Cookies op Tweakers

Tweakers maakt gebruik van cookies, onder andere om de website te analyseren, het gebruiksgemak te vergroten en advertenties te tonen. Door gebruik te maken van deze website, of door op 'Ga verder' te klikken, geef je toestemming voor het gebruik van cookies. Wil je meer informatie over cookies en hoe ze worden gebruikt, bekijk dan ons cookiebeleid.

Meer informatie

Door , , 3 reacties
Bron: MySQL

Op het forum van MySQL hebben de ontwikkelaars een nieuwe versie aangekondigd van het databaseprogramma. Het gaat dit keer om versie 5.0.21 die via deze pagina voor een groot aantal besturingssystemen gedownload kan worden. In deze release zijn niet alleen security vulnerabilites gedicht, maar hebben de ontwikkelaars ook nieuwe features aan MySQL 5.0.21 toegevoegd. MySQL is een krachtige opensourcedatabaseserver die met name populair is als website- en forumdatabase. Tweakers.net maakt gebruik van MySQL om onder meer gebruikersgegevens, statistieken en diverse review-, meuk- en nieuwsartikelen in op te slaan. Het changelog van versie 5.0.21 ziet er als volgt uit:

Functionality added or changed:
  • Security enhancement: Added the global max_prepared_stmt_count system variable to limit the total number of prepared statements in the server. This limits the potential for denial-of-service attacks based on causing the server to run causing the server to run out of memory by preparing huge numbers of statements. The current number of prepared statements is available through the 'prepared_stmt_count' status variable. (Bug#16365: http://bugs.mysql.com/16365)
  • NDB Cluster: It is now possible to perform a partial start of a cluster. That is, it is now possible to bring up the cluster without running ndbd --initial on all configured data nodes first. (Bug#18606: http://bugs.mysql.com/18606)
  • NDB Cluster: It is now possible to install MySQL with Cluster support to a non-default location and change the search path for font description files using either the --basedir or --character-sets-dir options. (Previously in MySQL 5.0, ndbd searched only the default path for character sets.)
  • In result set metadata, the MYSQL_FIELD.length value for BIT columns now is reported in number of bits. For example, the value for a BIT(9) column is 9. (Formerly, the value was related to number of bytes.) (Bug#13601: http://bugs.mysql.com/13601)
  • The default for the innodb_thread_concurrency system variable was changed to 8. (Bug#15868: http://bugs.mysql.com/15868)
Bugs fixed:
  • Security bugfix: A malicious client, using specially crafted invalid COM_TABLE_DUMP packets was able to trigger an exploitable buffer overflow on the server. Thanks to Stefano Di Paola for finding and reporting this bug.
  • Security bugfix: A malicious client, using specially crafted invalid login or COM_TABLE_DUMP packets was able to read uninitialized memory, which potentially, though unlikely in MySQL, could lead to an information disclosure. Thanks to Stefano Di Paola for finding and reporting this bug.
  • NDB Cluster: A simultaneous DROP TABLE and table update operation utilising a table scan could trigger a node failure. (Bug#18597: http://bugs.mysql.com/18597)
  • Conversion of a number to a CHAR UNICODE string returned an invalid result. (Bug#18691: http://bugs.mysql.com/18691)
  • DELETE and UPDATE statements that used large NOT IN (value_list) clauses could use large amounts of memory. (Bug#15872: http://bugs.mysql.com/15872)
  • Prevent recursive views caused by using RENAME TABLE on a view after creating it. (Bug#14308: http://bugs.mysql.com/14308)
  • A LOCK TABLES statement that failed could cause MyISAM not to update table statistics properly, causing a subsequent CHECK TABLE to report table corruption. (Bug#18544: http://bugs.mysql.com/18544)
  • For a reference to a non-existent stored function in a stored routine that had a CONTINUE handler, the server continued as though a useful result had been returned, possibly resulting in a server crash. (Bug#18787: http://bugs.mysql.com/18787)
  • InnoDB did not use a consistent read for CREATE ... SELECT when innodb_locks_unsafe_for_binlog was set. (Bug#18350: http://bugs.mysql.com/18350)
  • InnoDB could read a delete mark from its system tables incorrectly. (Bug#19217: http://bugs.mysql.com/19217)
