MySQL 5.0.90 リリース
投稿日時 2010-1-29 12:00:00 | トピック: MySQL 5.0
| MySQL 5.0.89 で通常のコミュニティー版は最終バージョンとなるはずだった MySQL 5.0 シリーズですが、このたび バージョン 5.0.90 がリリースされました。
yaSSL のバッファオーバーフロー問題 http://bugs.mysql.com/bug.php?id=50227,CVE-2009-4484 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4484) への対処が今回のリリースの主な理由だと思われますが、それ以外にも いくつかの修正がなされています。
このバッファオーバーフロー問題については、本サイトで MySQL 5.5.1-m2 リリース案内をした際の記事も参照ください。 http://www.mysql.gr.jp/frame/modules/news/article.php?storyid=164
ダウンロードはこちらから: http://dev.mysql.com/downloads/mysql/5.0.html
--------------------- 以下チェンジログ(5.0.90)
■RPM ノート: * The version information in RPM package files has been changed: + The "level" field of a MySQL version number is now also included in the RPM version and in the package file name. + The RPM "release" value now starts to count from 0. For example, the Rhel, Sles rpm file of 5.0.90 is named as MySQL-server-community-5.0.90-0.rhel3.i386.rpm.
■バグ修正: *Security Fix*: For servers built with yaSSL, a preauthorization buffer overflow could cause memory corruption or a server crash. We thank Evgeny Legerov from Intevydis for providing us with a proof-of-concept script that allowed us to reproduce this bug. (Bug#50227: http://bugs.mysql.com/bug.php?id=50227,CVE-2009-4484 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4484))
* Replication: FLUSH LOGS did not actually close and reopen the binary log index file. (Bug#48738: http://bugs.mysql.com/bug.php?id=48738) See also Bug#34582: http://bugs.mysql.com/bug.php?id=34582 .
* Some prepared statements could raise an assertion when re-executed. (Bug#49570: http://bugs.mysql.com/bug.php?id=49570)
* Valgrind warnings for CHECKSUM TABLE were corrected. (Bug#49465: http://bugs.mysql.com/bug.php?id=49465)
* Specifying an index algorithm (such as BTREE) for SPATIAL or FULLTEXT indexes caused a server crash. These index types do not support algorithm specification, and it is now disallowed to do so. (Bug#49250: http://bugs.mysql.com/bug.php?id=49250)
* The optimizer sometimes incorrectly handled conditions of the form WHERE col_name='const1' AND col_name='const2'. (Bug#49199: http://bugs.mysql.com/bug.php?id=49199)
* Several strmake() calls had an incorrect length argument (too large by one). (Bug#48983: http://bugs.mysql.com/bug.php?id=48983)
* On Fedora 12, strmov() did not guarantee correct operation for overlapping source and destination buffer. Calls were fixed to use an overlap-safe version instead. (Bug#48866: http://bugs.mysql.com/bug.php?id=48866)
* Incomplete reset of internal TABLE structures could cause a crash with eq_ref table access in subqueries. (Bug#48709: http://bugs.mysql.com/bug.php?id=48709)
* Re-execution of a prepared statement could cause a server crash. (Bug#48508: http://bugs.mysql.com/bug.php?id=48508)
* The error message for ER_UPDATE_INFO was subject to buffer overflow or truncation. (Bug#48500: http://bugs.mysql.com/bug.php?id=48500)
* On Solaris, no stack trace was printed to the error log after a crash. (Bug#47391: http://bugs.mysql.com/bug.php?id=47391)
* Comparison with NULL values sometimes did not produce a correct result. (Bug#42760: http://bugs.mysql.com/bug.php?id=42760)
* When compressed MyISAM files were opened, they were always memory mapped, sometimes causing memory-swapping problems. To deal with this, a new system variable, myisam_mmap_size, was added to limit the amount of memory used for memory mapping of MyISAM files. (Bug#37408: http://bugs.mysql.com/bug.php?id=37408)
|
|