Release Notes for MariaDB Enterprise Server 10.5.15-10

Overview

MariaDB Enterprise Server 10.5.15-10 is a maintenance release of MariaDB Enterprise Server 10.5. This release includes a variety of fixes.

MariaDB Enterprise Server 10.5.15-10 was released on 2022-03-14.

Fixed Security Vulnerabilities

CVE (with cve.mitre.org link)

CVSS base score

CVE-2021-46668

5.5

CVE-2021-46665

5.5

CVE-2021-46664

5.5

CVE-2021-46663

5.5

CVE-2021-46661

5.5

CVE-2021-46659

5.5

Notable Changes

  • New system variables have been added for the HashiCorp Key Management Plugin: (MENT-864)

    • hashicorp_key_management_cache_timeout defines the time (in milliseconds) after which the value of the key stored in the cache becomes invalid, and an attempt to read this data causes a new request to be sent to the vault server. If the value is 0, then the keys will always be considered invalid, but they are still used if the vault server is unavailable and hashicorp_key_management_use_cache_on_timeout is enabled. By default, the value is 60000 (1 minute).

    • hashicorp_key_management_cache_version_timeout defines the time (in milliseconds) after which the information about latest version number of the key (which is stored in the cache) becomes invalid and an attempt to read this information causes a new request to be sent to the vault server. If the value is 0, then information about latest key version numbers always considered invalid, but they are still used if the vault server is unavailable and hashicorp_key_management_use_cache_on_timeout is enabled. By default, the value is 0.

    • For maximum flexibility, both of the new system variables can be configured with the loose prefix:

    [mariadb]
    loose_hashicorp_key_management_cache_timeout=120000
    loose_hashicorp_key_management_cache_version_timeout=120000
    
  • Galera updated to 26.4.11

Changes in Storage Engines

Issues Fixed

Can result in data loss

  • Columns in some INFORMATION_SCHEMA tables are erroneously declared with DEFAULT clauses, which is not compliant with the SQL standard. (MDEV-18918)

    • Consequently, when sql_mode=EMPTY_STRING_IS_NULL is set, queries like CREATE TABLE .. SELECT .. FROM INFORMATION_SCHEMA... could encounter replication errors like the following:

    Error 'Invalid default value for 'TABLE_NAME'' on query. Default database: 'test'. Query: 'CREATE TABLE `t1` (`TABLE_NAME` varchar(64) CHARACTER SET utf8 NOT NULL DEFAULT ''
    
  • When an ALTER TABLE statement changes the order of indexes in a MyISAM or Aria table using the INPLACE algorithm, the table can become corrupt. (MDEV-25803)

  • When CREATE OR REPLACE SEQUENCE is written to the binary log, the statement is not flagged as DDL, which causes the replica servers to execute the statement in an unsafe way if parallel replication is enabled. (MDEV-27365)

  • After upgrading from MariaDB 10.3 or earlier, the names of some triggers can appear empty, and the trigger can't be dropped. (MDEV-25659)

Can result in a hang or crash

  • When a FULLTEXT index is added to an InnoDB table with ALGORITHM=INPLACE and the indexed column uses the tis620 character set, the server can crash with a segmentation fault (signal 11). (MDEV-24901)

  • When MariaDB Server is used on the ARM architecture, which uses a weak memory model, an internal hash table implementation can cause the server to crash with a segmentation fault (signal 11). (MDEV-27088)

  • When wsrep_sst_method=mariabackup and innodb_force_recovery=1 are set with MariaDB Enterprise Cluster, powered by Galera, the joiner node fails to perform an SST. (MDEV-26064)

    • The SST log contains the following message related to the failure:

    mariabackup: The option "innodb_force_recovery" should only be used with "--prepare".
    mariabackup: innodb_init_param(): Error occurred.
    
