPATIAL or
FULLTEXT indexes caused a server crash. These index types do
not support algorithm specification, and it is now disallowed
to do so. (Bug#49250: http://bugs.mysql.com/bug.php?id=49250)
* The optimizer sometimes incorrectly handled conditions of the
form WHERE col_name='const1' AND col_name='const2'.
(Bug#49199: http://bugs.mysql.com/bug.php?id=49199)
* Execution of DECODE() and ENCODE() could be inefficient
because multiple executions within a single statement
reinitialized the random generator multiple times even with
constant parameters.
(Bug#49141: http://bugs.mysql.com/bug.php?id=49141)
* The LIKE operator did not work correctly when using an index
for a ucs2 column.
(Bug#49028: http://bugs.mysql.com/bug.php?id=49028)
* check_key_in_view() was missing a DBUG_RETURN in one code
branch, causing a crash in debug builds.
(Bug#48995: http://bugs.mysql.com/bug.php?id=48995)
* If a query involving a table was terminated with KILL, a
subsequent SHOW CREATE TABLE for that table caused a server
crash. (Bug#48985: http://bugs.mysql.com/bug.php?id=48985)
* Privileges for stored routines were ignored for mixed-case
routine names.
(Bug#48872: http://bugs.mysql.com/bug.php?id=48872)
See also Bug#41049: http://bugs.mysql.com/bug.php?id=41049.
* Concurrent ALTER TABLE operations on an InnoDB table could
raise an assertion.
(Bug#48782: http://bugs.mysql.com/bug.php?id=48782)
* During query execution, ranges could be merged incorrectly for
OR operations and return an incorrect result.
(Bug#48665: http://bugs.mysql.com/bug.php?id=48665)
* The InnoDB Table Monitor reported the FLOAT and DOUBLE data
types incorrectly.
(Bug#48526: http://bugs.mysql.com/bug.php?id=48526)
* With row-based binary logging, the server crashed for
statements of the form CREATE TABLE IF NOT EXISTS
existing_view LIKE temporary_table. This occurred because the
server handled the existing view as a table when logging the
statement. (Bug#48506: http://bugs.mysql.com/bug.php?id=48506)
* The error message for ER_UPDATE_INFO was subject to buffer
overflow or truncation.
(Bug#48500: http://bugs.mysql.com/bug.php?id=48500)
* DISTINCT was ignored for queries with GROUP BY WITH ROLLUP and
only const tables.
(Bug#48475: http://bugs.mysql.com/bug.php?id=48475)
* Loose index scan was inappropriately chosen for some WHERE
conditions.
(Bug#48472: http://bugs.mysql.com/bug.php?id=48472)
* If the InnoDB tablespace was configured with too small a
value, the server could crash and corrupt the tablespace.
(Bug#48469: http://bugs.mysql.com/bug.php?id=48469)
* Parts of the range optimizer could be initialized incorrectly,
resulting in Valgrind errors.
(Bug#48459: http://bugs.mysql.com/bug.php?id=48459)
* A bad typecast could cause query execution to allocate large
amounts of memory.
(Bug#48458: http://bugs.mysql.com/bug.php?id=48458)
* On Windows, InnoDB could not be built as a statically linked
library. (Bug#48317: http://bugs.mysql.com/bug.php?id=48317)
* mysql_secure_installation did not work on Solaris.
(Bug#48086: http://bugs.mysql.com/bug.php?id=48086)
* When running mysql_secure_installation, the command would fail
if the root password contained multiple spaces, \, # or quote
characters.
(Bug#48031: http://bugs.mysql.com/bug.php?id=48031)
* MATCH IN BOOLEAN MODE searches could return too many results
inside a subquery.
(Bug#47930: http://bugs.mysql.com/bug.php?id=47930)
* User-defined collations with an ID less then 256 were not
initialized correctly when loaded and caused a server crash.
(Bug#47756: http://bugs.mysql.com/bug.php?id=47756)
* If a session held a global read lock acquired with FLUSH
TABLES WITH READ LOCK, a lock for one table acquired with LOCK
TABLES, and issued an INSERT DELAYED statement for another
table, deadlock could occur.
(Bug#47682: http://bugs.mysql.com/bug.php?id=47682)
* The mysql client status command displayed an incorrect value
for the server character set.
(Bug#47671: http://bugs.mysql.com/bug.php?id=47671)
* Connecting to a 4.1.x server from a 5.1.x or higher mysql
client resulted in a memory-free error when disconnecting.
(Bug#47655: http://bugs.mysql.com/bug.php?id=47655)
* Assignment of a system variable sharing the same base name as
a declared stored program variable in the same context could
lead to a crash.
