Added the new audit_log_filter_uninstall.sql script to simplify removing MySQL Enterprise Audit. For information about this plugin, see MySQL Enterprise Audit. (Bug #35611072)

The pluggable FIDO authentication method is deprecated and subject to removal in a future MySQL release. (WL #15006)

Earlier distributions, such as MySQL 5.1 and MySQL 5.0, included servers that did not advertise pluggable authentication. When a newer client using any pluggable authentication method attempted to connect to one of these older servers, the server emitted a “bad handshake” error message. This fix now ensures that client-side authentication (specifically, the --default-auth option) works properly for all servers, including those that do not support pluggable authentication. In addition, mysql_native_password now replaces caching_sha2_password as the default authentication method when the server does not support pluggable authentication. (Bug #90994, Bug #28082093)

The mysql_ssl_set() C API function is deprecated and subject to removal in a future MySQL release. There are equivalent mysql_options() TLS options for all mysql_ssl_set() parameters. (WL #11091)

Fixed the WITH_DEVELOPER_ENTITLEMENTS macOS CMake option; it did not activate due to a typo. (Bug #35374026)

Fixed a string concatenation warning produced when compiling with Clang 12. (Bug #111614, Bug #35549962)

Made additional improvements to WITH_ZLIB functionality.

Thanks to Nikolai Kostrigin for the contribution. (Bug #111549, Bug #35534309)

Building with WITH_PROTOBUF=system failed with Protobuf 22 or newer due to Protobuf 22 adding the Abseil dependency. (Bug #111469, Bug #111623, Bug #35546459, Bug #35550389)

Building with WITH_ZLIB="system" would break the MySQL build as it failed to find ZLIB.

Thanks to Amazon for the contribution. (Bug #111467, Bug #35511210)

References: This issue is a regression of: Bug #35057542.

On EL7 aarch64-based platforms, fixed an issue related to how fetching the CPU cache line size returned 0 that caused the MySQL server to unexpectedly halt. (Bug #110752, Bug #35479763)

References: See also: Bug #107081, Bug #34095278.

The C++ Standardization Committee's Library Working Group recently resolved an issue (LWG-3865 Sorting a range of pairs) which changes how the comparison operators are defined for std::pair. This fix updates the equality operator used in two files in sql/auth to align with this change.

Based on a suggestion by the Microsoft Visual Studio team. (Bug #110254, Bug #35137978)

Replication: The binlog_transaction_dependency_tracking server system variable is now deprecated, and subject to removal in a future version of MySQL. Setting or retrieving the value of this variable now triggers a warning, as does using the equivalent startup option --binlog-transaction-dependency-tracking. Applications depending on this variable (or option) should begin migrating away from it as soon as possible. No replacement for this variable or its functionality is planned or needed. (WL #13964)

The old and new server system variables are now deprecated, and a warning is now issued whenever either of these variables is set or read. Expect these variables are to be removed in a future version of MySQL; applications which rely on them should migrate away from such dependencies as soon as possible. (WL #8609)

The --character-set-client-handshake server option, originally intended for use with upgrades from very old versions of MySQL, is now deprecated, and a warning is issued whenever it is used. You should expect this option to be removed in a future version of MySQL; applications depending on this option should begin migration away from it as soon as possible. (WL #13220)

Two changes in this release affect granting of privileges in MySQL. One of these changes impacts database grants; the other concerns host names used in grants. These changes are listed here:

(WL #14280, WL #15676)

INFORMATION_SCHEMA.PROCESSLIST is deprecated and subject to removal in a future MySQL release. As such, the implementation of SHOW PROCESSLIST which uses that table is also deprecated.

It is recommended to use the Performance Schema implementation of SHOW PROCESSLIST instead. As such, performance_schema_show_processlist is also deprecated and subject to removal in a future MySQL release. (WL #15915)

Support for the TLS_AES_128_CCM_8_SHA256 ciphersuite now is deprecated and subject to removal in a future version of MySQL. Any attempt to set it using either the tls_ciphersuites or admin_tls_ciphersuites system variable now returns a warning. By default, both system variables accept these ciphersuites:

Several previously supported ciphers now are deprecated and subject to removal in a future version of MySQL. If the deprecated ciphers are specified using either the ssl_cipher or admin_ssl_cipher system variable, then a warning now is issued. The following ciphers continue to be supported without emitting a deprecation warning:

(WL #15800)

The STR_TO_DATE() function did not perform complete range checking on the string to be converted, so that it was possible to pass to it a string which would yield an invalid date, such as '2021-11-31'. (Bug #108782, Bug #34704094)

On Windows, the MSI package definition files were updated to work with the Windows Installer XML (WiX) toolset version 4. Note that they can no longer be used with previous versions of the toolset. (Bug #35613791)

The bundled libedit library was upgraded to version 20221030-3.1. (Bug #35489173)

Binary packages that include curl rather than linking to the system curl library have been upgraded to use curl 8.4.0. Important issues fixed in curl version 8.4.0 are described at https://curl.se/docs/security.html. (Bug #35897778)

References: See also: Bug #35709229.

