Release Notes for MariaDB Enterprise Server 10.4.21-13

This thirteenth release of MariaDB Enterprise Server 10.4 is a maintenance release. This release includes a variety of fixes.

MariaDB Enterprise Server 10.4.21-13 was released on 2021-09-14.

Fixed Security Vulnerabilities

Backported Features

This release of MariaDB Enterprise Server includes features backported from MariaDB Enterprise Server 10.6.

• MariaDB Enterprise Audit allows database-specific and table-specific filters. (MENT-65) For example:

  {
    "connect_event" : "ALL",
    "table_event" : ["READ","WRITE",{"ignore_tables" : "mysql.*"}],
    "query_event" : ["DDL",{"tables" : "test.t2"}]
  }
  

• MariaDB Enterprise Audit can be configured to not start the server if Audit Filters are invalid. (MENT-1243)
  • Added the new server_audit_load_on_error system variable.
  • To configure server startup to fail if Audit Filters are invalid, set server_audit_load_on_error to OFF and set server-audit to FORCE or FORCE_PLUS_PERMANENT.
  • The default value of server_audit_load_on_error is ON, so the default behavior is the same as in prior releases.

• Enhanced consistency for Semi-Sync Replication
  • When rpl_semi_sync_slave_enabled=ON, consistency is guaranteed for a Primary server in an HA (Primary/Replica) topology when using semi-synchronous replication. (MDEV-21117)
  • Prior to this release, when using semi-synchronous replication, if a Primary crashed before sending a transaction to the Replica, on restart the Primary could recover incomplete InnoDB transactions when rejoining as a Replica.
  • With this release, when using semi-synchronous replication and with rpl_semi_sync_slave_enabled=ON, incomplete transactions will be rolled-back on the Replica, ensuring the new Primary (former Replica) and new Replica (former Primary) remain in sync.

This release of MariaDB Enterprise Server includes features backported from MariaDB Enterprise Server 10.5.

• Support added for Galera Global Transaction ID in MariaDB Enterprise Cluster (Galera), which replicates MariaDB Global Transaction ID to other nodes in the cluster (MENT-932)

Notable Changes

• Galera updated to 26.4.9

• ARM64 is now supported for several #platforms.

• The script wsrep_sst_mariabackup checks all server-related configuration groups when processing a configuration file. (MDEV-25669)
  • Prior to this release, only the [mysqld] configuration group was checked when processing a configuration file.

• MariaDB Enterprise Backup expects --stream=mbstream to stream a backup using the included mbstream utility. (MDEV-15730)
  • Prior to this release, MariaDB Enterprise Backup expected --stream=xbstream, even though the xbstream utility had been renamed to mbstream.

• InnoDB no longer acquires advisory file locks by default. (MDEV-24393)

• The information_schema.KEYWORDS table has been added and can be used to view details about SQL keywords. (MDEV-25129)

• The information_schema.SQL_FUNCTIONS table has been added and can be used to view details about built-in functions. (MDEV-25129)

• When using data-at-rest encryption with the file-key-management-encryption-plugin/ encryption plugin, InnoDB will automatically disable key rotation checks. (MDEV-14180)
  • The file-key-management-encryption-plugin/ encryption plugin does not support key rotation, so key rotation checks are not required.
  • In previous releases, unnecessary key rotation checks with the file-key-management-encryption-plugin/ encryption plugin could reduce performance, unless they were explicitly disabled by setting innodb_encryption_rotate_key_age=0.

• Removed SSL ciphers RC4-MD5 and RC4-SHA for mariadbd binaries compiled with WolfSSL. (MDEV-26092)

Issues Fixed

Can result in data loss

• When an ALTER TABLE ... ADD COLUMN statement is executed with ALGORITHM=INSTANT, a warning is not raised when the operation causes the default value of a DATE column to be truncated. (MDEV-25971)

Can result in a hang or crash

• Possible server crash when pushing a WHERE condition over a mergeable derived table / view / CTE DT into a grouping view / derived table / CTE V whose item list contained set functions with constant arguments. (MDEV-25635)

• Server crashes on second execution of a stored procedure or a prepared statement when the corresponding query executes a window function on a view, CTE, or derived table. (MDEV-25565)

• Server crashes possible when executing a prepared statement with a hanging recursive CTE. (MDEV-26135)

• Server crashes while executing query with a CTE in a prepared statement or stored procedure. (MDEV-26025)

• Server crashes while executing query with a recursive CTE that is indirectly used twice. (MDEV-26202)

