Security enhancement: Added the global max_prepared_stmt_count system variable to limit the total number of prepared statements in the server. This limits the potential for denial-of-service attacks based on running the server out of memory by preparing huge numbers of statements. The current number of prepared statements is available through the prepared_stmt_count system variable. (Bug#16365)

The MySQL-shared-compat-4.1.X-.i386.rpm shared compatibility RPMs no longer contain libraries for MySQL 5.0 and up. It contains libraries for 3.23, 4.0, and 4.1.1. (Bug#19288)

Creating a table in an InnoDB database with a column name that matched the name of an internal InnoDB column (including DB_ROW_ID, DB_TRX_ID, DB_ROLL_PTR and DB_MIX_ID) would cause a crash. MySQL now returns error 1005 (cannot create table) with errno set to -1. (Bug#18934)

InnoDB now caches a list of unflushed files instead of scanning for unflushed files during a table flush operation. This improves performance when --innodb-file-per-table is set on a system with a large number of InnoDB tables. (Bug#15653)

New charset command added to mysql command-line client. By typing charset name or \C name (such as \C UTF8), the client character set can be changed without reconnecting. (Bug#16217)

Large file support was re-enabled for the MySQL server binary for the AIX 5.2 platform. (Bug#13571)

When using the GROUP_CONCAT() function where the group_concat_max_len system variable was greater than 512, the type of the result was BLOB only if the query included an ORDER BY clause; otherwise the result was a VARCHAR.

The result type of the GROUP_CONCAT() function is now VARCHAR only if the value of the group_concat_max_len system variable is less than or equal to 512. Otherwise, this function returns a BLOB. (Bug#14169)

Security fix: A malicious client, using specially crafted invalid login or COM_TABLE_DUMP packets was able to read uninitialized memory, which potentially, though unlikely in MySQL, could have led to an information disclosure. (CVE-2006-1516, CVE-2006-1517) Thanks to Stefano Di Paola <stefano.dipaola@wisec.it> for finding and reporting this bug.

NDB Cluster: A simultaneous DROP TABLE and table update operation utilising a table scan could trigger a node failure. (Bug#18597)

MySQL-shared-compat-4.1.15-0.i386.rpm, MySQL-shared-compat-4.1.16-0.i386.rpm, and MySQL-shared-compat-4.1.18-0.i386.rpm incorrectly depended on glibc 2.3 and could not be installed on a glibc 2.2 system. (Bug#16539)

IA-64 RPM packages for Red Hat and SuSE Linux that were built with the icc compiler incorrectly depended on icc runtime libraries. (Bug#16662)

Index prefixes for utf8 VARCHAR columns did not work for UPDATE statements. (Bug#19080)

MySQL would not compile on Linux distributions that use the tinfo library. (Bug#18912)

NDB Cluster: Backups could fail for large clusters with many tables, where the number of tables approached MaxNoOfTables. (Bug#17607)

For single-SELECT union constructs of the form (SELECT ... ORDER BY order_list1 [LIMIT n]) ORDER BY order_list2, the ORDER BY lists were concatenated and the LIMIT clause was ignored. (Bug#18767)

The IN-to-EXISTS transformation was making a reference to a parse tree fragment that was left out of the parse tree. This caused problems with prepared statements. (Bug#18492)

Attempting to set the default value of an ENUM or SET column to NULL caused a server crash. (Bug#19145)

Index corruption could occur in cases when key_cache_block_size was not a multiple of myisam_block_size (for example, with key_cache_block_size=1536 and myisam_block_size=1024). (Bug#19079)

UNCOMPRESS(NULL) could cause subsequent UNCOMPRESS() calls to return NULL for legal non-NULL arguments. (Bug#18643)

Conversion of a number to a CHAR UNICODE string returned an invalid result. (Bug#18691)

A call to MIN() with a CASE expression as its argument could return a non-minimum value. (Bug#17896)

A LOCK TABLES statement that failed could cause MyISAM not to update table statistics properly, causing a subsequent CHECK TABLE to report table corruption. (Bug#18544)

Avoid trying to include <asm/atomic.h> when it doesn't work in C++ code. (Bug#13621)

Executing SELECT on a large table that had been compressed within myisampack could cause a crash. (Bug#17917)

NDB Cluster: In a 2-node cluster with a node failure, restarting the node with a low value for StartPartialTimeout could cause the cluster to come up partitioned (“split-brain” issue). (Bug#16447)

A similar issue could occur when the cluster was first started with a sufficiently low value for this parameter. (Bug#18612)

NDB Cluster: On systems with multiple network interfaces, data nodes would get “stuck” in startup phase 2 if the interface connecting them to the management server was working on node startup while the interface interconnecting the data nodes experienced a temporary outage. (Bug#15695)

mysql_config returned incorrect libraries on x86_64 systems. (Bug#13158)

mysql_reconnect() sent a SET NAMES statement to the server, even for pre-4.1 servers that do not understand the statement. (Bug#18830)

During conversion from one character set to ucs2, multi-byte characters with no ucs2 equivalent were converted to multiple characters, rather than to 0x003F QUESTION MARK. (Bug#15375)

The mysql_close() C API function leaked handles for share-memory connections on Windows. (Bug#15846)

The euro sign (€) was not stored correctly in columns using the latin1_german1_ci or latin1_general_ci collation. (Bug#18321)

The server was always built as though --with-extra-charsets=complex had been specified. (Bug#12076)