  • When --stream=xbstream is set, MariaDB Enterprise Backup can hang on lock acquisitions due to a deadlock. (MDEV-26558)

  • When a stored procedure is defined with a query that contains a set function, and the set function's only argument is an outer reference to a column of a mergeable view, a derived table, or a CTE, the second execution of the stored procedure can cause the server to crash. (MDEV-25086)

  • When a derived table is created for certain queries that use subqueries over Views or CTEs, the server can crash with a segmentation fault (signal 11). (MDEV-25631)

  • When a stored procedure uses a cursor to run a query that requires an internal temporary table (such as queries containing an ORDER BY clause), the server can crash due to a segmentation fault (signal 11). (MDEV-24827)

  • Server can crash if a CTE or derived table is not used by the query. (MDEV-25766)

  • When log_slow_verbosity = 'explain' is set and a query is executed that references a derived table, the server can crash while writing the query's execution plan to the slow query log. (MDEV-26249)

  • When a stored procedure or a prepared statement is used to execute a query that performs a join which compares a GEOMETRY column with a different data type, executing the stored procedure or prepared statement twice can cause the server to crash. (MDEV-20770)

  • When a system versioned table is created with character_set_server=utf8mb4 and collation_server=utf8mb4_unicode_1400_ci, the server can crash. (MDEV-27195)

  • When a system-versioned table is partitioned by SYSTEM_TIME, executing DELETE FROM .. PARTITION(..) causes the server to crash. (MDEV-27217)

  • When the following conditions are met, executing a prepared statement twice can cause the server to crash: (MDEV-23182)

    • The in_predicate_conversion_threshold system variable must be set to some value n.

    • The query must contain an IN(...) clause with more than n string literals.

    • The query must require character set conversions.

  • After completing a successful SST with MariaDB Enterprise Cluster, wsrep_local_state_comment on the donor node still says 'Donor/Desynced'. (MDEV-27459)

  • With MariaDB Enterprise Cluster, when REPAIR VIEW is executed on a view that references information_schema.TABLES, the server can crash. (MDEV-25538)

  • When ALTER TABLE .. ADD COLUMN is used to instantly add columns in the middle of an InnoDB table, and then the tablespace is exported with FLUSH TABLES .. FOR EXPORT, and then the tablespace is re-imported with ALTER TABLE .. IMPORT TABLESPACE, the server can crash. (MDEV-27272)

  • When optimizer_switch='not_null_range_scan=on' is set, the server can crash if an index on an InnoDB table is used to check a condition that can evaluate to NULL. (MDEV-22846)

  • When a Spider table uses a FLOAT column, the server can crash with an assertion failure. (MDEV-27184)

    • In the MariaDB error log, the following error message could be written about the assertion failure:

    Assertion `(old_top == initial_top (av) && old_size == 0) || ((unsigned long) (old_size) >= MINSIZE && prev_inuse (old_top) && ((unsigned long) old_end & (pagesize - 1)) == 0)' failed.
    
  • With MariaDB Enterprise Cluster, when a CREATE TABLE statement that defines a Foreign Key constraint is replicated to other cluster nodes, the nodes could apply the statement in parallel with other DML statements that affect the Foreign Key constraint, which causes the node to fail with an assertion failure. (MDEV-27276)

  • With MariaDB Enterprise Cluster, when two transactions delete a row from two separate InnoDB tables in parallel and a foreign key causes a delete to cascade for both transactions to the same row in a third table, the server can crash with an assertion failure. (MDEV-26803) (MDEV-26298)

    • In previous releases, this issue could be avoided by setting wsrep_slave_threads=1.

    • In the MariaDB error log, the following error message about the assertion failure could be written:

    int wsrep::client_state::bf_abort(wsrep::seqno): Assertion `mode_ == m_local || transaction_.is_streaming()' failed.
    [ERROR] mysqld got signal 6 ;
    
  • When innodb_flush_log_at_trx_commit=2 and innodb_flush_method=O_DSYNC are set, the server could crash with an assertion failure. (MDEV-27754)

    • In the MariaDB error log, the following message about the assertion failure could be written:

    InnoDB: Failing assertion: lsn >= log_sys.get_flushed_lsn()
    
  • When InnoDB does not use RAM disk for storage, the server can occasionally hang during a log checkpoint. (MDEV-27416)

  • When using Enterprise Spider, the server can crash due to memory corruption. (MDEV-27240)

  • When mariadbd --help is executed, the server could try to lock the Aria control file. (MDEV-24788)

    • In the MariaDB error log, the following error messages could be written about this:

    [ERROR] mysqld: Can't lock aria control file '/var/lib/mysql/aria_log_control' for exclusive use, error: 11. Will retry for 0 seconds
    [ERROR] Plugin 'Aria' init function returned error.
    [ERROR] Plugin 'Aria' registration as a STORAGE ENGINE failed.
    
