Release Notes for MariaDB Enterprise Server 10.4.26-17

Overview

MariaDB Enterprise Server 10.4.26-17 is a maintenance release of MariaDB Enterprise Server 10.4. This release includes a variety of fixes.

MariaDB Enterprise Server 10.4.26-17 was released on 2022-09-12.

Fixed Security Vulnerabilities

CVE (with cve.mitre.org link)

CVSS base score

CVE-2022-32091

6.5

CVE-2022-32089

6.5

CVE-2022-32084

6.5

CVE-2022-32081

6.5

CVE-2018-25032

7.5

Notable Changes

  • Galera has been updated to 26.4.13-1

  • Debian 9 support has been discontinued.

Issues Fixed

Can result in data loss

  • With MariaDB Enterprise Cluster, when read_only is enabled on a node, users without the SUPER privilege can still write to the node. (MDEV-28546)

  • With MariaDB Enterprise Cluster, when a value is retrieved from an InnoDB sequence using the NEXTVAL() function, the change is not replicated. (MDEV-27862)

    • Starting with this release, InnoDB sequences are properly replicated when they are defined with NOCACHE.

  • When an InnoDB table's collation is changed using ALTER TABLE with the INPLACE or NOCOPY algorithms, duplicate entries in unique indexes are not detected. (MDEV-26294)

  • When ALTER TABLE .. IMPORT TABLESPACE is executed against an encrypted InnoDB tablespace file, the table can be corrupted. (MDEV-28779)

Can result in a hang or crash

  • When INSERT .. SELECT .. GROUP BY is executed and the GROUP BY clause contains a derived table, the server can crash. (MDEV-28617)

  • When a query contains an ANY(SELECT .. GROUP BY(SELECT ..)) predicand with a redundant subquery in the GROUP BY clause, the server can crash. (MDEV-29139)

  • When ALTER TABLE .. ADD is used to add a column with the INSTANT algorithm, the server can crash if the ROW_FORMAT in the .frm file does not match the actual row format used by the data file. (MDEV-26577)

    • For tables created prior to MariaDB Server 10.2, the ROW_FORMAT in the .frm file could be inconsistent with the actual row format used by the data file. If the server were upgraded to MariaDB Enterprise Server 10.6, the inconsistency could remain.

  • When INSERT .. SELECT is executed and the SELECT query calls an aggregate or window function, the server can crash with a segmentation fault. (MDEV-26427)

  • When the JSON_EXTRACT() function is called, the server can crash with a segmentation fault. (MDEV-29188)

  • When a query uses the DISTINCT keyword and calls an aggregate function as an argument for an always-constant function, the server can crash. (MDEV-23809)

    • An always-constant function is a function that always returns a constant value, even if the function's arguments are not constant.

    • For example, the COLLATION() function is an always-constant function.

  • When mariadb-backup is executed with the --compress and --parallel options, the backup can hang due to a race condition between threads. (MDEV-29043)

  • When an EXISTS predicate or an IN, ALL, or ANY predicand is used in an eliminated GROUP BY clause, the server can crash. (MENT-1606) (MDEV-29350)

  • When an IN subquery is used outside the context of a regular query (such as in a stored procedure), the server can crash. (MDEV-22001)

  • When MariaDB Enterprise Cluster is used and the Galera replication TCP port receives non-Galera network traffic, the server can crash. (MDEV-25068)

    • In previous releases, when the crash occurred, the following messages would appear in the MariaDB error log:

      terminate called after throwing an instance of 'boost::exception_detail::clone_impl<boost::exception_detail::error_info_injector<std::system_error> >'
      what():  remote_endpoint: Transport endpoint is not connected
      [ERROR] mysqld got signal 6 ;
      
  • When a generated column is added to an InnoDB table with the INSTANT algorithm, the server can crash due to a buffer overflow. (MDEV-26420)

  • When CREATE VIEW is executed with a view definition that contains an unknown column in an ON condition, the server can crash instead of raising an error with the ER_BAD_FIELD_ERROR error code. (MDEV-29088)

Can result in unexpected behavior

  • When an IN condition contains a mixture of numeric and string values, results can be inconsistent. (MDEV-21445)

  • When a sequence event is written to the binary log with binlog_format=ROW, the value of binlog_row_image is not respected. (MDEV-28487)

  • When a transaction can't be fully written to the binary log, but the transaction can be safely rolled back, a LOST_EVENTS incident event is written to the binary log. (MDEV-21443)

    • In previous releases, this problem could cause replica servers to encounter the following error:

      Last_SQL_Errno	1590
      Last_SQL_Error	The incident LOST_EVENTS occurred on the master. Message: error writing to the binary log
      
    • Starting with this release, a LOST_EVENTS incident is only written to the binary log when safe rollback is not possible.

  • When a replica server replicates an incident event, the details about the failure are not in the primary server's error log, the replica server's error log, or the output of SHOW REPLICA STATUS. (MDEV-21087)

  • When a backup is performed with mariadb-backup, the backup includes binary logs. (MDEV-28758)

  • When a table is created from a SELECT statement that uses a recursive CTE, the table can use unexpected data types and contain truncated data if the calculated values from the recursive part of the CTE do not fit in the column types that are taken from the non-recursive part of the CTE. (MDEV-12325)

    • Starting with this release, the CTE calculation is aborted when the calculated values do not fit in the column types. When this occurs, a warning or error (depending on sql_mode is raised with the ER_WARN_DATA_OUT_OF_RANGE error code and the following error message:

      Out of range value for column 'COLUMN_NAME' at row ROW_NUM
      
  • For multi-table UPDATE or DELETE queries, the optimizer fails to apply partition pruning optimization for the table that is updated or deleted from. (MDEV-28246)

  • When mariadb client uses EditLine instead of readline (such as on Debian and Ubuntu), Unicode characters are not accepted. (MDEV-28197)

  • When the optimizer chooses a semi-join optimization for a subquery, the LooseScan and FirstMatch strategies are not considered for certain queries where they would be appropriate, and they are considered for certain queries where they would be inappropriate. (MDEV-28749)

  • When FULLTEXT search is performed on an InnoDB table, the results are incorrect when the search term contains an apostrophe ('). (MDEV-20797)

    • Starting with this release, when a search term contains an apostrophe ('), InnoDB tokenizes the word at the apostrophe, ignores the first token, and matches against the second token.

  • After upgrading from old versions of MariaDB Server, some ALTER TABLE operations fail if ALGORITHM=NOCOPY is specified. (MDEV-28727)

    • In previous releases, the following error could be raised:

      ERROR 1845 (0A000): ALGORITHM=NOCOPY is not supported for this operation. Try ALGORITHM=INPLACE
      

Interface Changes

Platforms

In alignment to the enterprise lifecycle, MariaDB Enterprise Server 10.4.26-17 is provided for:

  • CentOS 7 (x86_64)

  • Debian 10 (x86_64, ARM64)

  • Microsoft Windows (x86_64)

  • Red Hat Enterprise Linux 7 (x86_64)

  • Red Hat Enterprise Linux 8 (x86_64, ARM64)

  • Rocky Linux 8 (x86_64, ARM64)

  • SUSE Linux Enterprise Server 12 (x86_64)

  • SUSE Linux Enterprise Server 15 (x86_64, ARM64)

  • Ubuntu 18.04 (x86_64, ARM64)

  • Ubuntu 20.04 (x86_64, ARM64)

Some components of MariaDB Enterprise Server might not support all platforms. For additional information, see "MariaDB Corporation Engineering Policies".