MariaDB 10.3.15 releases: bug & security fixes

MariaDB

The MariaDB database server is published as free and open source software under the General Public License version 2. MariaDB is designed as a drop-in replacement of MySQL(R) with more features, new storage engines, fewer bugs, and better performance.

MariaDB

MariaDB 10.3.15 has been released.

Changelog

General server

  • MDEV-17894 – Assertion `(thd->lex)->current_select' failed in MYSQLparse(), query with VALUES()
  • MDEV-18968 – Both (WHERE 0.1) and (WHERE NOT 0.1) return empty set
  • MDEV-18466 – Unsafe to log updates on tables referenced by foreign keys with triggers in statement format
  • MDEV-18899 – Server crashes in Field::set_warning_truncated_wrong_value
  • MDEV-18298 – Crashes server with segfault during role grants
  • MDEV-17610 – Unexpected connection abort after certain operations from within stored procedure
  • MDEV-19112 – WITH clause does not work with information_schema as default database
  • MDEV-17830 – Server crashes in Item_null_result::field_type upon SELECT with CHARSET(date) and ROLLUP
  • MDEV-14041 – Server crashes in String::length on queries with functions and ROLLUP
  • MDEV-18920 – Prepared statements with st_convexhull hang and eat 100% cpu.
  • MDEV-15837 – Assertion item1->type() == Item::FIELD_ITEM && item2->type() == Item::FIELD_ITEM
  • MDEV-9531 – GROUP_CONCAT with ORDER BY inside takes a lot of memory while it’s executed
  • MDEV-17036 – BULK with replace doesn’t take the first parameter in account
  • Bug#28986737 – RENAMING AND REPLACING MYSQL.USER TABLE CAN LEAD TO A SERVER CRASH
  • MDEV-19350 – Server crashes in delete_tree_element / ... / Item_func_group_concat::repack_tree
  • MDEV-19188 – Server Crash When Using a Trigger With A Number of Virtual Columns on INSERT/UPDATE
  • MDEV-19352 – Server crash in alloc_histograms_for_table_share upon query from information schema

InnoDB

Encryption

  • MDEV-14398 – innodb_encrypt_tables will work even with innodb_encryption_rotate_key_age=0

Protocol

  • MDEV-17036 – BULK with replace doesn’t take the first parameter in account

Replication

  • MDEV-14784 – Slave crashes in show_status_array upon running a trigger with select from I_S

Mariabackup

  • MDEV-19060 – mariabackup continues, despite failing to open a tablespace

Packaging & Misc

Security

  • MDEV-18686 – Add option to PAM authentication plugin to allow case insensitive username matching
  • bugfix – multi-update checked privileges on views incorrectly (commit 5057d4637525eadad438d25ee6a4870a4e6b384c)
  • MDEV-19276 – during connect, write error log warning for ER_DBACCESS_DENIED_ERROR, if log_warnings > 1
  • MDEV-17456 – Malicious SUPER user can possibly change audit log configuration without leaving traces.

Download