  • When an index is dropped and re-adding to a table in a different position using the INPLACE algorithm and the table uses the MEMORY storage engine, the server can crash. (MDEV-25555)

Can result in unexpected behavior

  • When a multi-byte character set is used, the last character of a TINYTEXT column can be truncated, which makes it appear as a question mark ('?). (MDEV-24335)

  • Subquery using the ALL keyword on TIME columns produces a wrong result. (MDEV-27098)

  • Subquery using the ALL keyword on DATE columns produces a wrong result. (MDEV-27072)

  • When float literals are defined using scientific notation and the token also contains certain special characters, the parser incorrectly parses the float value and completely drops it from the request. (MDEV-27066)

  • When a double-encapsulated CTE query calls a function which reads a table that has been aliased in the CTE query, the server incorrectly raises an error with the ER_NO_SUCH_TABLE error code. (MDEV-26825)

  • When a CTE is used in a subquery of a DELETE statement, the server incorrectly raises an error with the ER_NO_DB_ERROR error code. (MDEV-26470)

  • When MariaDB Enterprise Cluster performs an SST, the SST scripts incorrectly try to read ssl_ca as a path to a directory of TLS CA certificates instead of using ssl_capath for that purpose. (MDEV-27181)

  • When MariaDB Enterprise Cluster performs an SST, the SST scripts do not always interpret log_bin_index correctly. (MDEV-26915)

  • When an index is used for an ORDER BY .. LIMIT query, the optimizer does not disable the Range Checked for Each Record optimization. (MDEV-27270)

  • When optimizer_switch='index_merge_sort_intersection=on' is set, the optimizer can incorrectly choose to merge an index that does not help, because the query conditions require the full index to be scanned. (MDEV-27262)

  • When the version system variable is set, MariaDB Connector/C and the mariadb client do not interpret MariaDB Server's extended metadata properly, which can cause results from some SHOW .. to be right-aligned. (MDEV-27304)

  • When an INSERT .. SELECT statement selects from and inserts into the same table, rows are counted twice, which can cause row numbers to be reported incorrectly in error messages. (MDEV-26698)

  • When a replica server's relay log is rotated, Seconds_Behind_Master in SHOW REPLICA STATUS can temporarily show an incorrect value that is very high. (MDEV-16091)

  • The collation column in the information_schema.STATISTICS table is incorrectly read as NULL. (MDEV-4621)

  • When a join performs a comparison between an expression that uses a case-insensitive collation and an ENUM column that uses a binary collation, the comparison uses the wrong collation, which can cause results to be incorrect. (MDEV-26129)

  • When innodb_buffer_pool_size is changed dynamically with SET GLOBAL, InnoDB does not enforce the minimum value that is enforced on startup, which can result in an impossibly small buffer pool with some values of innodb_buffer_pool_chunk_size. (MDEV-27467)

  • When the DATABASE() function is used in some queries (such as queries using UNION ALL), database names can be truncated to 34 characters, even though database names can have up to 64 characters. (MDEV-27544)

  • When the --symbolic-links option is disabled, such as when --skip-symbolic-links or --disable-symbolic-links is set, InnoDB still allows symbolic links and .isl files to be created if tables have the DATA DIRECTORY option. (MDEV-26870)

  • When CREATE TABLE t1 LIKE t2 is executed and the t2 table is a partitioned table that uses the MyISAM or Aria storage engines and has the DATA DIRECTORY option defined for partitions, the operation fails with a file system error. (MDEV-25917)

  • When sql_mode=ONLY_FULL_GROUP_BY is set, some window functions incorrectly raise an error with the ER_MIX_OF_GROUP_FUNC_AND_FIELDS error code. (MDEV-17785)

  • When a system-versioned table is partitioned by SYSTEM_TIME with a LIMIT clause, CHECK TABLE can incorrectly return an error. (MDEV-25552)

  • The lateral derived optimization is not disabled for queries that use WITH ROLLUP, which causes queries that use GROUP BY to return incorrect results. (MDEV-26337)

  • When optimizer_switch='split_materialized=on' is set, queries that use the split optimization can return the wrong results. (MDEV-27510) (MDEV-27132)

  • When a row is deleted from an InnoDB table, and then a new row with the same key is inserted into the table by a different transaction, InnoDB's MVCC code can incorrectly hide the new row from transactions that should see the changes: (MENT-1414)

    • Consequently, queries can try to insert another new row with the same key, which results in an error with the ER_DUP_ENTRY error code.

