Home

MySQL 5.1.28 Release Candidate With Important Security Fix

Submitted by Schalk Neethling on Mon, 2008/09/15 - 4:22am
  • Delicious
  • Digg
  • StumbleUpon
  • Reddit
  • Technorati
Tags:

On 13 September MySQL announced the MySQL 5.1.28 release candidate. One of the important changes from 5.1.26 to 5.1.28 is an important security fix related to Bug#32167:

It was possible to circumvent privileges through the creation of MyISAM tables employing the DATA DIRECTORY and INDEX DIRECTORY options to overwrite existing table files in the MySQL data directory. Use of the MySQL data directory in DATA DIRECTORY and INDEX DIRECTORY is now disallowed. This is now also true of these options when used with partitioned tables and individual partitions of such tables.

There is actually an enourmous amount of bug fixes totalling 63 in this release, and while it is not ready for production yet, it is definitely worth upgrading from 5.1.26. Some of the bug fixes excluding the above are:

  • Security Enhancement: The server consumed excess memory while parsing statements with hundreds or thousands of nested boolean conditions (such as OR (OR ... (OR ... ))). This could lead to a server crash or incorrect statement execution, or cause other client statements to fail due to lack of memory. The latter result constitutes a denial of service.
  • Incompatible Change: An additional correction to the original MySQL 5.1.23 fix was made to normalize directory names before adding them to the list of directories. This prevents /etc/ and /etc from being considered different, for example.
  • Partitioning: When a partitioned table had a TIMESTAMP column defined with CURRENT_TIMESTAMP as the default but with no ON UPDATE clause, the column's value was incorrectly set to CURRENT_TIMESTAMP when updating across partitions.

  • Partitioning: A LIST partitioned MyISAM table returned erroneous results when an index was present on a column in the WHERE clause and NOT IN was used on that column. Searches using the index were also much slower then if the index were not present.

  • Replication: Some kinds of internal errors (such as Out of stack) cuased the server to crash.

  • Replication: Row-based replication did not correctly copy TIMESTAMP values from a big-endian storage engine to a little-endian storage engine.

  • Over-aggressive lock acquisition by InnoDB could result in performance degradation when multiple threads were executing statements on multi-core machines.

For a complete list of bug fixes and improvements view the detailed changelog. The MySQL 5.1.28-rc release is now available in source and binary form for a number of platforms from http://dev.mysql.com/downloads/

0

(Note: Opinions expressed in this article and its replies are the opinions of their respective authors and not those of DZone, Inc.)