• Server crashes due to infinite recursion while processing an embedded recursive CTE with missing RECURSIVE. (MDEV-26095)

• Server crashes in InnoDB deadlock checker under high load. (MDEV-25594)

• Server crashes when a virtual generated column has a prefix index. (MDEV-26220)

• Server crashes possible when using virtual generated columns. (MDEV-18166, MDEV-18249)

• Server crashes while executing DELETE when a YEAR column is truncated. (MDEV-17890)

• Server crashes while executing SET ROLE when a hostname cannot be resolved. (MDEV-26081)

• Server crashes when a subquery references an outer column in an ORDER BY clause. (MDEV-25629)

• Server crashes due to a stack overrun in the query optimizer while executing query with more than 32 equality conditions that compare columns of different tables (such as tableX.colX=tableY.colY). (MDEV-17783)

• Server crashes when a window function is the left expression of an IN(SELECT ..) subquery. (MDEV-25630)

• Possible deadlock on a Replica server using GTID Replication when slave_parallel_mode=optimistic and OPTIMIZE TABLE, REPAIR TABLE, or ANALYZE TABLE is executed. (MDEV-17515)

• Server crashes when ALTER TABLE .. ADD FULLTEXT INDEX fails on an InnoDB table. (MDEV-25721)

• Server crashes while executing TRUNCATE on an InnoDB table with a Full-Text Index. (MDEV-25663)

• Server crashes while executing ALTER TABLE on an InnoDB table with virtual generated columns that are indexed. (MDEV-25872)

• Server crashes while executing CHECK TABLE when innodb_read_only is enabled. (MDEV-25886)

• Server crashes when a connection is killed while executing ALTER TABLE after previously locking the table with LOCK TABLE. (MDEV-17749)

• Server crashes when the global value of the system_versioning_asof system variable is set using a stored function that reads the value of another global system variable. (MDEV-16481)

• Server crashes when MariaDB Enterprise Audit is active and usernames longer than 256 characters are used. (MENT-1019)

• Server crashes when MariaDB Enterprise Audit is active and audit log file rotation is triggered. (MENT-1207)

• Server crashes while executing query with a CTE that is used at least twice and that references an embedded recursive CTE. (MDEV-26108)

• Possible crash with transactions having changes for tables with no primary key to apply in parallel, when using MariaDB Enterprise Cluster. (MDEV-25551)

• Server crashes when executing CREATE TABLE to create a Spider table with a COMMENT value that does not contain embedded double quotes. (MDEV-26139)

• Server crashes when a client connects during shutdown. (MDEV-18353)

Can result in unexpected behavior

• When CREATE OR REPLACE TABLE fails after dropping the table, the DROP TABLE operation is not written into the binary log. (MDEV-25595)

• The SHOW GRANTS statement does not quote role names properly for DEFAULT ROLE. (MDEV-26080)

• The innochecksum utility reports errors for freed pages. (MDEV-25361)

• When an unknown column is referenced in the WHERE clause of a recursive CTE, the query sometimes succeeds instead of failing with an ER_BAD_FIELD_ERROR. (MDEV-26189)

• Reusing CTE inside a function fails with the ER_NO_SUCH_TABLE error code. (MDEV-23886)

• Several fixes for MariaDB Enterprise Cluster (Galera) SST scripts. (MDEV-20580, MDEV-25818, MDEV-25759, MDEV-25719, MDEV-15639, MDEV-15371, MDEV-18797, MENT-1170, MDEV-24979, MDEV-21192)

• With MariaDB Enterprise Cluster, when wsrep_sst_method=mariabackup, MariaDB Enterprise Backup does not inherit server options set by the Environment systemd configuration parameter. (MDEV-24962)

• With MariaDB Enterprise Cluster, when wsrep_sst_method=rsync is set and log-bin and/or log-bin-index are set to custom paths, the rsync SST does not copy the binary log index. (MDEV-25978)

tail: cannot open 'mysql-bin.index' for reading: No such file or directory

• With MariaDB Enterprise Cluster, when wsrep_sst_method=rsync is set, rsync for a new SST process may be killed rather than the rsync for the old SST process. (MDEV-25880)

• With MariaDB Enterprise Cluster, the WSREP threads could write warnings about foreign keys to the MariaDB Error Log when wsrep_debug is not enabled. (MDEV-26062)
  • In prior releases, the following warning could be written to the log:

    InnoDB: WSREP: referenced FK check fail: Lock wait index `PRIMARY` table `schema`.`child_table`
    

  • Starting with this release, the WSREP threads will only write warnings about foreign keys to the MariaDB Error Log when wsrep_debug is enabled.

