Now
MAIN commitmail json YAML
pkgsrc/databases/mysql57-client/Makefile@1.12
/
diff
pkgsrc/databases/mysql57-client/Makefile.common@1.9 / diff
pkgsrc/databases/mysql57-client/PLIST@1.7 / diff
pkgsrc/databases/mysql57-client/distinfo@1.17 / diff
pkgsrc/databases/mysql57-client/patches/patch-client_CMakeLists.txt@1.2 / diff
pkgsrc/databases/mysql57-client/patches/patch-cmake_libutils.cmake deleted
pkgsrc/databases/mysql57-client/patches/patch-cmake_plugin.cmake@1.2 / diff
pkgsrc/databases/mysql57-client/patches/patch-libmysql_CMakeLists.txt@1.3 / diff
pkgsrc/databases/mysql57-server/Makefile@1.13 / diff
pkgsrc/databases/mysql57-server/PLIST@1.7 / diff
pkgsrc/databases/mysql57-client/Makefile.common@1.9 / diff
pkgsrc/databases/mysql57-client/PLIST@1.7 / diff
pkgsrc/databases/mysql57-client/distinfo@1.17 / diff
pkgsrc/databases/mysql57-client/patches/patch-client_CMakeLists.txt@1.2 / diff
pkgsrc/databases/mysql57-client/patches/patch-cmake_libutils.cmake deleted
pkgsrc/databases/mysql57-client/patches/patch-cmake_plugin.cmake@1.2 / diff
pkgsrc/databases/mysql57-client/patches/patch-libmysql_CMakeLists.txt@1.3 / diff
pkgsrc/databases/mysql57-server/Makefile@1.13 / diff
pkgsrc/databases/mysql57-server/PLIST@1.7 / diff
mysql57: updated to 5.7.21
MySQL 5.7.21
Audit Log Notes
* MySQL Enterprise Audit now supports compression and encryption of audit log files. Encryption is based on a user-defined password. To use this feature, the MySQL keyring must be enabled because audit logging uses it for password storage. MySQL Enterprise Audit also now supports logging in JSON format, in addition to the existing XML formats. For JSON format, functions are available that provide runtime log reading capabilities. For additional information, see MySQL Enterprise Audit.
Configuration Notes
* For RHEL, SLES, and Fedora RPMs, the default plugin directory for debug builds has been changed from /usr/lib64/mysql/plugin to /usr/lib64/mysql/plugin/debug.
* The installation scripts for MySQL Enterprise Audit and MySQL Enterprise Firewall now create their associated tables in the mysql system database as InnoDB rather than MyISAM tables.
* The hardcoded memory page size of 8KB for the memory-mapped transaction coordinator was too small for platforms such as ARM64 and PowerPC where the page size is much larger. The server now invokes a system call to get the page size of the current platform rather than using a hardcoded value. A consequence for the --log-tc-size option is that the minimum and default values are now 6 times the page size. Also, the value must be a multiple of the page size. Thanks to Alexey Kopytov for the patch.
Performance Schema Notes
* The Performance Schema setup_timers table is now deprecated, to be removed in MySQL 8.0, as is the TICK row in the performance_timers table.
Pluggable Authentication
* For the LDAP authentication plugins, handling of the group search attribute indicated by the authentication_ldap_sasl_group_search_attr and authentication_ldap_simple_group_search_attr system variables is more flexible. If the group search attribute is isMemberOf, LDAP authentication directly retrieves the user attribute isMemberOf value and assign it as group information. If the group search attribute is not isMemberOf, LDAP authentication searches for all groups where the user is a member. (The latter is the default behavior.) This behavior is based on how LDAP group information can be stored two ways: 1) A group entry can have an attribute named memberUid or member with a value that is a user name; 2) A user entry can have an attribute named isMemberOf with values that are group names.
* The LDAP authentication plugins now permit the authentication string that provides user DN information to begin with a + character. In the absence of this character, the authentication string value is treated as is without modification, as it has been previously. If the authentication string begins with +, the plugin constructs the full user DN value from the account user name as the cn attribute value, together with the authentication string (with the + removed). The authentication string is stored as given in the mysql.user system table, with the full user DN constructed on the fly before authentication.
* For the LDAP authentication plugins, the group search attribute was fixed and not configurable. Two new system variables now enable using custom group filters: authentication_ldap_sasl_group_search_filter and authentication_ldap_simple_group_search_filter.
