MySQL 4.0.27 リリース
投稿日時 2006-5-17 1:19:53 | トピック: MySQL
| MySQL 4.0系列としては久々のリリースとなる、バージョン 4.0.27 が公開されました。
このバージョンには、クライアント−サーバ間プロトコルに関するセキュリティパッチが含まれているようです。
> This MySQL 4.0.27 release includes the patches for recently reported > security vulnerabilities in the MySQL client-server protocol. We would > like to thank Stefano Di Paola <stefano.dipaola@wisec.it> for finding > and reporting these to us.
詳細はチェンジログをご覧ください。
----- 以下、チェンジログ
■機能の追加と変更(4.0.27): - The MySQL-server RPM now explicitly assigns the mysql system user to the mysql user group during the post-installation process. This corrects an issue with upgrading the server on some Linux distributions whereby a previously existing mysql user was not changed to the mysql group, resulting in wrong groups for files created following the installation. (Bug#12823: http://bugs.mysql.com/12823)
- Better detection of connection timeout for replication servers on Windows allows elimination of extraneous Lost connection errors in the error log. (Bug#5588: http://bugs.mysql.com/5588)
■バグ修正(4.0.27): - Security fix: A malicious client, using specially crafted invalid login or COM_TABLE_DUMP packets was able to read uninitialized memory, which potentially, though unlikely in MySQL, could have led to an information disclosure. (CVE-2006-1516 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1516), CVE-2006-1517 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1517)) Thanks to Stefano Di Paola stefano.dipaola@wisec.it for finding and reporting this bug.
- MySQL-shared-compat-4.0.26-0.i386.rpm and 4.0.27 incorrectly depend on glibc 2.3 and cannot not be installed on a glibc 2.2 system. For MySQL 4.0, we recommend using the older MySQL-shared-compat-4.0.25-0.i386.rpm package. (Bug#16539: http://bugs.mysql.com/16539)
- When myisamchk needed to rebuild a table, AUTO_INCREMENT information was lost. (Bug#10405: http://bugs.mysql.com/10405)
- BIT_COUNT() could return an incorrect value for right table columns in a LEFT JOIN. (Bug#13044: http://bugs.mysql.com/13044)
- An UPDATE statement which tried to update a column with a name beginning with an asterisk would cause the server to crash. This was because the MySQL server would wrongly expand the '*' character to the list of all table columns, causing the list of columns to become longer than the list of values. Now the server performs this expansion only if the '*' character is followed by a space. (Bug#15610: http://bugs.mysql.com/15610)
- An INSERT ... SELECT statement between tables in a MERGE set can return errors when statement involves insert into child table from merge table or vice-versa. (Bug#5390: http://bugs.mysql.com/5390)
- A LIMIT-related optimization failed to take into account that MyISAM table indexes can be disabled, causing Error 124 when it tried to use such an index. (Bug#14616: http://bugs.mysql.com/14616)
- For a table that had been opened with HANDLER OPEN, issuing OPTIMIZE TABLE, ALTER TABLE, or REPAIR TABLE caused a server crash. (Bug#14397: http://bugs.mysql.com/14397)
- Queries of the form (SELECT ...) ORDER BY ... were being treated as a UNION. This improperly resulted in only distinct values being returned (because UNION by default eliminates duplicate results). Also, references to column aliases in ORDER BY clauses following parenthesized SELECT statements were not resolved properly. (Bug#7672: http://bugs.mysql.com/7672)
- SELECT DISTINCT with a GROUP BY clause caused a server crash. (Bug#13855: http://bugs.mysql.com/13855)
- SHOW CREATE TABLE did not display any FOREIGN KEY clauses if a temporary file could not be created. Now SHOW CREATE TABLE displays an error message in an SQL comment if this occurs. (Bug#13002: http://bugs.mysql.com/13002)
- MySQL programs in binary distributions for Solaris 8/9/10 x86 systems would not run on Pentium III machines. (Bug#6772: http://bugs.mysql.com/6772)
- Queries against a MERGE table that has a composite index could produce incorrect results. (Bug#9112: http://bugs.mysql.com/9112)
- The counters for the Key_read_requests, Key_reads, Key_write_requests, and Key_writes status variables were changed from "unsigned long" to "unsigned long long" to accommodate larger values before the variables roll-over and restart from 0. (Bug#12920: http://bugs.mysql.com/12920)
- A concurrency problem for CREATE ... SELECT could cause a server crash. (Bug#12845: http://bugs.mysql.com/12845)
- On HP-UX 11.x (PA-RISC), the -L option caused "mysqlimport" to crash. (Bug#12958: http://bugs.mysql.com/12958)
- The server crashed when one thread resized the query cache while another thread was using it. (Bug#12848: http://bugs.mysql.com/12848)
■バグ修正(ソースからのビルド時の問題)(4.0.27) - Avoid trying to include when it doesn't work in C++ code. (Bug#13621: http://bugs.mysql.com/13621)
- MySQL would not compile on Linux distributions that use the "tinfo" library. (Bug#18912: http://bugs.mysql.com/18912)
- Fixed problems with static variables to allow building on Fedora Core 3. (Bug#6554: http://bugs.mysql.com/6554)
|
|