Release Notes for MariaDB Enterprise Server 10.4.17-10

Overview

This tenth release of MariaDB Enterprise Server 10.4 is a maintenance release. This release includes security fixes.

MariaDB Enterprise Server 10.4.17-10 was released on 2020-12-14.

Fixed Security Vulnerabilities

CVE (with cve.org link)

CVSS base score

CVE-2020-14765

6.5

CVE-2020-14812

4.9

CVE-2020-14789

4.9

CVE-2020-14776

4.9

CVE-2020-28912

N/A (Critical)#1

#1:

MariaDB CVEs are assigned a word rating instead of a CVSS base score. See the MariaDB Engineering Policy for details.

Notable Changes

  • Galera wsrep library updated to 26.4.6 in MariaDB Enterprise Cluster.

  • In alignment with the MariaDB Engineering Policy, this release does not include CentOS 6.x and RHEL 6.x packages.

  • The audit plugin (not MariaDB Enterprise Audit) did not log proxy users. The new plugin version 2.0.3 introduces an event sub-type PROXY_CONNECT for event type CONNECT. (MDEV-19443)

    • On connect, if a proxy user is used, an extra line will be logged: TIME,HOSTNAME,user,localhost,ID,0,PROXY_CONNECT,test,plug_dest@%,0

  • Better MariaDB GTID support for the mariabackup --slave-info option. (MDEV-19264)

  • New global InnoDB variable innodb_max_purge_lag_wait (MDEV-16952)

  • The new parameter --include-unsupported for the script mariadb_es_repo_setup can be used to enable a repository of unsupported packages in the repository configuration. The repository currently includes the CONNECT Storage Engine. The storage engine can be installed by yum install MariaDB-connect-engine or apt-get install mariadb-plugin-connect-engine (MENT-1003)

  • Back port of a MariaDB Server 10.5 feature to not acquire InnoDB record locks when covering table locks exist. (MENT-403)

  • Change innodb_log_optimize_ddl=OFF by default. (MDEV-23720)

  • MariaDB Enterprise Audit did not log proxy users. The new plugin version 2.0.3 introduces an event sub-type PROXY_CONNECT for event type CONNECT. (MENT-977)

    • On connect, if a proxy user is used, an extra line will be logged: TIME,HOSTNAME,user,localhost,ID,0,PROXY_CONNECT,test,plug_dest@%,0

    • The event type can also be used in filters "connect_event": ["CONNECT","DISCONNECT","PROXY_CONNECT"]

  • Performance improvements for comparisons of temporal data types with temporal literals. (MDEV-23551)

  • Performance improvements for comparisons of temporal data types. (MDEV-23537)

Issues Fixed

Can result in data loss

Can result in a hang or crash

Can result in unexpected behavior

  • Defining a view with SQL syntax ISNULL(ID)=0 incorrectly returns a syntax error. (MENT-1015)

  • MariaDB Enterprise Backup reports an error that it cannot find an Aria log file './aria_log.00000000' (MENT-907)

  • MariaDB Enterprise Backup failure for incremental backups. (MDEV-24026)

  • Aborting a query on an InnoDB table with KILL QUERY does not show an SQL error message, if the query could not be aborted. (MDEV-23938)

  • Optimizer has chosen an inefficient plan, if a multi-component index, a second index, and a WHERE or ON clause with conditions over these indexes are used. (MDEV-23811)

  • Some rounding has been done in an unexpected way for decimal numbers. (MDEV-23702)

  • Server crashes after changing innodb_buffer_pool_size at runtime via a SET statement. (MDEV-23693)

  • Creating a view removes parentheses on expressions from the SELECT, which results in wrong results. (MDEV-23656)

  • mysql_tzinfo_to_sql under InnoDB is slow. (MDEV-23440)

  • UDF cannot be uninstalled if the UDF library file doesn't exist. (MDEV-23327)

  • CAST(expr AS type) with type DECIMAL can return an unexpected result, if the given value for "expr" includes many leading zeros. (MDEV-23105)

  • Galera replication broken if only one timezone is loaded. (MDEV-22626)

  • Galera SST donation fails, FLUSH TABLES WITH READ LOCK times out. (MDEV-22543)

