Security Fix: A UDF library-loading vulnerability could result in a buffer overflow and code execution. (CVE-2005-2558)

Incompatible Change: Previously, conversion of DATETIME values to numeric form by adding zero produced a result in YYYYMMDDHHMMSS format. The result of DATETIME+0 is now in YYYYMMDDHHMMSS.000000 format. (Bug#12268)

Replication: Some data definition statements (CREATE TABLE where the table was not a temporary table, TRUNCATE TABLE, DROP DATABASE, and CREATE DATABASE) were not being written to the binary log after a ROLLBACK. This also caused problems with replication.

(Bug#6883)

System variables are now treated as having SYSVAR (system constant) coercibility. For example, @@version is now treated like VERSION() and @@character_set_client is now treated like CHARSET( USER() ). See Section 9.1.7.5, “Special Cases Where Collation Determination Is Tricky”. (Bug#10904)

MEMORY tables now support indexes of up to 500 bytes. See Section 13.4, “The MEMORY (HEAP) Storage Engine”. (Bug#10566)

The table, type, and rows columns of EXPLAIN output can now be NULL. This is required for using EXPLAIN on SELECT queries that use no tables, such as EXPLAIN SELECT 1). (Bug#9899)

You can again refer to other tables in the ON DUPLICATE KEY UPDATE part of an INSERT ... SELECT statement as long as there is no GROUP BY in the SELECT part. One side effect of this is that you may have to qualify nonunique column names in the values part of ON DUPLICATE KEY UPDATE. (Bug#9728, Bug#8147)

Added the --log-slow-admin-statements server option to request logging of slow administrative statements such as OPTIMIZE TABLE, ANALYZE TABLE, and ALTER TABLE to the slow query log. These statements were logged in MySQL 4.0, but not in 4.1. (Bug#9141)

Expanded on information provided in general log and slow query log for prepared statements. (Bug#8367, Bug#9334)

Added mysql_set_character_set() C API function for setting the default character set of the current connection. This allows clients to affect the character set used by mysql_real_escape_string(). (Bug#8317)

Added the --add-drop-database option to mysqldump. (Bug#3716)

SHOW BINARY LOGS now displays a File_size column that indicates the size of each file.

InnoDB: When creating or extending an InnoDB data file, allocate at most one megabyte at a time for initializing the file. Previously, InnoDB used to allocate and initialize 1 or 8 megabytes of memory, even if a few 16-kilobyte pages were to be written. This fix improves the performance of CREATE TABLE in innodb_file_per_table mode.

Security Fix: A vulnerability in zlib could result in a buffer overflow and arbitrary code execution. Shortly after MySQL 4.1.13 was released, a second potential zlib security flaw was discovered and fixed. A patch for this flaw was applied to the 4.1.13 sources, and the result published as MySQL 4.1.13a. The affected binaries were rebuilt. (Bug#11844, CVE-2005-2096, CVE-2005-1849)

Security Fix: On Windows systems, a user with any of the following privileges on *.* could crash mysqld by issuing a USE LPT1; or USE PRN; command:

In addition, any of the commands USE NUL;, USE CON;, USE COM1;, or USE AUX; would report success even though the database was not in fact changed. (Bug#9148)

MySQL Cluster: NDB failed to build with gcc 4.0. (Bug#11377)

MySQL Cluster: When trying to open a table that could not be discovered or unpacked, the cluster returned error codes which the MySQL server falsely interpreted as operating system errors. (Bug#10365)

Replication: LOAD DATA ... REPLACE INTO ... on a replication slave failed for an InnoDB table having a unique index in addition to the primary key. (Bug#11401)

Replication: An invalid comaprison caused warnings for packet length in replication on 64-bit compilers. (Bug#11064)

Replication: Queries of the form UPDATE ... (SELECT ... ) SET ... run on a replication master would crash all the slaves. (Bug#10442, CVE-2004-4380)

Replication: An UPDATE query containing a subquery caused replication to fail. (Bug#9361)

When applying the group_concat_max_len limit, GROUP_CONCAT() could truncate multi-byte characters in the middle. (Bug#23451)

Selecting the result of an aggregate function for an ENUM or SET column within a subquery could result in a server crash. (Bug#11821)

Corrected an optimization failure where a query returned an incorrect result for use of a newly populated table until the table was flushed. (Bug#11700)

The --master-data option for mysqldump resulted in no error if the binary log was not enabled. Now an error occurs unless the --force option is given. (Bug#11678)

Invoking the DES_ENCRYPT() function could cause a server crash if the server was started without the --des-key-file option. (Bug#11643)

mysqldump now exports HASH index definitions using USING rather than TYPE when the index name is optional. This corrects a problem when reloading the output for PRIMARY KEY definition, because TYPE must be preceded an index name, which is not given for a PRIMARY KEY. (Bug#11635)

