mysqldump --xml now displays comments from column definitions. (Bug #13618, Bug #11745324)

Security Fix: A security bug was fixed. (Bug #36544)

InnoDB: InnoDB returned values for “rows examined” in the query plan that were higher than expected. NULL values were treated in an inconsistent way. The inaccurate statistics could trigger “false positives” in combination with the max_join_size setting, because the queries did not really examine as many rows as reported.

A new configuration option innodb_stats_method lets you specify how NULL values are treated when calculating index statistics. Allowed values are nulls_equal (the default), nulls_unequal and null_ignored. The meanings of these values are similar to those of the myisam_stats_method option. (Bug #30423)

Partitioning: Trying to use the same column more than once in the partitioning key when partitioning a table by KEY caused mysqld to crash. Such duplication of key columns is now expressly disallowed, and fails with an appropriate error. (Bug #53354, Bug #57924)

Replication: When using the statement-based logging format, INSERT ON DUPLICATE KEY UPDATE and INSERT IGNORE statements affecting transactional tables that did not fail were not written to the binary log if they did not insert any rows. (With statement-based logging, all successful statements should be logged, whether they do or do not cause any rows to be changed.) (Bug #59338, Bug #11766266)

Replication: Formerly, STOP SLAVE stopped the slave I/O thread first and then stopped the slave SQL thread; thus, it was possible for the I/O thread to stop after replicating only part of a transaction which the SQL thread was executing, in which case—if the transaction could not be rolled back safely—the SQL thread could hang.

Now, STOP SLAVE stops the slave SQL thread first and then stops the I/O thread; this guarantees that the I/O thread can fetch any remaining events in the transaction that the SQL thread is executing, so that the SQL thread can finish the transaction if it cannot be rolled back safely. (Bug #58546, Bug #11765563)

When using ExtractValue() or UpdateXML(), if the XML to be read contained an incomplete XML comment, MySQL read beyond the end of the XML string when processing, leading to a crash of the server. (Bug #44332, Bug #11752979)

When mysqladmin was run with the --sleep and --count options, it went into an infinite loop executing the specified command. (Bug #58221, Bug #11765270)

mysqlslap failed to check for a NULL return from mysql_store_result() and crashed trying to process the result set. (Bug #59109, Bug #11766074)

DELETE or UPDATE statements could fail if they used DATE or DATETIME values with a year, month, or day part of zero. (Bug #59173)

In debug builds, SUBSTRING_INDEX(FORMAT(...), FORMAT(...)) could cause a server crash. (Bug #58371, Bug #11765406)

The ESCAPE clause for the LIKE operator permits only expressions that evaluate to a constant at execution time, but aggregate functions were not being rejected. (Bug #59149, Bug #11766110)

The mysql client went into an infinite loop if the standard input was a directory. (Bug #57450, Bug #11764598)

The expression const1 BETWEEN const2 AND field was optimized incorrectly and produced incorrect results. (Bug #57030, Bug #11764215)

A query of the following form returned an incorrect result, where the values for col_name in the result set were entirely replaced with NULL values:

SELECT DISTINCT col_name ... ORDER BY col_name DESC;

(Bug #59308, Bug #11766241)

Memory leaks detected by Valgrind, some of which could cause incorrect query results, were corrected. (Bug #59110, Bug #11766075)

Some string-manipulating SQL functions use a shared string object intended to contain an immutable empty string. This object was used by the SQL function SUBSTRING_INDEX() to return an empty string when one argument was of the wrong data type. If the string object was then modified by the SQL function INSERT(), undefined behavior ensued. (Bug #58165, Bug #11765225)

Some RPM installation scripts used a hardcoded value for the data directory, which could result in a failed installation for users who have a nonstandard data directory location. The same was true for other configuration values such as the PID file name. (Bug #56581, Bug #11763817)

On FreeBSD and OpenBSD, the server incorrectly checked the range of the system date, causing legal values to be rejected. (Bug #55755, Bug #11763089)

Parsing nested regular expressions could lead to recursion resulting in a stack overflow crash. (Bug #58026, Bug #11765099)