Release Notes for MariaDB Enterprise Server 10.2.40-13

Overview

This thirteenth release of MariaDB Enterprise Server 10.2 is a maintenance release. This release includes a variety of fixes.

MariaDB Enterprise Server 10.2.40-13 was released on 2021-09-14.

Fixed Security Vulnerabilities

CVE (with cve.mitre.org link)

CVSS base score

CVE-2021-2372

4.4

CVE-2021-2389

5.9

Notable Changes

  • The script wsrep_sst_mariabackup checks all server-related configuration groups when processing a configuration file. (MDEV-25669)

    • Prior to this release, only the [mysqld] configuration group was checked when processing a configuration file.

  • MariaDB Enterprise Backup expects --stream=mbstream to stream a backup using the included mbstream utility. (MDEV-15730)

    • Prior to this release, MariaDB Enterprise Backup expected --stream=xbstream, even though the xbstream utility had been renamed to mbstream.

  • InnoDB no longer acquires advisory file locks by default. (MDEV-24393)

  • The information_schema.KEYWORDS table has been added and can be used to view details about SQL keywords. (MDEV-25129)

  • The information_schema.SQL_FUNCTIONS table has been added and can be used to view details about built-in functions. (MDEV-25129)

  • When using data-at-rest encryption with the file_key_management encryption plugin, InnoDB will automatically disable key rotation checks. (MDEV-14180)

  • Galera updated to 25.3.34

  • ARM64 is now supported for several platforms

Issues Fixed

Can result in a hang or crash

  • Possible server crash when pushing a WHERE condition over a mergeable derived table / view / CTE DT into a grouping view / derived table / CTE V whose item list contained set functions with constant arguments. (MDEV-25635)

  • Server crashes on second execution of a stored procedure or a prepared statement when the corresponding query executes a window function on a view, CTE, or derived table. (MDEV-25565)

  • Server crashes possible when executing a prepared statement with a hanging recursive CTE. (MDEV-26135)

  • Server crashes while executing query with a CTE in a prepared statement or stored procedure. (MDEV-26025)

  • Server crashes while executing query with a recursive CTE that is indirectly used twice. (MDEV-26202)

  • Server crashes due to infinite recursion while processing an embedded recursive CTE with missing RECURSIVE. (MDEV-26095)

  • Server crashes in InnoDB deadlock checker under high load. (MDEV-25594)

  • Server crashes when a virtual generated column has a prefix index. (MDEV-26220)

  • Server crashes possible when using virtual generated columns. (MDEV-18166) (MDEV-18249)

  • Server crashes while executing DELETE when a YEAR column is truncated. (MDEV-17890)

  • Server crashes while executing SET ROLE when a hostname cannot be resolved. (MDEV-26081)

  • Server crashes when a subquery references an outer column in an ORDER BY clause. (MDEV-25629)

  • Server crashes due to a stack overrun in the query optimizer while executing query with more than 32 equality conditions that compare columns of different tables (such as tableX.colX=tableY.colY). (MDEV-17783)

  • Server crashes when a window function is the left expression of an IN(SELECT ..) subquery. (MDEV-25630)

  • Possible deadlock on a Replica server using GTID Replication when slave_parallel_mode=optimistic and OPTIMIZE TABLE, REPAIR TABLE, or ANALYZE TABLE is executed. (MDEV-17515)

  • Server crashes when ALTER TABLE .. ADD FULLTEXT INDEX fails on an InnoDB table. (MDEV-25721)

  • Server crashes while executing TRUNCATE TABLE on an InnoDB table with a Full-Text Index. (MDEV-25663)

  • Server crashes while executing ALTER TABLE on an InnoDB table with virtual generated columns that are indexed. (MDEV-25872)

Can result in unexpected behavior

  • When CREATE OR REPLACE TABLE fails after dropping the table, the DROP TABLE operation is not written into the binary log. (MDEV-25595)

