Bugs Fixed:
- InnoDB: The row_upd_clust_rec_by_insert function, which marks a clustered index record as deleted and inserts an updated version of the record into the clustered index, passed an incorrect n_ext value (the total number of external fields) to lower level functions, causing an assertion failure.
- InnoDB: An operation performed with the innodb_buffer_pool_evict debug variable set to uncompressed caused an assertion failure.
- InnoDB: An add column operation caused an assertion failure. The failure was due to a dangling pointer.
- nnoDB: Updating certain InnoDB system variables that take string values raised invalid read errors during Valgrind testing.
- InnoDB: An insert statement on a table with a spatial index raised a record type mismatch assertion due to a tuple corruption.
- InnoDB: A function that calculates undo log record size could calculate an incorrect length value in the case of a corrupted undo log record, resulting in a malloc failure. Assertion code was added to detect incorrect calculations.
- Replication: While an SQL statement was in the process of being rewritten for the binary log so that sensitive information did not appear in plain text, if a SHOW PROCESSLIST statement was used to inspect the query, the query could become corrupted when it was written to the binary log, causing replication to stop. The process of rewriting the query is now kept private, and the query thread is updated only when rewriting is complete.
- Replication: When a GRANT or REVOKE statement is only partially executed, an incident event is logged in the binary log, which makes the replication slave's applier thread stop so that the slave can be reconciled manually with the master. Previously, if a failed GRANT or REVOKE statement was the first statement executed in the session, no GTID was applied to the incident event (because the cache manager did not yet exist for the session), causing an error on the replication slave. Also, no incident event was logged in the situation where a GRANT statement created a user but then failed because the privileges had been specified incorrectly, again causing an error on the replication slave. Both these issues have now been fixed.
- Replication: When a replication slave has a generated column that the master does not have in that table, with a secondary index on the generated column, the generated expression should be evaluated and the value stored by the storage engine in the secondary index. When row-based binary logging is in use, the replication slave assigns default values to any fields that are not in the master's definition of the table. In the case of a generated column, which does not have a default value, the slave was previously assigning a null or a zero value to the column. This value was then stored by the storage engine in the secondary index, causing both the table and the index to become corrupted. To fix this issue, generated columns in a table on a replication slave are now re-evaluated before the values are sent to the storage engine.
- Replication: In the event of an unplanned disconnection of a replication slave from the master, the reference to the master's dump thread might not be removed from the list of registered slaves, in which case statements that accessed the list of slaves would fail. The issue has now been fixed.
- Replication: With the settings binlog_format=MIXED, tx_isolation=READ-COMMITTED, and binlog_row_image=FULL, an INSERT ... SELECT query involving a transactional storage engine omitted any columns with a null value from the row image written to the binary log. This happened because when processing INSERT ... SELECT statements, the columns were marked for inserts before the binary logging format was selected. The issue has now been fixed.
Full Changelog: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-30.html
MFH: 2020Q2
Security: 21d59ea3-8559-11ea-a5e2-d4c9ef517024 (MySQL - Server)
Security: 622b5c47-855b-11ea-a5e2-d4c9ef517024 (MySQL - Client)
Sponsored by: Netzkommune GmbH
Bugfix:
- InnoDB: A tablespace import operation that failed due to the source and destination tables being defined with different DATA DIRECTORY clauses reported an insufficiently descriptive schema mismatch error. Moreover, if a .cfg file was not present, the same operation would raise an assertion failure. A more informative error message is now reported in both cases before the import operation is terminated due to the data directory mismatch.
- InnoDB: Updating certain InnoDB system variables that take string values raised invalid read errors during Valgrind testing.
- Replication: In the event of an unplanned disconnection of a replication slave from the master, the reference to the master's dump thread might not be removed from the list of registered slaves, in which case statements that accessed the list of slaves would fail. The issue has now been fixed
- Replication: With the settings binlog_format=MIXED, tx_isolation=READ-COMMITTED, and binlog_row_image=FULL, an INSERT ... SELECT query involving a transactional storage engine omitted any columns with a null value from the row image written to the binary log. This happened because when processing INSERT ... SELECT statements, the columns were marked for inserts before the binary logging format was selected. The issue has now been fixed.
More Infos: https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-48.html
MFH: 2020Q2
Security: 21d59ea3-8559-11ea-a5e2-d4c9ef517024 (MySQL - Server)
Security: 622b5c47-855b-11ea-a5e2-d4c9ef517024 (MySQL - Client)
Sponsored by: Netzkommune GmbH
build the port with postgres-10 results in:
```
configure: error: Citus is not compatible with the detected PostgreSQL version 10.
```
No PORTREVISION bump, as this will have no effect on the default
packages (which link against postgresql-11) or on anyone who has
successfully built pg_citus. All that happens is that we detect the
incompatible postgresql version earlier in the build process and error
out sooner.
PR: 245958
Reported by: rainer@ultra-secure.de
KDE's April 2020 Apps Update
A new bundle of KDE applications is here! In these releases, you can expect to
find more features, stability improvements, and more user-friendly tools that
will help you work more effectively.
There are dozens of changes to look forward to in most of your favorite
applications. Take Dolphin, for example. Windows Samba shares are now fully
discoverable.
On the topic of playing music: the Elisa music player is adding features by
leaps and bounds. This release brings a new “Now Playing” view, easy
accessibility through the system tray, and an option to minimize the playlist
whenever you want. Thanks to the recently-added visual shuffle mode, it’s much
easier to rearrange your music in the playlists.
These are just the highlights of what’s new in KDE’s applications this month.
Read on to find out about everything we’ve prepared for you.
Announcement:
https://kde.org/announcements/releases/2020-04-apps-update/