SELECT ... WHERE column LIKE 'A%', when column had a key and used the latin2_czech_cs collation, caused the wrong number of rows to be returned. (Bug#17374)

A query using WHERE (column_1, column_2) IN ((value_1, value_2)[, (..., ...), ...]) would return incorrect results. (Bug#16248)

The -lmtmalloc library was removed from the output of mysql_config on Solaris, as it caused problems when building DBD::mysql (and possibly other applications) on that platform that tried to use dlopen() to access the client library. (Bug#18322)

When running a query that contained a GROUP_CONCAT( SELECT GROUP_CONCAT(...) ), the result was NULL except in the ROLLUP part of the result, if there was one. (Bug#15560)

CASTdouble AS SIGNED INT) for large double values outside the signed integer range truncates the result to be within range, but the result sometimes had the wrong sign. (Bug#15098)

SET value definitions containing commas were not rejected. Now a definition such as SET('a,b','c,d') results in an error. (Bug#15316)

MyISAM: Keys for which the first part of the key was a CHAR or VARCHAR column using the UTF-8 character set and longer than 254 bytes could become corrupted. (Bug#17705)

NDB Cluster: A timeout in the handling of an ABORT condition with more that 32 operations could yield a node failure. (Bug#18414)

NDB Cluster: A node restart immediately following a CREATE TABLE would fail. Important: This fix supports 2-node Clusters only. (Bug#18385)

NDB Cluster: In event of a node failure during a rollback, a “false” lock could be established on the backup for that node, which lock could not be removed without restarting the node. (Bug#18352)

NDB Cluster: The cluster created a crashed replica of a table having an ordered index — or when logging was not enabled, of a table having a table or unique index — leading to a crash of the cluster following 8 successibe restarts. (Bug#18298)

NDB Cluster: When replacing a failed master node, the replacement node could cause the cluster to crash from a buffer overflow if it had an excessively large amount of data to write to the cluster log. (Bug#18118)

NDB Cluster: Restarting nodes were allowed to start and join the cluster too early. (Bug#16772)

If InnoDB encountered a HA_ERR_LOCK_TABLE_FULL error and rolled back a transaction, the transaction was still written to the binary log. (Bug#18283)

Connecting to a server with a UCS2 default character set with a client using a non-UCS2 character set crashed the server. (Bug#18004)

Character set conversion of string constants for UNION of constant and table column was not done when it was safe to do so. (Bug#15949)

Use of TRUNCATE TABLE for a TEMPORARY table on a master server was propagated to slaves properly, but slaves did not decrement the Slave_open_temp_tables counter properly. (Bug#17137)

SELECT COUNT(*) for a MyISAM table could return different results depending on whether an index was used. (Bug#14980)

Large file support did not work in AIX server binaries. (Bug#10776)

Security Improvement: GRANTs to users with wildcards in their host information could be erroneously applied to similar users with the same username and similar wildcards. For example, a privilege granted to foo@% are also applied to user foo@192.%. (Bug#14385)

NDB Cluster: Inserting and deleting BLOB column values while a backup was in process could cause the loss of an ndbd node. (Bug#14028)

Setting the myisam_repair_threads system variable to a value larger than 1 could cause corruption of large MyISAM tables. (Bug#11527)

Security improvement: In grant table comparisons, improper use of a latin1 collation caused some hostname matches to be true that should have been false. Thanks to Deomid Ryabkov for finding this bug and proposing a solution. (Bug#15756)

NDB Cluster: ndb_delete_all would run out of memory on tables containing BLOB columns. (Bug#16693)

mysqldump tried to dump data from a view. (In MySQL 4.1, this applies when connecting to a server from MySQL 5.0 or higher.) (Bug#16389)

NDB Cluster: An UPDATE with an inner join failed to match any records if both tables in the join did not have a primary key. (Bug#17257)

NDB Cluster: A DELETE with a join in the WHERE clause failed to retrieve any records if both tables in the join did not have a primary key. (Bug#17249)

NDB Cluster: In some cases, LOAD DATA INFILE did not load all data into NDB tables. (Bug#17081)

NDB Cluster: The REDO log would become corrupted (and thus unreadable) in some circumstances, due to a failure in the query handler. (Bug#17295)

NDB Cluster: No error message was generated for setting NoOfFragmentLogFiles too low. (Bug#13966)

NDB Cluster: No error message was generated for setting MaxNoOfAttributes too low. (Bug#13965)

Binary distributions for Solaris contained files with group ownership set to the non-existing wheel group. Now the bin group is used. (Bug#15562)

Killing a long-running query containing a subquery could cause a server crash. (Bug#14851)

Repeated invocation of my_init() and my_end() caused corruption of character set data and connection failure. (Bug#6536)

A FULLTEXT query in a prepared statement could result in unexpected behavior. (Bug#14496)

A FULLTEXT query in a UNION could result in unexpected behavior. (Bug#16893)

Server crash when dropping InnoDB constraints named TABLENAME_ibfk_0. (Bug#16387)

Corrected race condition when dropping the adaptive hash index for a B-tree page in InnoDB. (Bug#16582)

LOAD DATA FROM MASTER produced invalid warnings and Packet out of order errors when the database already existed on the slave. (Bug#15302)

A key on a MEMORY table would sometimes fail to match a row. (Bug#12796)

MYSQL_STMT objects were not preserved following a connection reset. Attempting to operate on them afterwards caused the server to crash. (Bug#12744)