IP addresses not shown in ndb_mgm SHOW command on second ndb_mgmd (or on ndb_mgmd restart). (Bug#11596)

Modifying a CHAR column with the utf8 character set to a shorter length did not properly truncate values due to not computing their length in utf8 character units. (Bug#11591)

MySQL would not compile correctly on QNX due to missing rint() function. (Bug#11544)

A ROLLUP query could return a wrong result set when its GROUP BY clause contained references to the same column. (Bug#11543)

Queries with subqueries in the FROM clause were not being added to the query cache. (Bug#11522)

Using CONCAT_WS() on a column set NOT NULL caused incorrect results when used in a LEFT JOIN. (Bug#11469)

Prepared statement with subqueries returned corrupt data. (Bug#11458)

Temporary tables were created in the data directory instead of tmpdir. (Bug#11440)

Errors could occur when performing GROUP BY on calculated values of a single row table. These could sometimes cause the server to crash on Windows. (Bug#11414)

Server crashed when using GROUP BY on the result of a DIV operation on a DATETIME value. (Bug#11385)

Manually inserting a row with host='' into mysql.tables_priv and performing a FLUSH PRIVILEGES would cause the server to crash. (Bug#11330)

Possible NULL values in BLOB columns could crash the server when a BLOB was used in a GROUP BY query. (Bug#11295)

Optimizer performed range check when comparing unsigned integers to negative constants, could cause errors. (Bug#11185)

Some internal functions did not take into account that, for multi-byte character sets, CHAR and VARCHAR columns could exceed 255 bytes, which could cause the server to crash. (Bug#11167)

Testing for crypt() support caused compilation problems when using OpenSSL/yaSSL on HP-UX and Mac OS X. (Bug#11150, Bug#10675)

The NULLIF() function could produce incorrect results if the first argument was NULL. (Bug#11142)

mysqld_safe would sometimes fail to remove the pid file for the old mysql process after a crash. As a result, the server would fail to start due to a false A mysqld process already exists... error. (Bug#11122)

SHOW WARNINGS with a LIMIT 0 clause returned all messages rather than an empty result set. (Bug#11095)

The server could crash due to an attempt to allocate too much memory when GROUP BY blob_col and COUNT(DISTINCT) were used. (Bug#11088)

A CREATE TABLE db_name.tbl_name LIKE ... statement would crash the server when no database was selected. (Bug#11028)

The mysql_config script did not handle symbolic linking properly. (Bug#10986)

The value returned by the FIELD() function was incorrect when its parameter list contained one or more instances of NULL. (Bug#10944)

The host name cache was not working. (Bug#10931)

INSERT ... SELECT ... ON DUPLICATE KEY UPDATE produced inaccurate results. (Bug#10886)

A three byte buffer overflow in the client functions caused improper exiting of the client when reading a command from the user. (Bug#10841)

The mysql client would output a prompt twice following input of very long strings, because it incorrectly assumed that a call to the _cgets() function would clear the input buffer. (Bug#10840)

Setting @@sql_mode = NULL caused an erroneous error message. (Bug#10732)

Inserting a DOUBLE value into a utf8 string column crashed the server on Windows. (Bug#10714)

On Mac OS X, libmysqlclient_r.a now is built with --fno-common to make it possible to link a shared two-level namespace library against libmysqlclient_r.a. (Bug#10638)

InnoDB wrongly reported in the .err log that MySQL wass trying to drop a nonexistent table, if no more room remained in the tablespace. (Bug#10607)

Executing LOAD INDEX INTO CACHE for a table while other threads where selecting from the table caused a deadlock. (Bug#10602)

DES_ENCRYPT() and DES_DECRYPT() require SSL support to be enabled, but were not checking for it. Checking for incorrect arguments or resource exhaustion was also improved for these functions. (Bug#10589)

The LAST_DAY() failed to return NULL when supplied with an invalid argument. See Section 11.6, “Date and Time Functions”. (Bug#10568)

INSERT ... ON DUPLICATE KEY UPDATE with MERGE tables, which do not have unique indexes, caused the server to crash. (Bug#10400)

A problem with the my_global.h file caused compilation of MySQL to fail on single-processor Linux systems running 2.6 kernels. (Bug#10364)

SUBSTRING() did not work properly for input in the ucs2 character set. (Bug#10344)

DROP DATABASE failed to check for all referencing InnoDB tables from other databases before dropping any tables. (Bug#10335)

mysqldump crashed using the --complete-insert option while dumping tables with a large number of long column names. (Bug#10286)

When used within a subquery, SUBSTRING() returned an empty string. (Bug#10269)

Queries against a table using a compound index based on the length of a UTF-8 text column produced incorrect results. For example, given a table with an index defined as shown:

CREATE TABLE t (
  id INT NOT NULL,
  city VARCHAR(20) NOT NULL,
  KEY (city(7),id)
) TYPE=MYISAM CHARACTER SET=utf8;