  • Memory leaks possible after ALTER TABLE with FOREIGN KEY (MDEV-22277)

  • MariaDB Enterprise Backup SST fails for MariaDB Enterprise Cluster if data-directory has lost+found directory. (MDEV-21951)

  • SHOW BINLOG EVENTS FROM ... caused a variety of non-determinism failures if the given position did not exist. (MDEV-21839)

  • Linux AIO returned OS error 22 if parameters set to innodb_flush_method O_DIRECT and innodb_use_native_aio=1 (default). (MDEV-21584)

  • CREATE OR REPLACE TRIGGER in Galera cluster not replicating, if a trigger with the same name already exists. (MDEV-21578)

  • mysqld_multi no longer works with different server binaries. (MDEV-21526)

  • Possible error for incremental backup --prepare for encrypted tablespaces. (MDEV-20755)

  • Possible slow server start and stop if full text indexes are used. (MDEV-18867)

  • The parentheses in a VIEW can be defined incorrectly for a combination of = and BETWEEN (MDEV-17408)

  • ER_BASE64_DECODE_ERROR upon replaying binary log. (MDEV-16372)

  • Several IPv6 issues with MariaDB Enterprise Cluster powered by Galera. (MDEV-21770, MDEV-23576, MDEV-23580, MDEV-23581, MDEV-23574)

  • Subquery on information_schema fails with error message. (MENT-1016)

  • A AUTO_INCREMENT does not increment with compound primary key on partitioned table. (MENT-997)

  • CREATE TEMPORARY TABLE .. LIKE (system versioned table) returns error if unique index is defined in the table. (MDEV-23968)

  • CREATE .. SELECT can result in empty result on join versioned table. (MDEV-23799)

  • Error ERROR 4142 (HY000): SYSTEM_TIME partitions in table `t1` does not support historical query upon querying a view, when that view is selecting from the versioned table with partitions. It only happens if the view itself was created using FOR SYSTEM_TIME ALL (MDEV-23779)

  • Disk space not reused for Blob in data file. (MDEV-23072)

  • mysqldump will not dump sequence definition details on --no-data dump. (MDEV-21786)

  • CHECK TABLE fails to validate corruption on a table that was corrupted by a bug related to instant ADD or DROP (fixed in MariaDB Enterprise Server 10.3.17, 10.4.7). (MDEV-21251)

  • Subquery execution not terminated after LIMIT ROWS EXAMINED is exceeded. (MDEV-18335)

  • Deadlock between BACKUP STAGE BLOCK_COMMIT and parallel replication. (MDEV-23586)

  • Possible memory leak in galera library. (MDEV-23559)

  • Wrong result of MIN(time_expr) and MAX(time_expr) with GROUP BY (MDEV-23525)

  • Syntax error results in misleading message on SHOW CREATE PROCEDURE about missing system table mysql.proc (MDEV-23518)

  • FORMAT(num, decimal_position[, locale]) where decimal position is 0 or 38 and num is DECIMAL(38,38) returns incorrect results. (MDEV-23118)

  • A query result includes a data row twice depending on the WHERE clause used, if partitioning is used. (MDEV-22246)

  • Assertion after ROLLBACK AND CHAIN (MDEV-22055)

  • mariadb_es_repo_setup curl failed on Ubuntu Focal if ca-certificates is not installed. Now it will prompt an error about missing ca-certificates (MENT-971)

Interface Changes

Platforms

In alignment to the enterprise lifecycle, MariaDB Enterprise Server 10.4.17-10 is provided for:

  • Red Hat Enterprise Linux 7

  • Red Hat Enterprise Linux 8

  • CentOS 7

  • CentOS 8

  • Debian 9

  • Debian 10

  • SUSE Linux Enterprise Server 12

  • SUSE Linux Enterprise Server 15

  • Ubuntu 16.04

  • Ubuntu 18.04

  • Ubuntu 20.04

  • Microsoft Windows

Some components of MariaDB Enterprise Server might not support all platforms. For additional information, see "MariaDB Corporation Engineering Policies".

Note

In alignment with the MariaDB Engineering Policy, this release does not include CentOS 6.x and RHEL 6.x packages.