  • Corrected a syntax error in mysql-test-run.sh. (Bug#19190: http://bugs.mysql.com/19190)
  • A missing DBUG_RETURN() caused the server to emit a spurious error message: missing DBUG_RETURN or DBUG_VOID_RETURN macro in function "open_table". (Bug#18964: http://bugs.mysql.com/18964)
  • DROP DATABASE did not drop stored routines associated with the database if the database name was longer than 21 characters. (Bug#18344: http://bugs.mysql.com/18344)
  • Avoid trying to include when it doesn't work in C++ code. (Bug#13621: http://bugs.mysql.com/13621)
  • Executing SELECT on a large table that had been compressed within myisampack could cause a crash. (Bug#17917: http://bugs.mysql.com/17917)
  • NDB Cluster: When attempting to create an index on a BIT or BLOB column, Error 743: Unsupported character set in table or index was returned instead of Error 906: Unsupported attribute type in index.
  • Within stored routines, usernames were parsed incorrectly if they were enclosed within quotes. (Bug#13310: http://bugs.mysql.com/13310)
  • Casting a string to DECIMAL worked, but casting a trimmed string (using LTRIM() or RTRIM()) resulted in loss of decimal digits. (Bug#17043: http://bugs.mysql.com/17043)
  • NDB Cluster: On slow networks or CPUs, the management client SHOW command could sometimes erroneously show all data nodes as being master nodes belonging to nodegroup 0. (Bug#15530: http://bugs.mysql.com/15530)
  • If the second or third argument to BETWEEN was a constant expression such as '2005-09-01 - INTERVAL 6 MONTH' and the other two arguments were columns, BETWEEN was evaluated incorrectly. (Bug#18618: http://bugs.mysql.com/18618)
  • If the first argument to BETWEEN was a DATE or TIME column of a view and the other arguments were constants, BETWEEN did not perform conversion of the constants to the appropriate temporary type, resulting in incorrect evaluation. (Bug#16069: http://bugs.mysql.com/16069)
  • Server and clients ignored the --sysconfdir option that was passed to configure. (Bug#15069: http://bugs.mysql.com/15069)
  • NDB Cluster: In a 2-node cluster with a node failure, restarting the node with a low value for StartPartialTimeout could cause the cluster to come up partitioned ("split-brain" issue). (Bug#16447: http://bugs.mysql.com/16447) A similar issue could occur when the cluster was first started with a sufficiently low value for this parameter. (Bug#18612: http://bugs.mysql.com/18612)
  • NDB Cluster: On systems with multiple network interfaces, data nodes would get "stuck" in startup phase 2 if the interface connecting them to the management server was working on node startup while the interface interconnecting the data nodes experienced a temporary outage. (Bug#15695: http://bugs.mysql.com/15695)
  • NDB Cluster: Unused open handlers for tables in which the metadata had changed were not properly closed. This could result in stale results from Cluster tables following an ALTER TABLE. (Bug#13228: http://bugs.mysql.com/13228)
  • NDB Cluster: Uninitialised internal variables could lead to unexpected results. (Bug#11033: http://bugs.mysql.com/11033, Bug#11034: http://bugs.mysql.com/11034)
  • For InnoDB tables, an expression of the form col_name BETWEEN col_name2 - INTERVAL x DAY AND col_name2 + INTERVAL x DAY when used in a join returned incorrect results. (Bug#14360: http://bugs.mysql.com/14360)
  • INSERT DELAYED into a view caused an infinite loop. (Bug#13683: http://bugs.mysql.com/13683)
  • Lettercase in database name qualifiers was not consistently handled properly in queries when lower_case_table_names was set to 1. (Bug#15917: http://bugs.mysql.com/15917)
  • The optimizer could cause a server crash or use a non-optimal subset of indexes when evaluating whether to use Index Merge/Intersection variant of index_merge optimization. (Bug#19021: http://bugs.mysql.com/19021)
  • The presence of multiple equalities in a condition after reading a constant table could cause the optimizer not to use an index. This resulted in certain queries being much slower than in MySQL 4.1. (Bug#16504: http://bugs.mysql.com/16504)
  • A recent change caused the mysql client not to display NULL values correctly and to display numeric columns left-justified rather than right-justified. The problems have been corrected. (Bug#18265: http://bugs.mysql.com/18265)
