Serious issue in latest MariaDB 5.5 anf 10.0 releases
Hi, packagers, MariaDB 5.5.43 and 10.0.18 unfortunately introduced a quite serious bug affecting the mysql_upgrade utility. The new REPAIR VIEW command that mysql_upgrade runs crashes the server on views that contain blob fields. So if you run mysql_upgrade on upgrade automatically and user has such blobs - there will be a crash. This is https://mariadb.atlassian.net/browse/MDEV-8115. We're releasing a fixed 10.0.19 now. But 5.5.44 release has to wait for MySQL-5.5.44 release (about a month, I'd say). If you'd like to package 5.5.43 or 10.0.18, here's a simple patch for this bug: https://github.com/MariaDB/server/commit/0014bdc7 Sorry for this. Regards, Sergei Golubchik MariaDB Security Coordinator
2015-05-08 14:31 GMT+03:00 Sergei Golubchik <serg@mariadb.org>:
We're releasing a fixed 10.0.19 now. But 5.5.44 release has to wait for MySQL-5.5.44 release (about a month, I'd say).
If you'd like to package 5.5.43 or 10.0.18, here's a simple patch for this bug: https://github.com/MariaDB/server/commit/0014bdc7
Thanks for the information. I was just about to upload 10.0.18 but now I started over by importing the 10.0.19 release. For the 5.5 series I applied the patch you provided, it seems to work well: https://github.com/ottok/mariadb-5.5/commit/66ca380f877d4a9d08151035857fd387... - Otto
On Fri, 8 May 2015 13:31:56 +0200 Sergei Golubchik <serg@mariadb.org> wrote:
Hi, packagers,
MariaDB 5.5.43 and 10.0.18 unfortunately introduced a quite serious bug affecting the mysql_upgrade utility. The new REPAIR VIEW command that mysql_upgrade runs crashes the server on views that contain blob fields. So if you run mysql_upgrade on upgrade automatically and user has such blobs - there will be a crash.
This is https://mariadb.atlassian.net/browse/MDEV-8115.
We're releasing a fixed 10.0.19 now. But 5.5.44 release has to wait for MySQL-5.5.44 release (about a month, I'd say).
If you'd like to package 5.5.43 or 10.0.18, here's a simple patch for this bug: https://github.com/MariaDB/server/commit/0014bdc7
Sorry for this.
Regards, Sergei Golubchik MariaDB Security Coordinator
_______________________________________________ packagers mailing list packagers@mariadb.org https://lists.askmonty.org/cgi-bin/mailman/listinfo/packagers
I have pushed patched MariaDB 10.0.18 to Arch repositories when I saw your message, because I couldn't find a mirror with 10.0.19 tarball back then. I'll schedule upgrade to 10.0.19 for later. Cheers, Bartłomiej
participants (3)
-
Bartłomiej Piotrowski -
Otto Kekäläinen -
Sergei Golubchik