Changes & Improvements in MariaDB 10.3
- Implemented Features
- Security Vulnerabilities Fixed in MariaDB 10.3
- Comparison with MySQL
- List of All MariaDB 10.3 Releases
- See Also
MariaDB 10.3 is a previous major stable version. The first stable release was in May 2018, and it will be maintained until May 2023.
MariaDB Server 10.3 is included in MariaDB TX 3.0. Watch the webinar recording to learn more about the new features included in this release.
The following lists the major new features in MariaDB 10.3:
Syntax / General Features
- System-versioned tables (also known as AS OF) (MDEV-12894)
- Table Value Constructors (MDEV-12172) — GSoC 2017 project by Galina Shalygina
- Transform [NOT] IN predicate with long list of values INTO [NOT] IN subquery (MDEV-12176) — GSoC 2017 project by Galina Shalygina
- ROW TYPE OF now supports local SP variables (MDEV-14139)
- Aggregate stored functions (MDEV-7773) — GSoC 2016 project by Varun Gupta
- Support for LIMIT clause in GROUP_CONCAT() (MDEV-11297)
- PERCENTILE_CONT, PERCENTILE_DISC, and MEDIAN window functions (MDEV-12985)
- FOR ... END FOR statement (MDEV-14415)
- XA RECOVER FORMAT='SQL' (MDEV-14593)
- Oracle compatible SUBSTR() function (MDEV-14012) — contribution by Jérôme Brauge
- INVISIBLE columns (MDEV-10177) — GSoC 2016 project by Sachin Setiya
- Various scalability improvements (MDEV-14529, MDEV-14505)
- Sequences can now be used with DEFAULT.
- Semi-sync plugin merged into the server (MDEV-13073) — contribution by Alibaba
- CREATE SEQUENCE (MDEV-10139)
- SHOW CREATE SEQUENCE
- ALTER SEQUENCE
- DROP SEQUENCE
- NEXT VALUE FOR
- PREVIOUS VALUE FOR
- INTERSECT and EXCEPT. These are both now reserved words and can no longer be used as an identifier without being quoted (MDEV-10141)
- ROW data type for stored routine variables (MDEV-10914, MDEV-12007, MDEV-12291)
- TYPE OF and ROW TYPE OF anchored data types for stored routine variables (MDEV-12461)
- Cursors with parameters (MDEV-12457)
- DDL Fast Fail - WAIT/NOWAIT (MDEV-11379, MDEV-11388)
- CHR() function (MDEV-12685)
- DELETE statement can delete from the table that is used in a subquery in the
- Stored routine parameters can use ROW TYPE OF (MDEV-13581)
- The server now supports the PROXY protocol - see also the new proxy_protocol_networks system variable (MDEV-11159)
- Instant ADD COLUMN (MDEV-11369) — Tencent Game DBA Team, developed by vinchen.
- UPDATE statements with the same source and target (MDEV-12874) — from Jerome Brauge.
- ORDER BY and LIMIT in multi-table update (MDEV-13911)
- DATE_FORMAT(date, format, locale) - 3 argument form of DATE_FORMAT (MDEV-11553)
- The MariaDB SQL/PL stored procedure dialect (enabled with sql_mode=ORACLE) now supports Oracle style packages. Support for the following statements has been added (MDEV-10591):
- New sql_mode
SIMULTANEOUS_ASSIGNMENTto make the SET part of the UPDATE statement evaluate all assignments simultaneously, not left-to-right.
- Correctness improvement - TRUNCATE honors transactional locks (MDEV-15061)
- Windows binaries now use high-precision timer when available (MDEV-15694). This makes much less probable for two queries to have the same
CURRENT_TIMESTAMP(6)value, for example.
- Two new ALTER TABLE ... ALGORITHM options, INSTANT and NOCOPY, which allow operations that would require any data files to be modified, or that would require rebuilding the clustered index respectively, to be refused rather than potentially perform slowly (MDEV-13134)
- As a result of implementing Table Value Constructors, the VALUES function has been renamed to VALUE() (MDEV-12172)
- When running with sql_mode=ORACLE, the server now understands a subset of Oracle's PL/SQL language instead of the traditional MariaDB syntax for stored routines. See MDEV-10142, MDEV-10764 and SQL_MODE=ORACLE From MariaDB 10.3 to know the current status.
- New sql_mode, EMPTY_STRING_IS_NULL.
- INTERSECT and EXCEPT are both now reserved words and can no longer be used as an identifier without being quoted (MDEV-10141)
- Functions that used to only return 64-bit now can return 32-bit results (MDEV-12619).
- Storage-engine Independent Column Compression (MDEV-11371) — Tencent Game DBA Team, developed by willhan, also thanks to AliSQL.
