-
The linked OpenSSL library for Connector/Python Commercial has been updated to version 1.0.1q. Issues fixed in the new OpenSSL version are described at http://www.openssl.org/news/vulnerabilities.html.
This change does not affect Oracle-produced MySQL Community builds of Connector/Python, which use the yaSSL library instead. The change also does not affect connections made using any pure-Python implementation of Connector/Python, for which the version of OpenSSL used is whatever is installed on the system.
Connector/Python failed to establish connections using the cleartext client-side authentication plugin for accounts using the PAM server-side authentication plugin. Thanks to Daniël van Eeden for the patch. (Bug #22873551, Bug #80609)
A potential SQL injection vector was eliminated. (Bug #22529828, Bug #24816150, Bug #19487642, Bug #73611)
Connections made using the C Extension failed when the
ssl_ca
parameter was given withoutssl_cert
andssl_key
. (Bug #21879914, Bug #79835, Bug #22494320)-
For connections made with
consume_results=True
,consume_results
was reset toFalse
aftercallproc()
execution failure. (Bug #21879859)References: This issue is a regression of: Bug #21492815.
In connections for which
compress=True
,LOAD DATA LOCAL
statements produced “Packets out of error” errors. (Bug #21449996)-
Attempts to insert Python
ByteArray
data into binary table columns failed.Update: this was fixed in the Python implementation of Connector/Python, but not in the c-extension until v8.0.29. (Bug #77822, Bug #21498719)