  • mysql_reconnect() sent a SET NAMES statement to the server, even for pre-4.1 servers that do not understand the statement. (Bug#18830: http://bugs.mysql.com/18830)
  • COUNT(*) on a MyISAM table could return different results for the base table and a view on the base table. (Bug#18237: http://bugs.mysql.com/18237)
  • DELETE with LEFT JOIN for InnoDB tables could crash the server if innodb_locks_unsafe_for_binlog was enabled. (Bug#15650: http://bugs.mysql.com/15650)
  • InnoDB failure to release an adaptive hash index latch could cause a server crash if the query cache was enabled. (Bug#15758: http://bugs.mysql.com/15758)
  • For mysql.server, if the basedir option was specified after datadir in an option file, the setting for datadir was ignored and assumed to be located under basedir. (Bug#16240: http://bugs.mysql.com/16240)
  • The euro sign (€) was not stored correctly in columns using the latin1_german1_ci or latin1_general_ci collation. (Bug#18321: http://bugs.mysql.com/18321)
  • EXTRACT(QUARTER FROM date) returned unexpected results. (Bug#18100: http://bugs.mysql.com/18100)
  • TRUNCATE did not reset the AUTO_INCREMENT counter for MyISAM tables when issued inside a stored procedure. (Bug#14945: http://bugs.mysql.com/14945) Note: This bug did not affect InnoDB tables. Also, TRUNCATE does not reset the AUTO_INCREMENT counter for NDBCluster tables regardless of when it is called (see Bug#18864: http://bugs.mysql.com/18864).
  • The server was always built as though --with-extra-charsets=complex had been specified. (Bug#12076: http://bugs.mysql.com/12076)
  • A query using WHERE (column_1, column_2) IN ((value_1, value_2)[, (..., ...), ...]) would return incorrect results. (Bug#16248: http://bugs.mysql.com/16248)
  • Queries of the form SELECT DISTINCT timestamp_column WHERE date_function(timestamp_col) = constant did not return all matching rows. (Bug#16710: http://bugs.mysql.com/16710)
  • When running a query that contained a GROUP_CONCAT( SELECT GROUP_CONCAT(...) ), the result was NULL except in the ROLLUP part of the result, if there was one. (Bug#15560: http://bugs.mysql.com/15560)
  • For tables created in a MySQL 4.1 installation upgraded to MySQL 5.0 and up, multiple-table updates could update only the first matching row. (Bug#16281: http://bugs.mysql.com/16281)
  • NDB Cluster: When multiple node restarts were attempted without allowing each restart to complete, the error message returned was Array index out of bounds rather than Too many crashed replicas. (Bug#18349: http://bugs.mysql.com/18349)
  • CAST (double AS SIGNED INT) for large double values outside the signed integer range truncates the result to be within range, but the result sometimes had the wrong sign, and no warning was generated. (Bug#15098: http://bugs.mysql.com/15098)
  • Updating a field value when also requesting a lock with GET_LOCK() would cause slave servers in a replication environment to terminate. (Bug#17284: http://bugs.mysql.com/17284)
Versienummer:5.0.21
Besturingssystemen:Windows 9x, Windows NT, Windows 2000, BSD, Windows XP, Linux x86, macOS, Solaris, UNIX, Windows Server 2003, Windows XP x64, Windows XP IA-64, Windows Server 2003 x64, Windows Server 2003 IA-64, Linux AMD64, Linux IA-64
Website:MySQL
Download:http://dev.mysql.com/downloads/mysql/5.0.html
Licentietype:Voorwaarden (GNU/BSD/etc.)
Moderatie-faq Wijzig weergave

Reacties (3)

goh apache heeft een update gekregen, mysql nu ook.. nu is het wachten op php ;)

Iemand een idee of de mysql encrypties nu wel tot sha 512 gaan? het is wel mogelijk met iets compilen (niet van mysql zelf) nadeel is dat die manier alleen voor linux werkt. Volgens de maker van dat artikel (ben de link even kwijt maar zoek maar op sha512 in mysql) zou het ook in windows moieten werken.. hij heeft het zelf ook geprobeerd maar toen volgens mij niet werkend gekregen..
Wachten op PHP? PHP 5.1.3 is net gereleased.
http://www.php.net/release_5_1_3.php :Y)
Iemand een idee of de mysql encrypties nu wel tot sha 512 gaan?
SHA is een hash functie, geen encryptie functie.

Op dit item kan niet meer gereageerd worden.



Apple iOS 10 Google Pixel Apple iPhone 7 Sony PlayStation VR AMD Radeon RX 480 4GB Battlefield 1 Google Android Nougat Watch Dogs 2

© 1998 - 2016 de Persgroep Online Services B.V. Tweakers vormt samen met o.a. Autotrack en Carsom.nl de Persgroep Online Services B.V. Hosting door True