Assuming that suitable data has been inserted into the table, then a query such as SELECT * FROM t WHERE city = 'Durban'; would fail. (Bug#10253)

Using #pragma interface or #pragma implementation in source files caused portability issues for cygwin. (Bug#10241)

A simultaneous CREATE TABLE ... SELECT FROM table and ALTER TABLE table on the same table caused the server to crash. (Bug#10224)

Under certain rare circumstances, inserting into the mysql.host table could cause the server to crash. (Bug#10181)

For MEMORY tables, it was possible for updates to be performed using outdated key statistics when the updates involved only very small changes in a very few rows. This resulted in the random failures of queries such as UPDATE t SET col = col + 1 WHERE col_key = 2; where the same query with no WHERE clause would succeed. (Bug#10178)

CASE operator returns incorrect result when its arguments are not constants and its return value is put into a regular or temporary table (temporary == created by SQL engine for UNION/nonindexed GROUP BY and such operations). (Bug#10151)

When used in joins, SUBSTRING() failed to truncate to zero those string values that could not be converted to numbers. (Bug#10124)

For a UNION that involved long string values, values were not being converted correctly to TEXT values. (Bug#10025)

An overly strict debugging assertion caused debug server builds to fail for some col_name = const_expr, where const_expr was a constant expression such as a subquery. (Bug#10020)

The handling by the HEX() function of numbers larger than 2⁶⁴ was improved. (Bug#9854)

A problem with the cp1250_czech_cs collation caused some LIKE comparisons to fail. (Bug#9759)

On Windows, with lower_case_table_names set to 2, using ALTER TABLE to alter a MEMORY or InnoDB table that had a mixed-case name also improperly changed the name to lowercase. (Bug#9660)

mysqldump --xml did not format NULL column values correctly. (Bug#9657)

ALTER TABLE ... ENABLE INDEXES treated NULL values as equal when collecting index statistics for MyISAM tables, resulting in different statistics from those generated by ANALYZE TABLE and causing the optimizer to make poor index choices later. The same problem occurred for bulk insert statistics collection. Now NULL values are treated as unequal, just as for ANALYZE TABLE. (Bug#9622)

The --no-data option for mysqldump was being ignored if table names were given after the database name. (Bug#9558)

MySQL sometimes reported erroneously that certain character values had crashed a table when trying to convert other character sets to UTF-8. (Bug#9557)

CREATE TABLE t AS SELECT UUID() created a VARCHAR(12) column, which is too small to hold the 36-character result from UUID(). (Bug#9535)

Table names were not handled correctly when lower_case_table_names = 2 if the table name lettercase differed in the FROM and WHERE clauses. (Bug#9500)

SHOW WARNINGS did not properly display warnings generated by executing a cached query. (Bug#9414)

Incorrect results when searching using IN() where search items included NULL and 0. (Bug#9393)

mysqldump could crash for illegal or nonexistent table names. (Bug#9358)

SELECT DISTINCT ... GROUP BY constant returned multiple rows (it should return a single row). (Bug#8614)

The server timed out SSL connections too quickly on Windows. (Bug#8572)

For a MERGE table with MyISAM tables in other, symlinked, databases, SHOW CREATE TABLE reported the MyISAM tables using the name of the symlinked directory rather than the database name. (Bug#8183)

OPTIMIZE run on an InnoDB table did not return a Table is full error if there was insufficient room in the tablespace. (Bug#8135)

The mysqlhotcopy script was not parsing the output of SHOW SLAVE STATUS correctly when called with the --record_log_pos option. (Bug#7967)

An incorrect result was obtained for columns that included an aggregate function as part of an expression, and when WITH ROLLUP was used with GROUP BY. (Bug#7914)

Queries with ROLLUP returned wrong results for expressions containingGROUP BY columns. (Bug#7894)

A Boolean full-text search where a query contained more query terms than one-third of the query length caused the server to hang or crash. (Bug#7858)

GROUP_CONCAT() with DISTINCT and WITH ROLLUP ignored DISTINCT for some rows. (Bug#7405)

SHOW FIELDS truncated the TYPE column to 40 characters.

(Bug#7142)

See also Bug#12817.

Added a missing mutex when rotating the relay logs. Also, the server now logs an error message if the size of a relay log cannot be read. (Bug#6987)

Locking for CREATE TABLE ... SELECT for InnoDB tables was too weak. It allowed INSERT statements issued for the created table while the CREATE TABLE statement was still running to appear in the binary log before the CREATE TABLE statement. (Bug#6678)

The incorrect sequence of statements HANDLER tbl_name READ index_name NEXT without a preceding HANDLER tbl_name READ index_name = (value_list) for an InnoDB table resulted in a server crash rather than an error. (Bug#5373)