Cookies op Tweakers

Tweakers maakt gebruik van cookies, onder andere om de website te analyseren, het gebruiksgemak te vergroten en advertenties te tonen. Door gebruik te maken van deze website, of door op 'Ga verder' te klikken, geef je toestemming voor het gebruik van cookies. Wil je meer informatie over cookies en hoe ze worden gebruikt, bekijk dan ons cookiebeleid.

Meer informatie

Door , , 8 reacties
Bron: MySQL

Net geen drie maanden na de release van versie 4.1.18 hebben de ontwikkelaars zojuist de nieuwste 4.1-versie van MySQL uitgebracht, te weten 4.1.19. De update is via deze pagina te downloaden in een groot aantal uitvoeringen voor verschillende besturingssystemen. MySQL is een krachtige opensourcedatabaseserver die met name populair is als website- en forumdatabase. Tweakers.net maakt gebruik van MySQL om onder meer gebruikersgegevens, statistieken en diverse review-, meuk- en nieuwsartikelen in op te slaan. In versie 4.1.19 zijn dezelfde security vulnerabilites gedicht als in MySQL 5.0.21, maar ook zijn er de nodige bugfixes doorgevoerd. Welke dat precies zijn lees je hier beneden:

This MySQL 4.1.19 release includes the patches for recently reported security vulnerabilites in the MySQL client-server protocol.

Functionality added or changed:

  • Security enhancement: Added the global max_prepared_stmt_count system variable to limit the total number of prepared statements in the server. This limits the potential for denial-of-service attacks based on running the server out of memory by preparing huge numbers of statements. The current number of prepared statements is available through the prepared_stmt_count system variable. (Bug#16365: http://bugs.mysql.com/16365)
  • InnoDB now caches a list of unflushed files instead of scanning for unflushed files during a table flush operation. This improves performance when --innodb-file-per-table is set on a system with a large number of InnoDB tables. (Bug#15653: http://bugs.mysql.com/15653)
  • New charset command added to mysql command-line client. By typing charset name or \C name (such as \C UTF8), the client character set can be changed without reconnecting. (Bug#16217: http://bugs.mysql.com/16217)
  • Large file support was re-enabled for the MySQL server binary for the AIX 5.2 platform. (Bug#13571: http://bugs.mysql.com/13571)
  • When using the GROUP_CONCAT() function where the group_concat_max_len system variable was greater than 512, the type of the result was BLOB only if the query included an ORDER BY clause; otherwise the result was a VARCHAR. The result type of the GROUP_CONCAT() function is now VARCHAR only if the value of the group_concat_max_len system variable is less than or equal to 512. Otherwise, this function returns a BLOB. (Bug#14169: http://bugs.mysql.com/14169)
,strong>Bugs fixed:
  • Security fix: A malicious client, using specially crafted invalid login or COM_TABLE_DUMP packets was able to read uninitialized memory, which potentially, though unlikely in MySQL, could have led to an information disclosure. Thanks to Stefano Di Paola for finding and reporting this bug.
  • NDB Cluster: A simultaneous DROP TABLE and table update operation utilising a table scan could trigger a node failure. (Bug#18597: http://bugs.mysql.com/18597)
  • NDB Cluster: Backups could fail for large clusters with many tables, where the number of tables approached MaxNoOfTables. (Bug#17607: http://bugs.mysql.com/17607)
  • The IN-to-EXISTS transformation was making a reference to a parse tree fragment that was left out of the parse tree. This caused problems with prepared statements. (Bug#18492: http://bugs.mysql.com/18492)
  • Attempting to set the default value of an ENUM or SET column to NULL caused a server crash. (Bug#19145: http://bugs.mysql.com/19145)
  • Index corruption could occur in cases when key_cache_block_size was not a multiple of myisam_block_size (for example, with key_cache_block_size=1536 and myisam_block_size=1024). (Bug#19079: http://bugs.mysql.com/19079)
  • UNCOMPRESS(NULL) could cause subsequent UNCOMPRESS() calls to return NULL for legal non-NULL arguments. (Bug#18643: http://bugs.mysql.com/18643)
  • Conversion of a number to a CHAR UNICODE string returned an invalid result. (Bug#18691: http://bugs.mysql.com/18691)
  • A call to MIN() with a CASE expression as its argument could return a non-minimum value. (Bug#17896: http://bugs.mysql.com/17896)
  • A LOCK TABLES statement that failed could cause MyISAM not to update table statistics properly, causing a subsequent CHECK TABLE to report table corruption. (Bug#18544: http://bugs.mysql.com/18544)
  • Avoid trying to include when it doesn't work in C++ code. (Bug#13621: http://bugs.mysql.com/13621)
  • Executing SELECT on a large table that had been compressed within myisampack could cause a crash. (Bug#17917: http://bugs.mysql.com/17917)
  • NDB Cluster: In a 2-node cluster with a node failure, restarting the node with a low value for StartPartialTimeout could cause the cluster to come up partitioned ("split-brain" issue). (Bug#16447: http://bugs.mysql.com/16447) A similar issue could occur when the cluster was first started with a sufficiently low value for this parameter. (Bug#18612: http://bugs.mysql.com/18612)
  • NDB Cluster: On systems with multiple network interfaces, data nodes would get "stuck" in startup phase 2 if the interface connecting them to the management server was working on node startup while the interface interconnecting the data nodes experienced a temporary outage. (Bug#15695: http://bugs.mysql.com/15695)
  • mysql_config returned incorrect libraries on x86_64 systems. (Bug#13158: http://bugs.mysql.com/13158)
  • mysql_reconnect() sent a SET NAMES statement to the server, even for pre-4.1 servers that do not understand the statement. (Bug#18830: http://bugs.mysql.com/18830)
  • During conversion from one character set to ucs2, multi-byte characters with no ucs2 equivalent were converted to multiple characters, rather than to 0x003F QUESTION MARK. (Bug#15375: http://bugs.mysql.com/15375)
  • The mysql_close() C API function leaked handles for share-memory connections on Windows. (Bug#15846: http://bugs.mysql.com/15846)
  • The euro sign () was not stored correctly in columns using the latin1_german1_ci or latin1_general_ci collation. (Bug#18321: http://bugs.mysql.com/18321)
  • The server was always built as though --with-extra-charsets=complex had been specified. (Bug#12076: http://bugs.mysql.com/12076)
  • SELECT ... WHERE column LIKE 'A%' when column had a key and used the latin2_czech_cs collation. (Bug#17374: http://bugs.mysql.com/17374)
  • A query using WHERE (column_1, column_2) IN ((value_1, value_2)[, (..., ...), ...]) would return incorrect results. (Bug#16248: http://bugs.mysql.com/16248)
  • The -lmtmalloc library was removed from the output of mysql_config on Solaris, as it caused problems when building DBD::mysql (and possibly other applications) on that platform that tried to use dlopen() to access the client library. (Bug#18322: http://bugs.mysql.com/18322)
  • When running a query that contained a GROUP_CONCAT( SELECT GROUP_CONCAT(...) ), the result was NULL except in the ROLLUP part of the result, if there was one. (Bug#15560: http://bugs.mysql.com/15560)
  • CASTdouble AS SIGNED INT) for large double values outside the signed integer range truncates the result to be within range, but the result sometimes had the wrong sign. (Bug#15098: http://bugs.mysql.com/15098)
  • SET value definitions containing commas were not rejected. Now a definition such as SET('a,b','c,d') results in an error. (Bug#15316: http://bugs.mysql.com/15316)