- On Linux, shrink the core dumps by omitting the InnoDB buffer pool (MDEV-10814)
- Temporary files created by merge sort and row log are encrypted if innodb_encrypt_log is set to
1, regardless of whether the table encrypted or not (MDEV-12634).
- Condition pushdown through
PARTITION BYclause of window functions (MDEV-10855)
- New Lateral Derived optimization was introduced.
- Numerous performance improvements for high-concurrency load
- Numerous scalability and performance improvements to global data structures, including MDEV-14756, MDEV-15019, MDEV-14482, MDEV-15059, MDEV-15104
- Performance improvements to persistent data structures: MDEV-15090, MDEV-15132
- innodb_fast_shutdown now has a new mode,
3, which skips the rollback of connected transactions (MDEV-15832)
The Spider storage engine has been updated to 3.3.13. The partitioning storage engine has been updated to support all the new Spider features including:
- Direct join support. This allows Spider to do JOINS and GROUP BYs internally.
- Direct update and delete.
- Direct aggregates.
- slave_transaction_retry_errors and slave-transaction-retry-interval allow more control over handling delays or conflicts when applying binary logs.
Most of the features were done as part of MDEV-7698.
- Numerous improvements for the partition engine (MDEV-7698) — contribution by Kentoku Shiba
- Full text support.
- Multi-range-read (Gives better performance when handling multiple ranges).
- Support for condition pushdown.
- HANDLER support
- Aggregate pushdown
- Bulk update/delete
- The Information Schema is optimized to use much less memory when selecting from INFORMATION_SCHEMA.TABLES or any other table with many VARCHAR or TEXT columns (MDEV-14275)
- The Information Schema Columns table now displays system versioning info in the EXTRA column - MDEV-15062
- Disable logging of certain statements to the general log or the slow query log with the log_disabled_statements and log_slow_disabled_statements system variables.
- A new option to log_slow_filter,
- Per-engine mysql.gtid_slave_pos tables (MDEV-12179) — Implemented by Kristian Nielsen funded by Booking.com.
Data Type API
10.3 continues refactoring for the data type API started in 10.2, which will make it possible to have user data type plugins. This work is still in progress (see MDEV-4912 for the current status and subtasks). Most of the task in this category do not change the server behavior. Some tasks do have a visible effect.
Connections with idle transactions can be automatically killed after a specified time period by means of the idle_transaction_timeout, idle_readonly_transaction_timeout and idle_write_transaction_timeout system variables.
- New system variable gtid_pos_auto_engines.
- New system variable secure_timestamp for restricting the direct setting of a session timestamp (MDEV-15923)
- session variables tracking is enabled by default (MDEV-11825)
- Remove deprecated variables innodb_file_format, innodb_file_format_check, innodb_file_format_max and innodb_large_prefix.
- version_source_revision - permits seeing which version of the source was used for the build (MDEV-12583).
- Added bind_address as a system variable (MDEV-12542).
- The max value of the max_prepared_stmt_count system variable has been increased from 1048576 to 4294967295
- The proxy_protocol_networks variable can now be modified without restarting the server (MDEV-15501)
Security Vulnerabilities Fixed in MariaDB 10.3
For a complete list of security vulnerabilities (CVEs) fixed across all versions of MariaDB, see the Security Vulnerabilities Fixed in MariaDB page.