  • The SHOW GRANTS statement does not quote role names properly for DEFAULT ROLE. (MDEV-26080)

  • The innochecksum utility reports errors for freed pages. (MDEV-25361)

  • When an unknown column is referenced in the WHERE clause of a recursive CTE, the query sometimes succeeds instead of failing with an ER_BAD_FIELD_ERROR. (MDEV-26189)

  • Reusing CTE inside a function fails with the ER_NO_SUCH_TABLE error code. (MDEV-23886)

  • Several fixes for MariaDB Enterprise Cluster (Galera) SST scripts. (MDEV-20580`:org-jira:`MDEV-25818) (MDEV-25759) (MDEV-25719) (MDEV-15639) (MDEV-15371) (MDEV-18797) (MENT-1170) (MDEV-24979) (MDEV-21192)

  • With MariaDB Enterprise Cluster, when wsrep_sst_method=mariabackup, MariaDB Enterprise Backup does not inherit server options set by the Environment systemd configuration parameter. (MDEV-24962)

  • With MariaDB Enterprise Cluster, when wsrep_sst_method=rsync is set and log-bin and/or log-bin-index are set to custom paths, the rsync SST does not copy the binary log index. (MDEV-25978)

    As a result of this issue, a Joiner node writes the following error to the MariaDB Error Log:

    tail: cannot open 'mysql-bin.index' for reading: No such file or directory
    
  • With MariaDB Enterprise Cluster, when wsrep_sst_method=rsync is set, rsync for a new SST process may be killed rather than the rsync for the old SST process. (MDEV-25880)

  • With MariaDB Enterprise Cluster, the WSREP threads could write warnings about foreign keys to the MariaDB Error Log when wsrep_debug is not enabled. (MDEV-26062)

    • In prior releases, the following warning could be written to the log:

      InnoDB: WSREP: referenced FK check fail: Lock wait index `PRIMARY` table `schema`.`child_table`"`` :org-jira:`MDEV-26062`
      
    • Starting with this release, the WSREP threads will only write warnings about foreign keys to the MariaDB Error Log when wsrep_debug is enabled.

  • The CREATE INDEX statement may check the wrong maximum column length. (MDEV-26203)

  • The Spider storage engine handles ">=" as ">" in some cases, where multi-column indexes are used. (MDEV-25985)

  • The max_password_errors system variable does not work correctly with the ed25519 authentication plugin. (MDEV-25641)

  • The "Condition pushdown into derived table" optimization cannot be applied if the expression being pushed refers to a derived table column which is computed from an expression that has a stored function call, @session variable reference, or other similar construct. (MDEV-25969)

  • A query that uses ORDER BY .. LIMIT clause and "Range checked for each record" optimization could produce incorrect results. (MDEV-25858)

  • An aborted OPTIMIZE TABLE statement is logged in the binary log and replicates to the Replica server. (MDEV-22530)

  • EXPLAIN shows an execution plan different from actually executed. (MDEV-25682)

  • Wrong result when selecting from views, derived tables, or CTEs with the form (SELECT .. LIMIT <n>) ORDER BY .. (MDEV-25679)

  • Procedure containing CTE incorrectly stored in the mysql.proc system table. (MDEV-20411)

Interface Changes

Platforms

In alignment to the enterprise lifecycle, MariaDB Enterprise Server 10.2.40-13 is provided for:

  • CentOS 7 (x86_64)

  • CentOS 8 (x86_64 / ARM64)

  • Debian 9 (x86_64 / ARM64)

  • Red Hat Enterprise Linux 7 (x86_64)

  • Red Hat Enterprise Linux 8 (x86_64 / ARM64)

  • SUSE Linux Enterprise Server 12 (x86_64)

  • SUSE Linux Enterprise Server 15 (x86_64 / ARM64)

  • Ubuntu 18.04 (x86_64 / ARM64)

  • Microsoft Windows (x86_64)