Documentation Home
MySQL 5.5 Release Notes
Related Documentation Download these Release Notes
PDF (US Ltr) - 1.7Mb
PDF (A4) - 1.7Mb


MySQL 5.5 Release Notes  /  Changes in MySQL 5.5.49 (2016-04-11, General Availability)

Changes in MySQL 5.5.49 (2016-04-11, General Availability)

Security Notes

  • MySQL client programs now support an --ssl-mode option that enables you to specify the security state of the connection to the server. If the option is not specified, the default value is DISABLED (establish an unencrypted connection). --ssl-mode=REQUIRED can be specified to require an encrypted connection, or fail if an encrypted connection cannot be obtained.

    These clients support --ssl-mode: mysql, mysqladmin, mysqlcheck, mysqldump, mysqlimport, mysqlshow, mysqlpump, mysqlslap, mysqltest, mysql_upgrade.

    For more information, see Command Options for Encrypted Connections.

    Note

    In MySQL 5.7 and higher, the C client library provides native support for requiring encrypted connections: call the mysql_options() C API function, passing the MYSQL_OPT_SSL_MODE option with a value of SSL_MODE_REQUIRED. In MySQL 5.5, the client library provides no such support because doing so would break binary compatibility with previous library versions within the series. Clients that require encrypted connections must implement the logic themselves.

    To require encrypted connections in MySQL 5.5, the standard MySQL client programs use this technique: If --ssl-mode=REQUIRED was specified, the client program turns on SSL, connects to the server, and checks whether the resulting connection is encrypted. If not, the client exits with an error. Third-party applications that must be able to require encrypted connections can use the same technique. For details, see mysql_ssl_set().

Bugs Fixed

  • InnoDB: Running REPLACE operations on multiple connections resulted in a hang. (Bug #22530768, Bug #79185)

  • Replication: The test case main.merge failed when the variables binlog_format was set to ROW, as the server tried to get information for table creation for a child table before it was opened. With this fix, the server skips getting information for the table in the situation. (Bug #20574550, Bug #75976)

  • MySQL did not build with GCC 5. (Bug #22680706)

  • The System-V initialization script for RHEL6 or older failed to enable the mysqld service by default. (Bug #22600974)

  • Improper host name checking in X509 certificates could permit man-in-the-middle attacks. (Bug #22295186, Bug #22738607)

  • A boolean mode full-text search caused a segmentation fault. (Bug #22176795)

  • Concurrent selecting and flushing of a FEDERATED table while killing connections accessing it could result in a server exit. (Bug #21918190)

  • Executing GRANT PROXY statements after altering the definition of the mysql.user system table could result in a server exit. (Bug #21699037)

  • Certain error messages included part of the SQL statement that produced them, possibly exposing data. (Bug #21682356)

  • Character set conversion operations on NULL parameters to prepared statements could cause a server exit. (Bug #18823979)

  • CREATE TABLE ... SELECT could create a table with a column of type NULL, which when accessed caused a server exit. (Bug #14021323, Bug #23280699)

  • For INSERT and UPDATE operations that caused FOREIGN KEY constraint violations, errors were reported rather than warnings when the IGNORE keyword was used. (Bug #78853, Bug #22037930)

    References: See also: Bug #23135731.

  • Processlist state information was not updated correctly for LOAD DATA INFILE and could show a state different from executing. (Bug #69375, Bug #16912362)