  • MyISAM: Keys for which the first part of the key was a CHAR or VARCHAR column using the UTF-8 character set and longer than 254 bytes could become corrupted. (Bug#17705: http://bugs.mysql.com/17705)
  • NDB Cluster: A timeout in the handling of an ABORT condition with more that 32 operations could yield a node failure. (Bug#18414: http://bugs.mysql.com/18414)
  • NDB Cluster: A node restart immediately following a CREATE TABLE would fail. Important: This fix supports 2-node Clusters only. (Bug#18385: http://bugs.mysql.com/18385)
  • NDB Cluster: In event of a node failure during a rollback, a "false" lock could be established on the backup for that node, which lock could not be removed without restarting the node. (Bug#18352: http://bugs.mysql.com/18352)
  • NDB Cluster: The cluster created a crashed replica of a table having an ordered index --- or when logging was not enabled, of a table having a table or unique index --- leading to a crash of the cluster following 8 successibe restarts. (Bug#18298: http://bugs.mysql.com/18298)
  • NDB Cluster: When replacing a failed master node, the replacement node could cause the cluster to crash from a buffer overflow if it had an excessively large amount of data to write to the cluster log. (Bug#18118: http://bugs.mysql.com/18118)
  • NDB Cluster: Restarting nodes were allowed to start and join the cluster too early. (Bug#16772: http://bugs.mysql.com/16772)
  • If InnoDB encountered a HA_ERR_LOCK_TABLE_FULL error and rolled back a transaction, the transaction was still written to the binary log. (Bug#18283: http://bugs.mysql.com/18283)
  • Connecting to a server with a UCS2 default character set with a client using a non-UCS2 character set crashed the server. (Bug#18004: http://bugs.mysql.com/18004)
  • Character set conversion of string constants for UNION of constant and table column was not done when it was safe to do so. (Bug#15949: http://bugs.mysql.com/15949)
  • Use of TRUNCATE TABLE for a TEMPORARY table on a master server was propagated to slaves properly, but slaves did not decrement the Slave_open_temp_tables counter properly. (Bug#17137: http://bugs.mysql.com/17137)
  • SELECT COUNT(*) for a MyISAM table could return different results depending on whether an index was used. (Bug#14980: http://bugs.mysql.com/14980)
  • Large file support did not work in AIX server binaries. (Bug#10776: http://bugs.mysql.com/10776)
  • Security Improvement: GRANTs to users with wildcards in their host information could be erroneously applied to similar users with the same username and similar wildcards. For example, a privilege granted to foo@% are also applied to user foo@192.%. (Bug#14385: http://bugs.mysql.com/14385)
  • NDB Cluster: Inserting and deleting BLOB column values while a backup was in process could cause the loss of an ndbd node. (Bug#14028: http://bugs.mysql.com/14028)
  • Setting the myisam_repair_threads system variable to a value larger than 1 could cause corruption of large MyISAM tables. (Bug#11527: http://bugs.mysql.com/11527)
  • Security improvement: In grant table comparisons, improper use of a latin1 collation caused some hostname matches to be true that should have been false. Thanks to Deomid Ryabkov for finding this bug and proposing a solution. (Bug#15756: http://bugs.mysql.com/15756)
  • NDB Cluster: ndb_delete_all would run out of memory on tables containing BLOB columns. (Bug#16693: http://bugs.mysql.com/16693)
  • A statement containing GROUP BY and HAVING clauses could return incorrect results when the HAVING clause contained logic that returned FALSE for every row. (Bug#14927: http://bugs.mysql.com/14927)
  • mysqldump tried to dump data from a view. (In MySQL 4.1, this applies when connecting to a server from MySQL 5.0 or higher.) (Bug#16389: http://bugs.mysql.com/16389)
  • NDB Cluster: An UPDATE with an inner join failed to match any records if both tables in the join did not have a primary key. (Bug#17257: http://bugs.mysql.com/17257)
  • NDB Cluster: A DELETE with a join in the WHERE clause failed to retrieve any records if both tables in the join did not have a primary key. (Bug#17249: http://bugs.mysql.com/17249)
  • NDB Cluster: In some cases, LOAD DATA INFILE did not load all data into NDB tables. (Bug#17081: http://bugs.mysql.com/17081)
  • NDB Cluster: The REDO log would become corrupted (and thus unreadable) in some circumstances, due to a failure in the query handler. (Bug#17295: http://bugs.mysql.com/17295)
  • NDB Cluster: No error message was generated for setting NoOfFragmentLogFiles too low. (Bug#13966: http://bugs.mysql.com/13966)
  • NDB Cluster: No error message was generated for setting MaxNoOfAttributes too low. (Bug#13965: http://bugs.mysql.com/13965)
  • Binary distributions for Solaris contained files with group ownership set to the non-existing wheel group. Now the bin group is used. (Bug#15562: http://bugs.mysql.com/15562)
  • Killing a long-running query containing a subquery could cause a server crash. (Bug#14851: http://bugs.mysql.com/14851)
  • Repeated invocation of my_init() and my_end() caused corruption of character set data and connection failure. (Bug#6536: http://bugs.mysql.com/6536)
  • A FULLTEXT query in a prepared statement could result in unexpected behavior. (Bug#14496: http://bugs.mysql.com/14496)
  • A FULLTEXT query in a UNION could result in unexpected behavior. (Bug#16893: http://bugs.mysql.com/16893)
  • Server crash when dropping InnoDB constraints named TABLENAME_ibfk_0. (Bug#16387: http://bugs.mysql.com/16387)
  • Corrected race condition when dropping the adaptive hash index for a B-tree page in InnoDB. (Bug#16582: http://bugs.mysql.com/16582)
  • LOAD DATA FROM MASTER produced invalid warnings and Packet out of order errors when the database already existed on the slave. (Bug#15302: http://bugs.mysql.com/15302)
  • A key on a MEMORY table would sometimes fail to match a row. (Bug#12796: http://bugs.mysql.com/12796)
  • MYSQL_STMT objects were not preserved following a connection reset. Attempting to operate on them afterwards caused the server to crash. (Bug#12744: http://bugs.mysql.com/12744)
Versienummer:4.1.19
Besturingssystemen:Windows 9x, Windows 2000, BSD, Windows XP, Linux x86, macOS, Solaris, UNIX, Windows Server 2003, Windows XP x64, Windows Server 2003 x64, Windows Server 2003 IA-64, Linux AMD64, Linux IA-64, Windows XP Media Center 2005
Website:MySQL
Download:http://dev.mysql.com/downloads/mysql/4.1.html
Licentietype:Voorwaarden (GNU/BSD/etc.)
Moderatie-faq Wijzig weergave

