Security Enhancement: Added the global max_prepared_stmt_count system variable to limit the total number of prepared statements in the server. This limits the potential for denial-of-service attacks based on running the server out of memory by preparing huge numbers of statements. The current number of prepared statements is available through the prepared_stmt_count system variable. (Bug#16365)

Packaging: The MySQL-shared-compat-4.1.X-.i386.rpm shared compatibility RPMs no longer contain libraries for MySQL 5.0 and up. They now contain libraries for MySQL 3.23, 4.0, and 4.1.1 only. (Bug#19288)

New charset command added to mysql command-line client. By typing charset name or \C name (such as \C UTF8), the client character set can be changed without reconnecting. (Bug#16217)

InnoDB now caches a list of unflushed files instead of scanning for unflushed files during a table flush operation. This improves performance when --innodb_file_per_table is set on a system with a large number of InnoDB tables. (Bug#15653)

When using the GROUP_CONCAT() function where the group_concat_max_len system variable was greater than 512, the type of the result was BLOB only if the query included an ORDER BY clause; otherwise the result was a VARCHAR.

The result type of the GROUP_CONCAT() function is now VARCHAR only if the value of the group_concat_max_len system variable is less than or equal to 512. Otherwise, this function returns a BLOB. (Bug#14169)

Large file support was re-enabled for the MySQL server binary for the AIX 5.2 platform. (Bug#13571)

Security Fix: A malicious client, using specially crafted invalid login or COM_TABLE_DUMP packets was able to read uninitialized memory, which potentially, though unlikely in MySQL, could have led to an information disclosure. (, ) Thanks to Stefano Di Paola <stefano.dipaola@wisec.it> for finding and reporting this bug. (CVE-2006-1516, CVE-2006-1517)

MySQL Cluster: A simultaneous DROP TABLE and table update operation utilising a table scan could trigger a node failure. (Bug#18597)

MySQL Cluster: A timeout in the handling of an ABORT condition with more that 32 operations could yield a node failure. (Bug#18414)

MySQL Cluster: A node restart immediately following a CREATE TABLE would fail.

(Bug#18385)

MySQL Cluster: In event of a node failure during a rollback, a “false” lock could be established on the backup for that node, which lock could not be removed without restarting the node. (Bug#18352)

MySQL Cluster: The cluster created a crashed replica of a table having an ordered index — or when logging was not enabled, of a table having a table or unique index — leading to a crash of the cluster following 8 successive restarts. (Bug#18298)

MySQL Cluster: When replacing a failed master node, the replacement node could cause the cluster to crash from a buffer overflow if it had an excessively large amount of data to write to the cluster log. (Bug#18118)

MySQL Cluster: Backups could fail for large clusters with many tables, where the number of tables approached MaxNoOfTables. (Bug#17607)

MySQL Cluster: The REDO log would become corrupted (and thus unreadable) in some circumstances, due to a failure in the query handler. (Bug#17295)

MySQL Cluster: An UPDATE with an inner join failed to match any records if both tables in the join did not have a primary key. (Bug#17257)

MySQL Cluster: A DELETE with a join in the WHERE clause failed to retrieve any records if both tables in the join did not have a primary key. (Bug#17249)

MySQL Cluster: In some cases, LOAD DATA INFILE did not load all data into NDB tables. (Bug#17081)

MySQL Cluster: Restarting nodes were allowed to start and join the cluster too early. (Bug#16772)

MySQL Cluster: ndb_delete_all ran out of memory when processing tables containing BLOB columns. (Bug#16693)

MySQL Cluster: In a 2-node cluster with a node failure, restarting the node with a low value for StartPartialTimeout could cause the cluster to come up partitioned (“split-brain” issue).

A similar issue could occur when the cluster was first started with a sufficiently low value for this parameter. (Bug#16447, Bug#18612)

MySQL Cluster: On systems with multiple network interfaces, data nodes would get “stuck” in startup phase 2 if the interface connecting them to the management server was working on node startup while the interface interconnecting the data nodes experienced a temporary outage. (Bug#15695)

MySQL Cluster: Inserting and deleting BLOB column values while a backup was in process could cause data nodes to shut down. (Bug#14028)

MySQL Cluster: No error message was generated for setting NoOfFragmentLogFiles too low. (Bug#13966)

MySQL Cluster: No error message was generated for setting MaxNoOfAttributes too low. (Bug#13965)

MySQL Cluster: The server would not compile with NDB support on AIX 5.2. (Bug#10776)

Replication: Use of TRUNCATE TABLE for a TEMPORARY table on a master server was propagated to slaves properly, but slaves did not decrement the Slave_open_temp_tables counter properly. (Bug#17137)

Attempting to set the default value of an ENUM or SET column to NULL caused a server crash. (Bug#19145)

Index prefixes for utf8 VARCHAR columns did not work for UPDATE statements. (Bug#19080)

Index corruption could occur in cases when key_cache_block_size was not a multiple of the myisam-block-size value (for example, with --key_cache_block_size=1536 and --myisam-block-size=1024). (Bug#19079)

Creating a table in an InnoDB database with a column name that matched the name of an internal InnoDB column (including DB_ROW_ID, DB_TRX_ID, DB_ROLL_PTR and DB_MIX_ID) would cause a crash. MySQL now returns Error 1005 Cannot create table with errno set to -1. (Bug#18934)

MySQL would not compile on Linux distributions that use the tinfo library. (Bug#18912)

mysql_reconnect() sent a SET NAMES statement to the server, even for pre-4.1 servers that do not understand the statement. (Bug#18830)