- CVE-2022-32091: MariaDB 10.3.36
- CVE-2022-32088: MariaDB 10.3.35
- CVE-2022-32087: MariaDB 10.3.35
- CVE-2022-32085: MariaDB 10.3.35
- CVE-2022-32084: MariaDB 10.3.36
- CVE-2022-32083: MariaDB 10.3.35
- CVE-2022-31624: MariaDB 10.3.32
- CVE-2022-27458: MariaDB 10.3.35
- CVE-2022-27456: MariaDB 10.3.35
- CVE-2022-27452: MariaDB 10.3.35
- CVE-2022-27449: MariaDB 10.3.35
- CVE-2022-27448: MariaDB 10.3.35
- CVE-2022-27447: MariaDB 10.3.35
- CVE-2022-27445: MariaDB 10.3.35
- CVE-2022-27387: MariaDB 10.3.35
- CVE-2022-27386: MariaDB 10.3.35
- CVE-2022-27385: MariaDB 10.3.32
- CVE-2022-27384: MariaDB 10.3.35
- CVE-2022-27383: MariaDB 10.3.35
- CVE-2022-27381: MariaDB 10.3.35
- CVE-2022-27380: MariaDB 10.3.35
- CVE-2022-27379: MariaDB 10.3.35
- CVE-2022-27378: MariaDB 10.3.35
- CVE-2022-27377: MariaDB 10.3.35
- CVE-2022-27376: MariaDB 10.3.35
- CVE-2022-24052: MariaDB 10.3.33
- CVE-2022-24051: MariaDB 10.3.33
- CVE-2022-24050: MariaDB 10.3.33
- CVE-2022-24048: MariaDB 10.3.33
- CVE-2022-21595: MariaDB 10.3.33
- CVE-2022-21451: MariaDB 10.3.29
- CVE-2022-21427: MariaDB 10.3.35
- CVE-2022-0778: MariaDB 10.3.33
- CVE-2021-46669: MariaDB 10.3.35
- CVE-2021-46668: MariaDB 10.3.34
- CVE-2021-46667: MariaDB 10.3.32
- CVE-2021-46666: MariaDB 10.3.30
- CVE-2021-46665: MariaDB 10.3.34
- CVE-2021-46664: MariaDB 10.3.34
- CVE-2021-46663: MariaDB 10.3.34
- CVE-2021-46662: MariaDB 10.3.32
- CVE-2021-46661: MariaDB 10.3.34
- CVE-2021-46659: MariaDB 10.3.33
- CVE-2021-46658: MariaDB 10.3.31
- CVE-2021-46657: MariaDB 10.3.30
- CVE-2021-35604: MariaDB 10.3.32
- CVE-2021-27928: MariaDB 10.3.28
- CVE-2021-2389: MariaDB 10.3.31
- CVE-2021-2372: MariaDB 10.3.31
- CVE-2021-2194: MariaDB 10.3.26
- CVE-2021-2166: MariaDB 10.3.29
- CVE-2021-2154: MariaDB 10.3.29
- CVE-2021-2144: MariaDB 10.3.19
- CVE-2021-2022: MariaDB 10.3.24
- CVE-2021-2007: MariaDB 10.3.17
- CVE-2020-2922: MariaDB 10.3.17
- CVE-2020-28912: MariaDB 10.3.26
- CVE-2020-2814: MariaDB 10.3.23
- CVE-2020-2812: MariaDB 10.3.23
- CVE-2020-2780: MariaDB 10.3.19
- CVE-2020-2760: MariaDB 10.3.23
- CVE-2020-2752: MariaDB 10.3.23
- CVE-2020-2574: MariaDB 10.3.22
- CVE-2020-15180: MariaDB 10.3.25
- CVE-2020-14812: MariaDB 10.3.26
- CVE-2020-14789: MariaDB 10.3.26
- CVE-2020-14776: MariaDB 10.3.26
- CVE-2020-14765: MariaDB 10.3.26
- CVE-2020-13249: MariaDB 10.3.23
- CVE-2019-2974: MariaDB 10.3.19
- CVE-2019-2938: MariaDB 10.3.19
- CVE-2019-2805: MariaDB 10.3.17
- CVE-2019-2758: MariaDB 10.3.17
- CVE-2019-2740: MariaDB 10.3.17
- CVE-2019-2739: MariaDB 10.3.17
- CVE-2019-2737: MariaDB 10.3.17
- CVE-2019-2628: MariaDB 10.3.15
- CVE-2019-2627: MariaDB 10.3.15
- CVE-2019-2614: MariaDB 10.3.15
- CVE-2019-2537: MariaDB 10.3.13
- CVE-2019-2510: MariaDB 10.3.13
- CVE-2019-2503: MariaDB 10.3.10
- CVE-2018-3284: MariaDB 10.3.11
- CVE-2018-3282: MariaDB 10.3.11
- CVE-2018-3277: MariaDB 10.3.11
- CVE-2018-3251: MariaDB 10.3.11
- CVE-2018-3200: MariaDB 10.3.11
- CVE-2018-3185: MariaDB 10.3.11
- CVE-2018-3174: MariaDB 10.3.11
- CVE-2018-3173: MariaDB 10.3.11
- CVE-2018-3162: MariaDB 10.3.11
- CVE-2018-3156: MariaDB 10.3.11
- CVE-2018-3143: MariaDB 10.3.11
- CVE-2018-3066: MariaDB 10.3.9
- CVE-2018-3064: MariaDB 10.3.9
- CVE-2018-3063: MariaDB 10.3.9
- CVE-2018-3060: MariaDB 10.3.9
- CVE-2018-3058: MariaDB 10.3.9
- CVE-2018-25032: MariaDB 10.3.36
- CVE-2016-9843: MariaDB 10.3.11
Comparison with MySQL
- System Variable Differences Between MariaDB 10.3 and MySQL 8.0
- Function Differences Between MariaDB 10.3 and MySQL 8.0
- System Variable Differences Between MariaDB 10.3 and MySQL 5.7
- Function Differences Between MariaDB 10.3 and MySQL 5.7