Reacties (8)

Zoals gewoonlijk weer een perfecte release.
even upgraden en alles werkt gewoon pefect, en dat voor nog steeds voor niks ;)

En nu werkt ie stukken beter op mijn W2k3 op mijn 64bit server.
waarom een update van versie 4 als er ook al een versie 5 is?
Dat is vrij gebruikelijk met open source software. PHP5 is al tijden uit, terwijl PHP4 ook nogsteeds aangeboden en gebruikt wordt. Apache2 is uit, terwijl Apache1 net zo actief is, en zo nog veel meer voorbeelden.
Meestal wordt gezecht dat de oude versie stabieler is: enkel bugfixes en (vrijwel) geen nieuwe features. Terwijl de nieuwe versies wel nieuwe features krijgen wat logischerwijze dan ook problemen kan veroorzaken.

Keuzevrijheid :Y)
Omdat bijv. forum software nog niet helemaal met MySQL 5 werkt. Zo zijn er natuurlijk meerdere software pakketten die nog op de "oude" engine werken. :)
waarom een update van versie 4 als er ook al een versie 5 is?
5 is nog niet zo lang 'stable' en er zitten nog steeds kritieke bugs in 5.
Omdat er een belangrijke veiligheidslek ontdekt en gedicht is

zie http://www.frsirt.com/english/advisories/2006/1633
Omdat er een belangrijke veiligheidslek ontdekt en gedicht is
Dat is geen argument om 4 te gebruiken in plaats van 5.
Wel om 4 te updaten als 4 om andere redenen gebruikt wordt.
Heerlijke versie. Geen problemen hier!

Op dit item kan niet meer gereageerd worden.



Apple iOS 10 Google Pixel Apple iPhone 7 Sony PlayStation VR AMD Radeon RX 480 4GB Battlefield 1 Google Android Nougat Watch Dogs 2

© 1998 - 2016 de Persgroep Online Services B.V. Tweakers vormt samen met o.a. Autotrack en Carsom.nl de Persgroep Online Services B.V. Hosting door True