(Bug#47627: http://bugs.mysql.com/bug.php?id=47627)
* On Solaris, no stack trace was printed to the error log after
a crash. (Bug#47391: http://bugs.mysql.com/bug.php?id=47391)
* The innodb_file_format_check system variable could not be set
at runtime to DEFAULT or to the value of a user-defined
variable. (Bug#47167: http://bugs.mysql.com/bug.php?id=47167)
* After a binary upgrade to MySQL 5.1 from a MySQL 5.0
installation that contains ARCHIVE tables, accessing those
tables caused the server to crash, even if you had run
mysql_upgrade or CHECK TABLE ... FOR UPGRADE.
To work around this problem, use mysqldump to dump all ARCHIVE
tables before upgrading, and reload them into MySQL 5.1 after
upgrading. The same problem occurs for binary downgrades from
MySQL 5.1 to 5.0.
(Bug#47012: http://bugs.mysql.com/bug.php?id=47012)
* The IGNORE clause on a DELETE statement masked an SQL
statement error that occurred during trigger processing.
(Bug#46425: http://bugs.mysql.com/bug.php?id=46425)
* Valgrind errors for InnoDB Plugin were corrected.
(Bug#45992: http://bugs.mysql.com/bug.php?id=45992,
Bug#46656: http://bugs.mysql.com/bug.php?id=46656)
* The return value was not checked for some my_hash_insert()
calls. (Bug#45613: http://bugs.mysql.com/bug.php?id=45613)
* It was possible for init_available_charsets() not to
initialize correctly.
(Bug#45058: http://bugs.mysql.com/bug.php?id=45058)
* GROUP BY on a constant (single-row) InnoDB table joined to
other tables caused a server crash.
(Bug#44886: http://bugs.mysql.com/bug.php?id=44886)
* For YEAR(2) values, MIN(), MAX(), and comparisons could yield
incorrect results.
(Bug#43668: http://bugs.mysql.com/bug.php?id=43668)
* Comparison with NULL values sometimes did not produce a
correct result.
(Bug#42760: http://bugs.mysql.com/bug.php?id=42760)
* In debug builds, killing a LOAD XML INFILE statement raised an
assertion. (Bug#42520: http://bugs.mysql.com/bug.php?id=42520)
* The server could crash when attempting to access a
non-conformant mysql.proc system table. For example, the
server could crash when invoking stored procedure-related
statements after an upgrade from MySQL 5.0 to 5.1 without
running mysql_upgrade.
(Bug#41726: http://bugs.mysql.com/bug.php?id=41726)
* The mysql_upgrade command would create three additional fields
to the mysql.proc table (character_set_client,
collation_connection, and db_collation), but did not populate
the fields with correct values. This would lead to error
messages reported during stored procedure execution.
(Bug#41569: http://bugs.mysql.com/bug.php?id=41569)
* Use of InnoDB monitoring (SHOW ENGINE INNODB STATUS or one of
the InnoDB Monitor tables) could cause a server crash due to
invalid access to a shared variable in a concurrent
environment.
(Bug#38883: http://bugs.mysql.com/bug.php?id=38883)
* When compressed MyISAM files were opened, they were always
memory mapped, sometimes causing memory-swapping problems. To
deal with this, a new system variable, myisam_mmap_size, was
added to limit the amount of memory used for memory mapping of
MyISAM files.
(Bug#37408: http://bugs.mysql.com/bug.php?id=37408)
* When running mysql_secure_installation on Windows, the command
would fail to load a required module, Term::ReadKey, which was
required for correct operation.
(Bug#35106: http://bugs.mysql.com/bug.php?id=35106)
* If the --log-bin server option was set to a directory name
with a trailing component separator character, the basename of
the binary log files was empty so that the created files were
named .000001 and .index. The same thing occurred with the
--log-bin-index, --relay-log, and --relay-log-index options.
Now the server reports and error and exits.
(Bug#34739: http://bugs.mysql.com/bug.php?id=34739)
* If a comparison involved a constant value that required type
conversion, the converted value might not be cached, resulting
in repeated conversion and poorer performance.
(Bug#34384: http://bugs.mysql.com/bug.php?id=34384)
* Using the SHOW ENGINE INNODB STATUS statement when using
partitions in InnoDB tables caused Invalid (old?) table or
database name errors to be logged.
(Bug#32430: http://bugs.mysql.com/bug.php?id=32430)
* Output from mysql --html did not encode the <, >, or &
characters.
(Bug#27884: http://bugs.mysql.com/bug.php?id=27884)
* Under heavy load with a large query cache, invalidating part
of the cache could cause the server to freeze (that is, to be
unable to service other operations until the invalidation was
complete). (Bug#21074: http://bugs.mysql.com/bug.php?id=21074)
See also Bug#39253: http://bugs.mysql.com/bug.php?id=39253.
* On some Windows systems, InnoDB could report Operating system
error number 995 in a file operation due to transient driver
or hardware problems. InnoDB now retries the operation and
adds Retry attempt is made to the error message.
(Bug#3139: http://bugs.mysql.com/bug.php?id=3139)
投稿者 | スレッド |
---|