• The CREATE INDEX statement may check the wrong maximum column length. (MDEV-26203)

• The Spider storage engine handles ">=" as ">" in some cases, where multi-column indexes are used. (MDEV-25985)

• The max_password_errors system variable does not work correctly with the ed25519 authentication plugin. (MDEV-25641)

• The "Condition pushdown into derived table" optimization cannot be applied if the expression being pushed refers to a derived table column which is computed from an expression that has a stored function call, @session variable reference, or other similar construct. (MDEV-25969)

• A query that uses ORDER BY .. LIMIT clause and "Range checked for each record" optimization could produce incorrect results. (MDEV-25858)

• An aborted OPTIMIZE TABLE statement is logged in the binary log and replicates to the Replica server. (MDEV-22530)

• EXPLAIN shows an execution plan different from actually executed (MDEV-25682)

• For system-versioned tables, the SHOW INDEX statement displays the system-invisible row_end column as part of the primary key. (MDEV-16857)

• For system-versioned tables partitioned by SYSTEM_TIME, overflowing the partitions leads to incorrect results from SELECT. result (MDEV-22247)

• For Spider tables, SELECT statements that use CASE WHEN .. THEN can result in syntax error. (MDEV-24760)

• For Spider tables, SELECT statements that use the JSON_EXTRACT() function in the WHERE clause can result in a syntax error. (MDEV-24517)

• For Spider tables, UPDATE statements that call native functions using remove_str (such as TRIM()) fail with the ER_WRONG_PARAMCOUNT_TO_NATIVE_FCT error code. (MDEV-24020)

• For Spider tables, server-sided prepared statements (created by PREPARE and executed by EXECUTE) incorrectly turn unsigned integer literals into signed integers. (MDEV-25808)

• For Spider tables, statements that use the JSON_REPLACE() function fail with the ER_SP_DOES_NOT_EXIST error code. (MDEV-24523)

• With MariaDB Enterprise Audit, the CREATE PROCEDURE and DROP PROCEDURE statements are not logged to the audit log. (MENT-1169)

• With MariaDB Enterprise Backup, the binary log position written to the xtrabackup_binlog_info file during the backup is incorrect for replication. (MDEV-23080)

• With MariaDB Enterprise Cluster, when wsrep_sst_method=mariabackup, a typo in the SST script causes SST failure on the Donor node. (MDEV-26117)

• For Spider tables, SELECT statements that use DISTINCT do not work properly in some cases. (MDEV-26013)

• When mariadbd is compiled with WolfSSL, the server fails to accept connections using TLS 1.3 and AES-GCM cipher. (MDEV-22221)

Interface Changes

• KEYWORDS information schema table added

• mysqld --server-audit-load-on-error command-line option added

• server_audit_load_on_error system variable added

• SQL_FUNCTIONS information schema table added

• system_versioning_asof system variable default value changed from DEFAULT to "" (empty)

Platforms

• In alignment to the enterprise lifecycle, MariaDB Enterprise Server 10.4.21-13 is provided for:

• CentOS 7 (x86_64)

• CentOS 8 (x86_64, ARM64)

• Debian 9 (x86_64, ARM64)

• Debian 10 (x86_64, ARM64)

• Red Hat Enterprise Linux 7 (x86_64)

• Red Hat Enterprise Linux 8 (x86_64, ARM64)

• SUSE Linux Enterprise Server 12 (x86_64)

• SUSE Linux Enterprise Server 15 (x86_64, ARM64)

• Ubuntu 18.04 (x86_64, ARM64)

• Ubuntu 20.04 (x86_64, ARM64)

• Microsoft Windows (x86_64)

Some components of MariaDB Enterprise Server might not support all platforms. For additional information, see MariaDB Corporation Engineering Policies".

Installation Instructions

• MariaDB Enterprise Server 10.4

• Enterprise Cluster Topology with MariaDB Enterprise Server 10.4

• Primary/Replica Topology with MariaDB Enterprise Server 10.4

• Enterprise Spider Sharded Topology with MariaDB Enterprise Server 10.4

• Enterprise Spider Federated Topology with MariaDB Enterprise Server 10.4

Upgrade Instructions

• Upgrade to MariaDB Enterprise Server 10.4

• Upgrade from MariaDB Community Server to MariaDB Enterprise Server 10.4