Security Notes
* Incompatible Change: Passwords are now restricted to a maximum of 256 characters for the sha256_password authentication plugin, and for the PASSWORD() function when old_passwords=2. Also, the number of password hashing rounds is capped to limit CPU time used.
* The linked OpenSSL library for the MySQL Commercial Server has been updated to version 1.0.2n. Issues fixed in the new OpenSSL version are described at http://www.openssl.org/news/vulnerabilities.html.
* This change does not affect the Oracle-produced MySQL Community build of MySQL Server, which uses the yaSSL library instead.
* MySQL now supports key migration between underlying keyring keystores. This enables DBAs to switch a MySQL installation from one keyring plugin to another. See Migrating Keys Between Keyring Keystores.
* MySQL Enterprise Edition now includes a keyring plugin, keyring_encrypted_file, that is similar to the keyring_file plugin in its use of a local data file for key storage, but that also encrypts the file based on a user-defined password. See Using the keyring_encrypted_file Keyring Plugin.
MySQL 5.7.21
Audit Log Notes
* MySQL Enterprise Audit now supports compression and encryption of audit log files. Encryption is based on a user-defined password. To use this feature, the MySQL keyring must be enabled because audit logging uses it for password storage. MySQL Enterprise Audit also now supports logging in JSON format, in addition to the existing XML formats. For JSON format, functions are available that provide runtime log reading capabilities. For additional information, see MySQL Enterprise Audit.
Configuration Notes
* For RHEL, SLES, and Fedora RPMs, the default plugin directory for debug builds has been changed from /usr/lib64/mysql/plugin to /usr/lib64/mysql/plugin/debug.
* The installation scripts for MySQL Enterprise Audit and MySQL Enterprise Firewall now create their associated tables in the mysql system database as InnoDB rather than MyISAM tables.
* The hardcoded memory page size of 8KB for the memory-mapped transaction coordinator was too small for platforms such as ARM64 and PowerPC where the page size is much larger. The server now invokes a system call to get the page size of the current platform rather than using a hardcoded value. A consequence for the --log-tc-size option is that the minimum and default values are now 6 times the page size. Also, the value must be a multiple of the page size. Thanks to Alexey Kopytov for the patch.
Performance Schema Notes
* The Performance Schema setup_timers table is now deprecated, to be removed in MySQL 8.0, as is the TICK row in the performance_timers table.
Pluggable Authentication
* For the LDAP authentication plugins, handling of the group search attribute indicated by the authentication_ldap_sasl_group_search_attr and authentication_ldap_simple_group_search_attr system variables is more flexible. If the group search attribute is isMemberOf, LDAP authentication directly retrieves the user attribute isMemberOf value and assign it as group information. If the group search attribute is not isMemberOf, LDAP authentication searches for all groups where the user is a member. (The latter is the default behavior.) This behavior is based on how LDAP group information can be stored two ways: 1) A group entry can have an attribute named memberUid or member with a value that is a user name; 2) A user entry can have an attribute named isMemberOf with values that are group names.
* The LDAP authentication plugins now permit the authentication string that provides user DN information to begin with a + character. In the absence of this character, the authentication string value is treated as is without modification, as it has been previously. If the authentication string begins with +, the plugin constructs the full user DN value from the account user name as the cn attribute value, together with the authentication string (with the + removed). The authentication string is stored as given in the mysql.user system table, with the full user DN constructed on the fly before authentication.
* For the LDAP authentication plugins, the group search attribute was fixed and not configurable. Two new system variables now enable using custom group filters: authentication_ldap_sasl_group_search_filter and authentication_ldap_simple_group_search_filter.
Security Notes
* Incompatible Change: Passwords are now restricted to a maximum of 256 characters for the sha256_password authentication plugin, and for the PASSWORD() function when old_passwords=2. Also, the number of password hashing rounds is capped to limit CPU time used.
* The linked OpenSSL library for the MySQL Commercial Server has been updated to version 1.0.2n. Issues fixed in the new OpenSSL version are described at http://www.openssl.org/news/vulnerabilities.html.
* This change does not affect the Oracle-produced MySQL Community build of MySQL Server, which uses the yaSSL library instead.
* MySQL now supports key migration between underlying keyring keystores. This enables DBAs to switch a MySQL installation from one keyring plugin to another. See Migrating Keys Between Keyring Keystores.
* MySQL Enterprise Edition now includes a keyring plugin, keyring_encrypted_file, that is similar to the keyring_file plugin in its use of a local data file for key storage, but that also encrypts the file based on a user-defined password. See Using the keyring_encrypted_file Keyring Plugin.