Security improvement: Applied a patch that addresses a zlib data vulnerability that could result in a buffer overflow and code execution. (CVE-2005-2096) (Bug#11844). Shortly after MySQL 4.1.13 was released, a second potential zlib security flaw was discovered and fixed - the issue is tracked by the Mitre CVE ID (CVE-2005-1849). A patch for this flaw was applied on top of the 4.1.13 sources and published as 4.1.13a. The affected binaries have been rebuilt.

Security improvement: Applied a patch to fix a UDF library-loading vulnerability that could result in a buffer overflow and code execution. (http://www.appsecinc.com/resources/alerts/mysql/2005-002.html)

Warning: Incompatible change: Previously, conversion of DATETIME values to numeric form by adding zero produced a result in YYYYMMDDHHMMSS format. The result of DATETIME+0 is now in YYYYMMDDHHMMSS.000000 format. (Bug#12268)

Added the --add-drop-database option to mysqldump. (Bug#3716)

Added mysql_set_character_set() C API function for setting the default character set of the current connection. This allows clients to affect the character set used by mysql_real_escape_string(). (Bug#8317)

MEMORY tables now support indexes of up to 500 bytes. See Section 14.4, “The MEMORY (HEAP) Storage Engine”. (Bug#10566)

System variables are now treated as having SYSVAR (system constant) coercibility. For example, @@version is now treated like VERSION() and @@character_set_client is now treated like CHARSET( USER() ). See Section 10.5.4, “Some Special Cases Where the Collation Determination Is Tricky”. (Bug#10904)

The statements CREATE TABLE, TRUNCATE TABLE, DROP DATABASE, and CREATE DATABASE cause an implicit commit. (Bug#6883)

Added the --log-slow-admin-statements server option to request logging of slow administrative statements such as OPTIMIZE TABLE, ANALYZE TABLE, and ALTER TABLE to the slow query log. These statements were logged in MySQL 4.0, but not in 4.1. (Bug#9141)

SHOW BINARY LOGS now displays a File_size column that indicates the size of each file.

You can again refer to other tables in the ON DUPLICATE KEY UPDATE part of an INSERT ... SELECT statement as long as there is no GROUP BY in the SELECT part. One side effect of this is that you may have to qualify non-unique column names in the values part of ON DUPLICATE KEY UPDATE. (Bug#9728, Bug#8147)

The table, type, and rows columns of EXPLAIN output can now be NULL. This is required for using EXPLAIN on SELECT queries that use no tables, such as EXPLAIN SELECT 1). (Bug#9899)

Expanded on information provided in general log and slow query log for prepared statements. (Bug#8367, Bug#9334)

InnoDB: When creating or extending an InnoDB data file, allocate at most one megabyte at a time for initializing the file. Previously, InnoDB used to allocate and initialize 1 or 8 megabytes of memory, even if a few 16-kilobyte pages were to be written. This fix improves the performance of CREATE TABLE in innodb_file_per_table mode.

Security fix: On Windows systems, a user with any of the following privileges

on *.* could crash mysqld by issuing a USE LPT1; or USE PRN; command. In addition, any of the commands USE NUL;, USE CON;, USE COM1;, or USE AUX; would report success even though the database was not in fact changed. (Bug#9148, CVE-2005-0799

When applying the group_concat_max_len limit, GROUP_CONCAT() could truncate multi-byte characters in the middle. (Bug#23451)

A CREATE TABLE db_name.tbl_name LIKE ... statement would crash the server when no database was selected. (Bug#11028)

IP addresses not shown in ndb_mgm SHOW command on second ndb_mgmd (or on ndb_mgmd restart). (Bug#11596)

SHOW FIELDS truncated the TYPE column to 40 characters. (Bug#7142, Bug#12817) (Note: This fix was reverted in MySQL 4.1.15 because it broke existing applications.)

Prepared statement with subqueries returned corrupt data. (Bug#11458)

A ROLLUP query could return a wrong result set when its GROUP BY clause contained references to the same column. (Bug#11543)

Queries with subqueries in the FROM clause were not being added to the query cache. (Bug#11522)

Possible crash on Windows when performing GROUP BY on a calculated field. (Bug#11414)

The mysql_config script did not handle symbolic linking properly. (Bug#10986)

When used within a subquery, SUBSTRING() returned an empty string. (Bug#10269)

On Mac OS X, libmysqlclient_r.a now is built with --fno-common to make it possible to link a shared two-level namespace library against libmysqlclient_r.a. (Bug#10638)

The handling by the HEX() function of numbers larger than 2⁶⁴ was improved. (Bug#9854)

Added a missing mutex when rotating the relay logs. Also, the server now logs an error message if the size of a relay log cannot be read. (Bug#6987)

Added a missing mutex when rotating the relay logs. Also, the server now logs an error message if the size of a relay log cannot be read. (Bug#6987)

mysqldump could crash for illegal or non-existent table names. (Bug#9358)

