Release Notes for MariaDB Enterprise Server 10.5.8-5

Overview

This fifth release of MariaDB Enterprise Server 10.5 is a maintenance release. This release includes security fixes.

MariaDB Enterprise Server 10.5.8-5 was released on 2020-12-14.

Fixed Security Vulnerabilities

CVE (with cve.org link)

CVSS base score

CVE-2020-14765

6.5

CVE-2022-21427

4.9

CVE-2020-14812

4.9

CVE-2020-14789

4.9

CVE-2020-14776

4.9

CVE-2020-28912

N/A (Critical)#1

#1:

MariaDB CVEs are assigned a word rating instead of a CVSS base score. See the MariaDB Engineering Policy for details.

Notable Changes

  • A new privilege REPLICA MONITOR has been introduced with this version to fix a problem when upgrading to 10.5. A replica user couldn't run SHOW REPLICA STATUS. Upgrades from 10.4 to 10.5 now adjust the privileges automatically. The new privilege needs to be added manually for a replica user when updating from an earlier 10.5 version. For more information on MariaDB Enterprise Server 10.5 privileges, see "Privileges Comparison ES10.4 and ES10.5.8-5".

    • Users of MariaDB MaxScale's MariaDB Monitor upgrading from a prior version of MariaDB Enterprise Server 10.5 who have used the new 10.5 privileges must ensure the updated privilege has been granted to the MaxScale user and Replication user. For detailed privilege information, see Configuring MariaDB Monitor's User Account.

  • Galera wsrep library updated to 26.4.6 in MariaDB Enterprise Cluster.

  • The audit plugin (not MariaDB Enterprise Audit) did not log proxy users. The new plugin version 2.0.3 introduces an event sub-type PROXY_CONNECT for event type CONNECT. (MDEV-19443)

    • On connect, if a proxy user is used, an extra line will be logged: TIME,HOSTNAME,user,localhost,ID,0,PROXY_CONNECT,test,plug_dest@%,0

  • Better MariaDB GTID support for the mariabackup --slave-info option. (MDEV-19264)

  • New global InnoDB variable innodb_max_purge_lag_wait (MDEV-16952)

  • The new parameter --include-unsupported for the script mariadb_es_repo_setup can be used to enable a repository of unsupported packages in the repository configuration. The repository currently includes the CONNECT Storage Engine. The storage engine can be installed by yum install MariaDB-connect-engine or apt-get install mariadb-plugin-connect-engine (MENT-1003)

  • MariaDB Enterprise Audit did not log proxy users. The new plugin version 2.0.3 introduces an event sub-type PROXY_CONNECT for event type CONNECT. (MENT-977)

    • On connect, if a proxy user is used, an extra line will be logged: TIME,HOSTNAME,user,localhost,ID,0,PROXY_CONNECT,test,plug_dest@%,0

    • The event type can also be used in filters "connect_event": ["CONNECT","DISCONNECT","PROXY_CONNECT"]

  • Performance improvements for comparisons of temporal data types with temporal literals. (MDEV-23551)

  • Performance improvements for comparisons of temporal data types. (MDEV-23537)

  • For MariaDB Enterprise Server on MS Windows, NTFS file metadata on NTFS is not flushed anymore, reducing the write workload I/O. (MDEV-24037)

  • Improved write performance for InnoDB. (MDEV-23855, MDEV-23399)

  • The S3 storage engine now allows you to specify a port (--s3-port) to connect to and to force to use HTTP (--s3-use-http). So it is now possible to connect to other solutions which provide the same open API used for Amazon S3. (MDEV-23662)

  • Performance improvements for conversions from temporal data types to string. (MDEV-23568)

  • Performance improvements for handling numeric data. (MDEV-23478)

  • Default changed from 1 to 0 for command line option --temp-pool. Benchmarking showed that the old default causes a heavy mutex contention. (MDEV-22278)

Issues Fixed

Can result in data loss

  • Data corruption possible for encrypted InnoDB tables if the non-default option innodb_background_scrub_data_uncompressed=ON is used. (MENT-910)

  • Temporary tables created by the user or the system can overwrite existing files on creation. (MDEV-23569)

  • Table can disappear after ALTER TABLE command if SET FOREIGN_KEY_CHECKS=0 is used before altering a child table to remove a primary key. (MDEV-22934)

  • Server crashes on an instant ALTER TABLE .. MODIFY of a column from "not null" to "null". A virtual column must exist in the table. (MDEV-23672)

  • One instant ALTER TABLE including multiple RENAME for indexes can corrupt the index cache. (MDEV-23356)

  • DELETE .. FOR PORTION OF statement accepts non-constant FROM .. TO clause. This contradicts the documentation and is inconsistent with the behavior of the UPDATE statement. (MDEV-22596)

  • Change buffer corruption when reallocating a recently freed page. (MDEV-23973)

  • S3 storage engine delayed replication can drop a table when running a master-replica setup where both master and replica are pointed at the same S3 storage. (MDEV-23691)

  • An UPDATE which is changing multiple rows can result in corrupted data if a WITHOUT OVERLAPS key will be modified. (MDEV-22714)

  • Memory corruption for tables using a column of type BIT in a WITHOUT OVERLAPS key. (MDEV-22608)

Can result in a hang or crash

Can result in unexpected behavior

Changes in Storage Engines

Interface Changes

Platforms

In alignment to the enterprise lifecycle, MariaDB Enterprise Server 10.5.8-5 is provided for:

  • CentOS 7

  • CentOS 8

  • Debian 9

  • Debian 10

  • Red Hat Enterprise Linux 7

  • Red Hat Enterprise Linux 8

  • SUSE Linux Enterprise Server 12

  • SUSE Linux Enterprise Server 15

  • Ubuntu 16.04

  • Ubuntu 18.04

  • Ubuntu 20.04

  • Microsoft Windows

Some components of MariaDB Enterprise Server might not support all platforms. For additional information, see "MariaDB Corporation Engineering Policies".