For single-SELECT union constructs of the form (SELECT ... ORDER BY order_list1 [LIMIT n]) ORDER BY order_list2, the ORDER BY lists were concatenated and the LIMIT clause was ignored. (Bug#18767)

Conversion of a number to a CHAR UNICODE string returned an invalid result. (Bug#18691)

UNCOMPRESS(NULL) could cause subsequent UNCOMPRESS() calls to return NULL for legal non-NULL arguments. (Bug#18643)

A LOCK TABLES statement that failed could cause MyISAM not to update table statistics properly, causing a subsequent CHECK TABLE to report table corruption. (Bug#18544)

The IN-to-EXISTS transformation was making a reference to a parse tree fragment that was left out of the parse tree. This caused problems with prepared statements. (Bug#18492)

The -lmtmalloc library was removed from the output of mysql_config on Solaris, as it caused problems when building DBD::mysql (and possibly other applications) on that platform that tried to use dlopen() to access the client library. (Bug#18322)

The euro sign (€) was not stored correctly in columns using the latin1_german1_ci or latin1_general_ci collation. (Bug#18321)

If InnoDB encountered a HA_ERR_LOCK_TABLE_FULL error and rolled back a transaction, the transaction was still written to the binary log. (Bug#18283)

Connecting to a server with a UCS2 default character set with a client using a non-UCS2 character set crashed the server. (Bug#18004)

Executing SELECT on a large table that had been compressed within myisampack could cause a crash. (Bug#17917)

A call to MIN() with a CASE expression as its argument could return a nonminimum value. (Bug#17896)

MyISAM: Keys for which the first part of the key was a CHAR or VARCHAR column using the UTF-8 character set and longer than 254 bytes could become corrupted. (Bug#17705)

SELECT ... WHERE column LIKE 'A%', when column had a key and used the latin2_czech_cs collation, caused the wrong number of rows to be returned. (Bug#17374)

A FULLTEXT query in a UNION could result in unexpected behavior. (Bug#16893)

IA-64 RPM packages for Red Hat and SuSE Linux that were built with the icc compiler incorrectly depended on icc runtime libraries. (Bug#16662)

A race condition could occur when dropping the adaptive hash index for a B-tree page in InnoDB. (Bug#16582)

MySQL-shared-compat-4.1.15-0.i386.rpm, MySQL-shared-compat-4.1.16-0.i386.rpm, and MySQL-shared-compat-4.1.18-0.i386.rpm incorrectly depended on glibc 2.3 and could not be installed on a glibc 2.2 system. (Bug#16539)

mysqldump tried to dump data from a view. (In MySQL 4.1, this applies when connecting to a server from MySQL 5.0 or higher.) (Bug#16389)

Dropping InnoDB constraints named tbl_name_ibfk_0 could crash the server. (Bug#16387)

A query using WHERE (column_1, column_2) IN ((value_1, value_2)[, (..., ...), ...]) would return incorrect results. (Bug#16248)

Character set conversion of string constants for UNION of constant and table column was not done when it was safe to do so. (Bug#15949)

The mysql_close() C API function leaked handles for shared-memory connections on Windows. (Bug#15846)

Security improvement: In grant table comparisons, improper use of a latin1 collation caused some host name matches to be true that should have been false. Thanks to Deomid Ryabkov for finding this bug and proposing a solution. (Bug#15756)

Binary distributions for Solaris contained files with group ownership set to the nonexisting wheel group. Now the bin group is used. (Bug#15562)

When running a query that contained a GROUP_CONCAT(SELECT GROUP_CONCAT(...) ), the result was NULL except in the ROLLUP part of the result, if there was one. (Bug#15560)

During conversion from one character set to ucs2, multi-byte characters with no ucs2 equivalent were converted to multiple characters, rather than to 0x003F QUESTION MARK. (Bug#15375)

SET value definitions containing commas were not rejected. Now a definition such as SET('a,b','c,d') results in an error. (Bug#15316)

LOAD DATA FROM MASTER produced invalid warnings and Packet out of order errors when the database already existed on the slave. (Bug#15302)

CAST(double AS SIGNED INT) for large double values outside the signed integer range truncated the result to be within range, but the result sometimes had the wrong sign, and no warning was generated. (Bug#15098)

SELECT COUNT(*) for a MyISAM table could return different results depending on whether an index was used. (Bug#14980)

Killing a long-running query containing a subquery could cause a server crash. (Bug#14851)

A FULLTEXT query in a prepared statement could result in unexpected behavior. (Bug#14496)

Security Improvement: GRANTs to users with wildcards in their host information could be erroneously applied to similar users with the same user name and similar wildcards. For example, a privilege granted to foo@% are also applied to user foo@192.%. (Bug#14385)

Avoid trying to include <asm/atomic.h> when it doesn't work in C++ code. (Bug#13621)

mysql_config returned incorrect libraries on x86_64 systems. (Bug#13158)

A key on a MEMORY table would sometimes fail to match a row. (Bug#12796)

MYSQL_STMT objects were not preserved following a connection reset. Attempting to operate on them afterwards caused the server to crash. (Bug#12744)

The server was always built as though --with-extra-charsets=complex had been specified. (Bug#12076)

Setting the myisam_repair_threads system variable to a value larger than 1 could cause corruption of large MyISAM tables. (Bug#11527)

Repeated invocation of my_init() and my_end() caused corruption of character set data and connection failure. (Bug#6536)