The --no-data option for mysqldump was being ignored if table names were given after the database name. (Bug#9558)

mysqldump now exports HASH index definitions using USING rather than TYPE when the index name is optional. This corrects a problem when reloading the output for PRIMARY KEY definition, because TYPE must be preceded an index name, which is not given for a PRIMARY KEY. (Bug#11635)

The --master-data option for mysqldump resulted in no error if the binary log was not enabled. Now an error occurs unless the --force option is given. (Bug#11678)

Corrected an optimization failure where a query returned an incorrect result for use of a newly populated table until the table was flushed. (Bug#11700)

Modifying a CHAR column with the utf8 character set to a shorter length did not properly truncate values due to not computing their length in utf8 character units. (Bug#11591)

DES_ENCRYPT() and DES_DECRYPT() require SSL support to be enabled, but were not checking for it. Checking for incorrect arguments or resource exhaustion was also improved for these functions. (Bug#10589)

Invoking the DES_ENCRYPT() function could cause a server crash if the server was started without the --des-key-file option. (Bug#11643)

Selecting the result of an aggregate function for an ENUM or SET column within a subquery could result in a server crash. (Bug#11821)

When used in joins, SUBSTRING() failed to truncate to zero those string values that could not be converted to numbers. (Bug#10124)

Error when performing GROUP BY on calculated values of a single row table. (Bug#11414)

mysqldump --xml did not format NULL column values correctly. (Bug#9657)

SHOW WARNINGS did not properly display warnings generated by executing a cached query. (Bug#9414)

Temporary tables were created in the data directory instead of tmpdir. (Bug#11440)

LOAD DATA ... REPLACE INTO ... on a replication slave failed for an InnoDB table having a unique index in addition to the primary key. (Bug#11401)

MySQL would not compile correctly on QNX due to missing rint() function. (Bug#11544)

Incorrect results when searching using IN() where search items included NULL and 0. (Bug#9393)

NDB Cluster: When trying to open a table that could not be discovered or unpacked, cluster would return error codes which the MySQL server falsely interpreted as operating system errors. (Bug#103651)

Manually inserting a row with host='' into mysql.tables_priv and performing a FLUSH PRIVILEGES would cause the server to crash. (Bug#11330)

MySQL sometimes reported erroneously that certain character values had crashed a table when trying to convert other character sets to UTF-8. (Bug#9557)

Using CONCAT_WS() on a column set NOT NULL caused incorrect results when used in a LEFT JOIN. (Bug#11469)

mysqld_safe would sometimes fail to remove the pid file for the old mysql process after a crash. As a result, the server would fail to start due to a false A mysqld process already exists... error. (Bug#11122)

For MEMORY tables, it was possible for updates to be performed using outdated key statistics when the updates involved only very small changes in a very few rows. This resulted in the random failures of queries such as UPDATE t SET col = col + 1 WHERE col_key = 2; where the same query with no WHERE clause would succeed. (Bug#10178)

The NULLIF() function could produce incorrect results if the first argument was NULL. (Bug#11142)

Optimizer performed range check when comparing unsigned integers to negative constants, could cause errors. (Bug#11185)

Cluster failed to build with gcc 4.0. (Bug#11377)

The LAST_DAY() failed to return NULL when supplied with an invalid argument. See Section 12.5, “Date and Time Functions”. (Bug#10568)

Setting @@SQL_MODE = NULL caused an erroneous error message. (Bug#10732)

Server crashed when using GROUP BY on the result of a DIV operation on a DATETIME value. (Bug#11385)

Possible NULL values in BLOB columns could crash server when BLOB used in GROUP BY. (Bug#11295)

Fixed 64 bit compiler warning for packet length in replication. (Bug#11064)

CASE function returns incorrect result when its arguments are not constants and its return value is put into a regular or temporary table (temporary == created by SQL engine for UNION/non-indexed GROUP BY and such operations). (Bug#10151)

A problem with the my_global.h file caused compilation of MySQL to fail on single-processor Linux systems running 2.6 kernels. (Bug#10364)

Queries against a table using a compound index based on the length of a UTF-8 text column produced incorrect results. For example, given a table with an index defined as shown:

CREATE TABLE t (
  id INT NOT NULL,
  city VARCHAR(20) NOT NULL,
  KEY (city(7),id)
) TYPE=MYISAM CHARACTER SET=utf8;

Assuming that suitable data has been inserted into the table, then a query such as SELECT * FROM t WHERE city = 'Durban'; would fail. (Bug#10253)

The mysqlhotcopy script was not parsing the output of SHOW SLAVE STATUS correctly when called with the --record_log_pos option. (Bug#7967)

An UPDATE query containing a subquery caused replication to fail. (Bug#9361)

Last insert expected from a query of the form INSERT ... SELECT ... ON DUPLICATE KEY UPDATE would fail. (Bug#9728)

INSERT ... SELECT ... ON DUPLICATE KEY UPDATE produced inaccurate results. (Bug#10886)

SELECT DISTINCT ... GROUP BY constant returned multiple rows (it should return a single row). (Bug#8614)

