This is a Service Pack release of the MySQL Enterprise Server 5.0.
This section documents all changes and bugfixes that have been applied since the last MySQL Enterprise Server release (5.0.66a).
If you would like to receive more fine-grained and personalized update alerts about fixes that are relevant to the version and features you use, please consider subscribing to MySQL Enterprise (a commercial MySQL offering). For more details please see http://www.mysql.com/products/enterprise/advisors.html.
Security Enhancement: To enable stricter control over the location from which user-defined functions can be loaded, the
plugin_dirsystem variable has been backported from MySQL 5.1. If the value is nonempty, user-defined function object files can be loaded only from the directory named by this variable. If the value is empty, the behavior that is used prior to the inclusion of
plugin_dirapplies: The UDF object files must be located in a directory that is searched by your system's dynamic linker.
If the plugin directory is writable by the server, it may be possible for a user to write executable code to a file in the directory using
SELECT ... INTO DUMPFILE. This can be prevented by making
plugin_dirread only to the server or by setting
--secure-file-privto a directory where
SELECTwrites can be made safely. (Bug #37428)
Security Fix; Important Change: It was possible to circumvent privileges through the creation of
MyISAMtables employing the
INDEX DIRECTORYoptions to overwrite existing table files in the MySQL data directory. Use of the MySQL data directory in
INDEX DIRECTORYpath name is no longer permitted.
Additional corrections were made to handle the data directory path name if it contains symlinked directories in its path, and to make the check both at table-creation time and at table-opening time later. (Bug #32167, CVE-2008-2079)
References: See also Bug #39277.
Security Enhancement: The server consumed excess memory while parsing statements with hundreds or thousands of nested boolean conditions (such as
OR (OR ... (OR ... ))). This could lead to a server crash or incorrect statement execution, or cause other client statements to fail due to lack of memory. The latter result constitutes a denial of service. (Bug #38296)