    • When a replica server has slave_parallel_mode set to 'optimistic' or 'aggressive', this can result in the following error in SHOW REPLICA STATUS:

    Last_Errno: 1062
    Last_Error: Error 'Duplicate entry 'VALUE' for key 'KEY_NAME'' on query. Default database: 'DATABASE_NAME'. Query: 'INSERT INTO ..'
    
  • With MariaDB Enterprise Audit, prepared statements can't be used to enable audit logging. (MENT-379)

    • In previous releases, using a prepared statement to set the server_audit_logging system variable would fail with the following error message:

    ERROR 1 (HY000): Logging cannot be enabled.
    
  • When a proxy user is used for authentication, the server checks the proxy user account for the following security controls: (MDEV-26339)

    • SSL/TLS requirements

    • Account locking

    • Password expiration

    • Starting with this release, the server checks the original user account for the security controls mentioned above.

  • When wsrep_osu_method='TOI' is set with MariaDB Enterprise Cluster, ALTER SEQUENCE is not replicated to other nodes as DDL. (MDEV-19353)

  • With MariaDB Enterprise Cluster, a race condition in group commit logic could cause cluster nodes to apply transactions in the wrong order, which could cause the server to fail with an assertion. (MDEV-27348)

    • In the MariaDB Error Log, the message about the assertion failure could look similar to the following:

    void trx_rseg_update_wsrep_checkpoint(trx_rsegf_t*, const XID*, mtr_t*): Assertion `xid_seqno > wsrep_seqno' failed.
    [ERROR] mysqld got signal 6 ;
    
  • When the query cache is enabled and older clients or connectors that don't support the CLIENT_EXTENDED_METADATA capability flag are used, queries could fail with an unknown error. (MDEV-24487)

  • When JSON is used with single row sub-selects or hybrid functions (such as IF() and COALESCE()), the results could be considered normal strings instead of JSON. (MDEV-27018)

  • A performance regression exists for updates to InnoDB tables that do not use an index. (MDEV-27499)

  • With MariaDB Enterprise Cluster, when wsrep_gtid_mode=ON is set and the value of server_id is changed to a new value, transactions still use the old server_id value in GTIDs. (MDEV-26223)

  • When OFFSET is combined with SELECT DISTINCT, a JOIN, and IN(..), OFFSET is ignored. (MDEV-27382)

  • When a numeric argument is provided to COLLATE, the server always uses a collation of the latin1 character set instead of a collation of character_set_connection. (MDEV-24584)

    • When a COLLATE clause specifies a collation of character_set_connection, the query could fail with the following error message:

    ERROR 1253 (42000): COLLATION ' …' is not valid for CHARACTER SET 'latin1'
    

Install and Upgrade

  • When MariaDB Server is upgraded from 10.2, 10.3, or 10.4, InnoDB upgrades the redo log format in a manner that is not crash-safe. (MDEV-27190)

  • When the mysql.AddGeometryColumn and mysql.DropGeometryColumn stored procedures use the old default DEFINER = 'root@localhost', mariadb-upgrade does not alter them to use the new default DEFINER = 'mariadb.sys@localhost'. (MDEV-27124)

Interface Changes

Platforms

In alignment to the enterprise lifecycle, MariaDB Enterprise Server 10.5.15-10 is provided for:

  • CentOS 7 (x86_64)

  • Debian 9 (x86_64 / ARM64)

  • Debian 10 (x86_64 / ARM64)

  • Debian 11 (x86_64 / ARM64)

  • Microsoft Windows (x86_64)

  • Red Hat Enterprise Linux 7 (x86_64)

  • Red Hat Enterprise Linux 8 (x86_64 / ARM64)

  • SUSE Linux Enterprise Server 12 (x86_64)

  • SUSE Linux Enterprise Server 15 (x86_64 / ARM64)

  • Ubuntu 18.04 (x86_64 / ARM64)

  • Ubuntu 20.04 (x86_64 / ARM64)

Some components of MariaDB Enterprise Server might not support all platforms. For additional information, see "MariaDB Corporation Engineering Policies".