Queries of the form UPDATE ... (SELECT ... ) SET ... run on a replication master would crash all the slaves. (CVE-2004-4380, Bug#10442)

OPTIMIZE of InnoDB table did not return 'Table is full' if out of tablespace. (Bug#8135)

Queries with ROLLUP returned wrong results for expressions containingGROUP BY columns. (Bug#7894)

Fixed hang/crash with Boolean full-text search where a query contained more query terms that one-third of the query length (it could be achieved with truncation operator: 'a*b*c*d*'). (Bug#7858)

The mysql client would output a prompt twice following input of very long strings, because it incorrectly assumed that a call to the _cgets() function would clear the input buffer. (Bug#10840)

A bug in FIELD() function caused the value list to contain NULL. (Bug#10944)

A three byte buffer overflow in the client functions could cause improper exiting of the client when reading a command from the user. (Bug#10841)

Fixed a problem with the cp1250_czech_cs collation that caused some LIKE comparisons to fail. (Bug#9759)

Fixed a problem resolving table names with lower_case_table_names=2 when the table name lettercase differed in the FROM and WHERE clauses. (Bug#9500)

Fixed server crash due to some internal functions not taking into account that for multi-byte character sets, CHAR and VARCHAR columns could exceed 255 bytes. (Bug#11167)

Fixed a portability problem testing for crypt() support that caused compilation problems when using OpenSSL/yaSSL on HP-UX and Mac OS X. (Bug#10675, Bug#11150)

The hostname cache was not working. (Bug#10931)

For a MERGE table with MyISAM tables in other, symlinked, databases, SHOW CREATE TABLE reported the MyISAM tables using the name of the symlinked directory rather than the database name. (Bug#8183)

Fixed a server crash resulting from an attempt to allocate too much memory when GROUP BY blob_col and COUNT(DISTINCT) were used. (Bug#11088)

The incorrect sequence of statements HANDLER tbl_name READ index_name NEXT without a preceding HANDLER tbl_name READ index_name = (value_list) for an InnoDB table resulted in a server crash rather than an error. (Bug#5373)

SHOW WARNINGS with a LIMIT 0 clause returned all messages rather than an empty result set. (Bug#11095)

On Windows, with lower_case_table_names set to 2, using ALTER TABLE to alter a MEMORY or InnoDB table that had a mixed-case name also improperly changed the name to lowercase. (Bug#9660)

The server timed out SSL connections too quickly on Windows. (Bug#8572)

Inserting a DOUBLE value into a utf8 string column crashed the server on Windows. (Bug#10714)

Executing LOAD INDEX INTO CACHE for a table while other threads where selecting from the table caused a deadlock. (Bug#10602)

Fixed a server crash resulting from CREATE TABLE ... SELECT that selected from a table being altered by ALTER TABLE. (Bug#10224)

Fixed a server crash resulting from invalid string pointer when inserting into the mysql.host table. (Bug#10181)

GROUP_CONCAT() with DISTINCT and WITH ROLLUP ignored DISTINCT for some rows. (Bug#7405)

Fixed a problem creating the result set for a UNION that involved long string values. Values were not being converted correctly to TEXT values. (Bug#10025)

Locking for CREATE TABLE ... SELECT for InnoDB tables was too weak. It allowed INSERT statements issued for the created table while the CREATE TABLE statement was still running to appear in the binary log before the CREATE TABLE statement. (Bug#6678)

InnoDB: In DROP DATABASE, check for all referencing tables from other databases before dropping any tables. (Bug#10335)

InnoDB: Fix bug: InnoDB wrongly complained in the .err log that MySQL is trying to drop a non-existent table, if tablespace ran out. (Bug#10607)

Fixed an overly strict debugging assertion that caused debug server builds to fail for some col_name = const_expr, where const_expr was a constant expression such as a subquery. (Bug#10020)

SUBSTR() did not work properly for input in the ucs2 character set. (Bug#10344)

Fixed a problem causing an incorrect result for columns that include an aggregate function as part of an expression when WITH ROLLUP is added to GROUP BY. (Bug#7914)

Fixed a server crash for INSERT ... ON DUPLICATE KEY UPDATE with MERGE tables, which do not have unique indexes. (Bug#10400)

CREATE TABLE t AS SELECT UUID() created a VARCHAR(12) column, which is too small to hold the 36-character result from UUID(). (Bug#9535)

Portability fix for Cygwin: Don't use #pragma interface or #pragma implementation in source files. (Bug#10241)

Fixed a mysqldump crash that occurred with the --complete-insert option when dumping tables with a large number of long column names. (Bug#10286)

ALTER TABLE ... ENABLE INDEXES treated NULL values as equal when collecting index statistics for MyISAM tables, resulting in different statistics from those generated by ANALYZE TABLE and causing the optimizer to make poor index choices later. The same problem occurred for bulk insert statistics collection. Now NULL values are treated as unequal, just as for ANALYZE TABLE. (Bug#9622)