Incompatible Change: Upgraded the bundled libfido2 library to libfido2 v1.13.0. This libfido2 version requires OpenSSL 1.1.1 or higher, which means the authentication_fido and authentication_fido_client authentication plugins are no longer available on the following platforms: Enterprise Linux 6 and 7, Solaris 11, and SLES 12. (Bug #35685515)

Important Change; Group Replication: Version requirements for groups are relaxed beginning with this release, as follows:

This change does not affect the requirement that, when selected, the primary must be running the lowest MySQL version present in the group; this remains true whether this is automatic, or is performed by executing group_replication_set_as_primary(). (Bug #35397276)

Important Change: For platforms on which OpenSSL libraries are bundled, the linked OpenSSL library for MySQL Server has been updated to version 3.0.10. Issues fixed in OpenSSL version 3.0.10 are described at https://www.openssl.org/news/cl30.txt. (Bug #35702863, Bug #35732474)

Performance: records_in_range performed an excessive number of disk reads for insert operations.

Our thanks to Facebook for the contribution. (Bug #109595, Bug #34976138)

InnoDB: Fixed processing of single character tokens by a FTS parser plugin.

Our thanks to Shaohua Wang for the contribution. (Bug #35432973)

InnoDB: On Windows, the redo log file was not flushed even with innodb_flush_log_at_trx_commit=1. (Bug #112078, Bug #35713721)

InnoDB: Fixed a potential transaction rollback issue stemming from the ALTER TABLE EXCHANGE PARTITIONS statement. (Bug #110869, Bug #35352168)

References: This issue is a regression of: Bug #33700835.

InnoDB: When creating full-text indexes spanning multiple columns, index creation could fail with an error similar to "ERROR 1062 (23000): Duplicate entry 'NULL-NULL'." (Bug #109242, Bug #33542939, Bug #34846823)

InnoDB: The last detected deadlock section of the engine status log was only showing 1024 characters for the combined thread and query information. Fixing by removing the printed query string limit. (Bug #80927, Bug #23036096)

Replication: Memory used by binary log compression was not instrumented. (Bug #35290223)

Replication: To detect dependencies and conflicts among transactions, MySQL Replication uses writesets which are extracted from keys that are NOT NULL (primary keys by definition, as well as unique and foreign keys which are NOT NULL) whenever binlog_format is ROW and transaction_write_set_extraction is enabled (the default in both cases). In the case of multi-column unique keys using only the leading parts of column values (see Column Prefix Key Parts), the writesets were not properly generated, which sometimes led to spurious duplicate key errors; this was due to the fact that the whole values of referenced key columns were added to the writeset in such cases, even though the keys themselves referenced only the column prefix. (Bug #111027, Bug #35404584)

Following a change made in MySQL 8.0.23, in some cases where GROUP_CONCAT() had previously returned NULL, it did so no longer. (Bug #35730982)

References: This issue is a regression of: Bug #32053547.

When no rows matched the WHERE condition of a query, the results of the query as prepared (using PREPARE) differed from those of the same query when run directly. (Bug #35689804)

Some queries using INTERSECT were not always processed correctly. (Bug #35504625)

References: See also: Bug #35362424.

In some cases, the QUOTE() function returned binary data rather than the expected NULL. (Bug #35499232)

Previously, executing audit_log_rotate() manually could cause the function to appear unresponsive when the output performance was low, the workload on the server was heavy, and the audit_log_strategy system variable had a write strategy of ASYNCHRONOUS or PERFORMANCE. (Bug #35397216)

In some cases the QUOTE() function returned NULL even though it had previously been resolved as non-nullable. (Bug #35381715)

References: See also: Bug #35145246, Bug #35195181.

A previous fix in MySQL 8.0.30 for a stored program that was not executed correctly following the first invocation did not cover the case where it contained a SET statement.

Our thanks to Hao Lu for the contribution. (Bug #35328028)

References: This issue is a regression of: Bug #33754993.

An issue with stored functions was found to be a regression from work done previously to improve internal functions that are used in copying values between columns. (Bug #35150382)

References: This issue is a regression of: Bug #32742537.

Some cached queries were not always handled correctly.

Our thanks to Nicholas Othieno for the contribution. (Bug #35105404, Bug #35511208)

Updated the Kerberos library bundled with commercial builds to version 1.21.2. (Bug #35001935)

Some inserts on tables with triggers were not always handled correctly. (Bug #34920120)

References: See also: Bug #35178672, Bug #35195079.

Some DESCRIBE statements using FORMAT = JSON were not always processed correctly, and sometimes raised assertions in debug builds. (Bug #34909766)

Some complex queries using multiple common table expressions were not always handled correctly. (Bug #34900334)

References: This issue is a regression of: Bug #34377854.

Some queries with window functions were not pushed down correctly. (Bug #34778435)

Some complex queries using multiple common table expressions were not always handled correctly. (Bug #112021, Bug #35284734, Bug #35694546)

References: See also: Bug #111994, Bug #35686058. This issue is a regression of: Bug #34377854.

For Enterprise Linux, changed the krb5-devel build requirement from commercial to all builds. (Bug #111596, Bug #35546449)

CREATE ROLE and DROP ROLE statements were not handled correctly when checking for orphaned SQL objects. (Bug #111303, Bug #35471453)

Clone_Snapshot::extend_and_flush_files() always created files of type OS_CLONE_DATA_FILE. This function uses flush_redo() to handle redo log files, which must be of type OS_CLONE_LOG_FILE, which could sometimes lead to errors in os_file_set_size().

This problem is now fixed by ensuring that the type is set correctly when creating the new file.

Our thanks to Tencent for the contribution. (Bug #110569, Bug #35240055)

The low limit heuristic did not work well for ORDER BY DESC due to choosing the wrong index. (Bug #107626, Bug #34306497)