The validate_password plugin now supports the capability of rejecting passwords that match the current session user name, either forward or in reverse. To enable control over this capability, the plugin exposes a validate_password_check_user_name system variable. By default, this variable is disabled; the default will change to enabled in MySQL 8.0. For more information, see Password Validation Plugin Options and Variables. (WL #9480)

In mysql-test-run.pl, a limit of 50 was imposed on the number of workers for parallel testing, which on systems with more than 50 CPUs resulted in exhaustion of unique thread IDs. The ID-exhaustion problem has been corrected, and the limit of 50 on number of workers has been lifted. Thanks to Daniel Black for the patch on which this change was based. Additionally, these changes were made:

(Bug #22342399, Bug #79585)

InnoDB: A new dynamic configuration option, innodb_deadlock_detect, may be used to disable deadlock detection. On high concurrency systems, deadlock detection can cause a slowdown when numerous threads wait for the same lock. At times, it may be more efficient to disable deadlock detection and rely on the innodb_lock_wait_timeout setting for transaction rollback when a deadlock occurs. (Bug #23477773, WL #9383)

The systemd support script for the unit file (mysqld_pre_systemd) now assists in creating the error log file only if its location matches the pattern /var/log/mysql*.log. In other cases, the error log directory must be writable or the error log must be present and writable for the user running the mysqld process. Also, mysqld_pre_systemd now avoids creating insecure temporary files. (Bug #24516262)

The CMake WITH_LZ4 option has been added to control which LZ4 library is used during compilation. By default WITH_LZ4 is set to bundled, so the library provided with MySQL is used. Setting WITH_LZ4 to system uses the LZ4 library from the operating system. (Bug #23607230)

InnoDB: An ALTER TABLE ... ENCRYPTION='Y', ALGORITHM=COPY operation on a table residing in the system tablespace raised an assertion. (Bug #24381804)

InnoDB: Creating an encrypted table on a Fusion-io disk with an innodb_flush_method setting of O_DIRECT caused a fatal error. (Bug #24329079, Bug #82073)

InnoDB: An operation that dropped and created a full-text search table raised an assertion. (Bug #24315031)

InnoDB: Accessing full-text search auxiliary tables while dropping the indexed table raised an assertion. (Bug #24009272)

InnoDB: An online DDL operation on a table with indexed BLOB columns raised an assertion during logging of table modifications. (Bug #23760086)

InnoDB: In some cases, code that locates a buffer pool chunk corresponding to given pointer returned the wrong chunk. Thanks to Alexey Kopytov for the patch. (Bug #23631471, Bug #79378)

InnoDB: A global counter (ut_rnd_ulint_counter) was changed to a thread-local counter to make it scalable on multi-core systems. (Bug #22733635, Bug #80354)

Replication: The addition of the transaction-write-set-extraction=XXH64 option uses xxHash symbols from liblz4. Although the xxHash symbols are exported by liblz4, the header file is not part of the API, so compilation failed when building with WITH_LZ4=system. The fix ensures that xxHash is built separately from liblz4 so that it is available both when using the system and bundled LZ4 libraries. (Bug #82426, Bug #24399819)

References: See also: Bug #23607230.

Replication: mysqlbinlog --read-from-remote-server log1 log2 was opening a new connection for log2 without freeing the connection used for log1. Thanks to Laurynas Biveinis for the contribution. (Bug #81675, Bug #23540182)

Replication: The MTR binary log test suite failed to clean up copied files. Thanks to Daniel Black for the contribution. (Bug #80881, Bug #23016254)

Replication: With binlog_row_image=FULL, when updating single tables temporary tables were unnecessarily being used. The fix ensures single table update follows the same pattern as multi-table update. (Bug #79867, Bug #22510353)

Solaris: The client library failed to build on Solaris using the Cstd library. (Bug #24353920, Bug #82347)

mysqld_safe attempted to read my.cnf in the data directory, although that is no longer a standard option file location. (Bug #24482156)

For mysqld_safe, the argument to --malloc-lib now must be one of the directories /usr/lib, /usr/lib64, /usr/lib/i386-linux-gnu, or /usr/lib/x86_64-linux-gnu. In addition, the --mysqld and --mysqld-version options are accepted only on the command line, not in option files. (Bug #24464380)

References: See also: Bug #24619033, Bug #82920.

It was possible to write log files ending with .ini or .cnf that later could be parsed as option files. The general query log and slow query log can no longer be written to a file ending with .ini or .cnf. (Bug #24388753)

Privilege escalation was possible by exploiting the way REPAIR TABLE used temporary files. (Bug #24388746)

If the basedir system variable was set at server startup from the command line or option file, the value was not normalized (on Windows, / was not replaced with \). (Bug #23747899, Bug #82125)

kevent statement timer subsystem deinitialization was revised to avoid a mysqld hang during shutdown on OS X 10.12. (Bug #23744004, Bug #82097)

For accounts for which multiple GRANT statements applied, mysqlpump could fail to dump them all. (Bug #23721446)

The MYSQL_ADD_PLUGIN macro had a spelling error that caused MYSQL_SERVER not to be defined. (Bug #23508762, Bug #81666)

In-place ALTER TABLE operations which when executed separately caused no table rebuild could when combined into a single statement result in a table rebuild. (Bug #23475211, Bug #81587)

For keyring plugins, the data access layer is now created only as necessary, not once per operation, which improves keyring performance. (Bug #23337926)

A blank server name in CREATE SERVER statements produced a server exit rather than an error. (Bug #23295288)

The optimizer failed to check a function return value for an area calculation, leading to a server exit. (Bug #23280059)

The server could fail to free memory allocated for execution of queries that used generated columns. (Bug #23205454)

References: This issue is a regression of: Bug #22392268.

mysqlpump output for triggers that contained multiple statements in the trigger body failed to load correctly. (Bug #23072245)

Queries that satisfied the following conditions could return different results than in MySQL 5.6: 1) A subquery appeared in the select list; 2) The subquery contained a WHERE condition that referenced a value in the outer query; 3) The outer query contained a GROUP BY that required creation of a temporary table. (Bug #23049975)

Passwords that were rejected by the validate_password plugin were written by the server to the error log as cleartext. (Bug #22922023)

A prepared statement that used a parameter in the select list of a derived table that was part of a join could cause a server exit. (Bug #22392374, Bug #24380263)

MEDIUMINT columns used in operations with long integer values could result in buffer overflow. (Bug #19984392)

A spurious ER_NO_SUCH_TABLE error could occur when attempting to execute a prepared CREATE TABLE ... SELECT statement that used a temporary table in the FROM clause and called a stored function. The same error could occur for a nonprepared version of the statement if used in a stored procedure when the procedure was re-executed. (Bug #16672723, Bug #68972)

EINTR handling in the client library has been fixed so that interrupted read and write calls are retried. Previously, EINTR was ignored. (Bug #82019, Bug #23703570)