Release Notes for MariaDB Enterprise Server 10.2.37-11

This eleventh release of MariaDB Enterprise Server 10.2 is a maintenance release. This release includes security fixes.

MariaDB Enterprise Server 10.2.37-11 was released on 2021-03-15.

Fixed Security Vulnerabilities

#1: MariaDB CVEs are assigned a word rating instead of a CVSS base score. See the MariaDB Engineering Policy. for details.

Notable Changes

• The new mysqldump --system={all, users, plugins, udfs, servers, stats, timezones} command-line option allows dumping system information in logical form. (MDEV-23630)

• Added primary host and port info to replica stop messages. (MDEV-10272)

• Parameter innodb_idle_flush_pct has no effect and is defined as deprecated. (MDEV-24536)

• New MariaDB Enterprise Backup --log-innodb-page-corruption to continue the backup process when corruption is encountered. Corrupted pages are logged in backup_corrupted file in the backup destination directory. (MDEV-22929)

• MariaDB Enterprise Backup adds completed with Error! to the end of the log file if the backup is started with parameter --log-innodb-page-corruption and completed with corrupted tables. The new log entry canceled with Error! will be used when the backup could not be completed. (MENT-1059)

• wsrep_provider and wsrep_notify_cmd system variables are read-only. (MDEV-25179)

Issues Fixed

Can result in data loss

• In a very unlikely event, corruption of system tablespace or last recovered page can occur on recovery or a MariaDB Backup prepare. (MENT-1124, MDEV-24449)

Can result in a hang or crash

• Possible segfault on CREATE TABLE with explicit FTS_DOC_ID_INDEX using multiple fields. (MDEV-24403)

• Server crashes upon attempt to update view through second execution of a stored procedure. (MDEV-16940)

• CREATE VIEW containing WITH clause can crash. (MDEV-22781)

• Possible crash for a query using recursive CTE without having a default schema defined. (MDEV-24019)

• Server crash on WITH RECURSIVE UNION ALL (CTE) query. (MDEV-23619)

• Server hang due to Galera lock conflict resolution. (MDEV-23328)

• Possible crash in replication when applying a transaction that contains cascading foreign key delete for a table and that has an indexed virtual column. (MDEV-23033)

• Possible lock conflicts between two wsrep high priority threads in MariaDB Enterprise Cluster on tables having unique secondary keys. (MDEV-23851)

Can result in unexpected behavior

• SHOW GRANTS is missing the WITH GRANT privilege for roles. (MDEV-24289)

• mysqld_safe log messages are missing in the error log file. (MDEV-21367)

• CHECK_CLAUSE field in INFORMATION_SCHEMA.CHECK_CONSTRAINTS truncates check constraints expressions. (MDEV-24139)

• Unexpected error message when selecting from view that uses mergeable derived table. (MDEV-24314)

• Permission denied error message is returned on users with SELECT permissions for nested CTEs. (MDEV-20751)

• Regression: SELECT .. UNION .. with inconsistent column names fails. (MDEV-19179)

• Race condition between KILL and transaction commit with MariaDB Enterprise Cluster. (MDEV-23536)

• Plugin system variables and activation options can break mysqld --wsrep_recover for MariaDB Enterprise Cluster. (MDEV-20717)

• SELECT INTO OUTFILE used permission 666 where 644 should be used to limit the privileges to change the file. (MDEV-23875)

• Syntax error on correct syntax for CREATE VIEW that includes X is null = 0 (MDEV-24194)

• Altered connection limits for user have no effect. (MDEV-17852)

• Syntax error when using COLLATE for creating virtual columns. (MDEV-12161)

• Auto purge of relaylogs stops when relay-log-file is slave-relay-log.999999 and slave_parallel_threads is enabled. (MDEV-8134)

• ORDER BY in view definition leads to wrong result with GROUP BY on query using view. (MDEV-23826)

• SUM column from a derived table returns invalid values. (MDEV-23291)

• server_audit doesn't respect filters for PROXY_CONNECT events. (MDEV-24318)

• server_audit plugin doesn't consider proxy users in server_audit_excl_users and server_audit_incl_users (MDEV-19442)

Interface Changes

• accounts performance schema table schema changed

• CHECK_CONSTRAINTS information schema table schema changed

• events_stages_summary_by_account_by_event_name performance schema table schema changed

• events_stages_summary_by_user_by_event_name performance schema table schema changed

• events_statements_summary_by_account_by_event_name performance schema table schema changed

• events_statements_summary_by_user_by_event_name performance schema table schema changed

• events_waits_summary_by_account_by_event_name performance schema table schema changed

• events_waits_summary_by_user_by_event_name performance schema table schema changed

• group_concat_max_len system variable maximum value changed from 18446744073709551615 to 4294967295

• mariabackup --log-innodb-page-corruption command-line option added

• mariadb_es_repo_setup --include-unsupported command-line option added

• mariadb_es_repo_setup --skip-check-installed command-line option added

• mariadb_es_repo_setup --version command-line option added

• mariadb_repo_setup --version command-line option added

• max_sort_length system variable minimum value changed from 8 to 64

• mysqldump --system command-line option added

• setup_actors performance schema table schema changed

• threads performance schema table schema changed

• users performance schema table schema changed

Platforms

In alignment to the enterprise lifecycle, MariaDB Enterprise Server 10.2.37-11 is provided for:

• CentOS 7

• CentOS 8

• Debian 9

• Debian 10

• Red Hat Enterprise Linux 7

• Red Hat Enterprise Linux 8

• Ubuntu 16.04

• Ubuntu 18.04

• SUSE Linux Enterprise Server 12

• SUSE Linux Enterprise Server 15

• Microsoft Windows

Some components of MariaDB Enterprise Server might not support all platforms. For additional information, see "MariaDB Corporation Engineering Policies".