- 5.2 Key changes in MySQL 5.1 releases
- 5.2.1 Changes in MySQL 5.1.63 (07 May 2012)
- 5.2.2 Changes in MySQL 5.1.62 (21 March 2012)
- 5.2.3 Changes in MySQL 5.1.59 (15 September 2011)
- 5.2.4 Changes in MySQL 5.1.56 (01 March 2011)
- 5.2.5 Changes in MySQL 5.1.55 (07 February 2011)
- 5.2.6 Changes in MySQL 5.1.54 (26 November 2010)
- 5.2.7 Changes in MySQL 5.1.53 (03 November 2010)
- 5.2.8 Changes in MySQL 5.1.52sp1 [QSP] (21 February 2011)
- 5.2.9 Changes in MySQL 5.1.52 (11 October 2010)
- 5.2.10 Changes in MySQL 5.1.51 (10 September 2010)
- 5.2.11 Changes in MySQL 5.1.50 (03 August 2010)
- 5.2.12 Changes in MySQL 5.1.49 (09 July 2010)
- 5.2.13 Changes in MySQL 5.1.48 (02 June 2010)
- 5.2.14 Changes in MySQL 5.1.47 (06 May 2010)
- 5.2.15 Changes in MySQL 5.1.46sp1 [QSP] (23 June 2010)
- 5.2.16 Changes in MySQL 5.1.46 (06 April 2010)
- 5.2.17 Changes in MySQL 5.1.43 (15 January 2010)
- 5.2.18 Changes in MySQL 5.1.41 (05 November 2009)
- 5.2.19 Changes in MySQL 5.1.40 (06 October 2009)
- 5.2.20 Changes in MySQL 5.1.37 (13 July 2009)
- 5.2.21 Changes in MySQL 5.1.36 (16 June 2009)
- 5.2.22 Changes in MySQL 5.1.32 (14 February 2009)
- 5.2.23 Changes in MySQL 5.1.31sp1 [QSP] (19 March 2009)
- 5.2.24 Changes in MySQL 5.1.29 (11 October 2008)
- 5.2.25 Changes in MySQL 5.1.28 (28 August 2008)
- 5.2.26 Changes in MySQL 5.1.23 (29 January 2008)
- 5.2.27 Changes in MySQL 5.1.21 (16 August 2007)
- 5.2.28 Changes in MySQL 5.1.20 (25 June 2007)
- 5.2.29 Changes in MySQL 5.1.19 (25 May 2007)
- 5.2.30 Changes in MySQL 5.1.18 (08 May 2007)
- 5.2.31 Changes in MySQL 5.1.17 (04 April 2007)
- 5.2.32 Changes in MySQL 5.1.16 (26 February 2007)
- 5.2.33 Changes in MySQL 5.1.15 (25 January 2007)
- 5.2.34 Changes in MySQL 5.1.14 (05 December 2006)
- 5.2.35 Changes in MySQL 5.1.13 (Not released)
- 5.2.36 Changes in MySQL 5.1.12 (24 October 2006)
This is a Service Pack release of the MySQL Enterprise Server 5.1.
If you intend to use the plugin version of
InnoDB, we recommend that you use
MySQL 5.1.48 or later instead of 5.1.46sp1. This is because
5.1.46sp1 contains the first production-ready version and the
later version has fixes for some of the bugs found during more
widespread production use.
Bugs Fixed
-
Security Fix: The server failed to check the table name argument of a
COM_FIELD_LISTcommand packet for validity and compliance to acceptable table name standards. This could be exploited to bypass almost all forms of checks for privileges and table-level grants by providing a specially crafted table name argument toCOM_FIELD_LIST.In MySQL 5.0 and above, this permitted an authenticated user with
SELECTprivileges on one table to obtain the field definitions of any table in all other databases and potentially of other MySQL instances accessible from the server's file system.Additionally, for MySQL version 5.1 and above, an authenticated user with
DELETEorSELECTprivileges on one table could delete or read content from any other table in all databases on this server, and potentially of other MySQL instances accessible from the server's file system. (Bug #53371, CVE-2010-1848) Security Fix: The server could be tricked into reading packets indefinitely if it received a packet larger than the maximum size of one packet. (Bug #50974, CVE-2010-1849)
Security Fix: The server was susceptible to a buffer-overflow attack due to a failure to perform bounds checking on the table name argument of a
COM_FIELD_LISTcommand packet. By sending long data for the table name, a buffer is overflown, which could be exploited by an authenticated user to inject malicious code. (Bug #53237, CVE-2010-1850)
