EMS logo

Products Navigation

choose your database tool

Our Partnership Status

Microsoft Certified Partner
Oracle Certified Partner
Embarcadero Technology Partner

SQL Industry News

All SQL News

MySQL 5.0.21 released.

MySQL 5.0.21, a new production version of the popular Open Source Database Management System, has been released. The Community Edition is now available in source and binary form for a number of platforms from our download pages and mirror sites.

Note that not all mirror sites may be up to date at this point in time - if you can't find this version on some mirror, please try again later or choose another download site.

This is a bugfix release for the current production version. This release includes the patches for recently reported security vulnerabilites in the MySQL client-server protocol.

Please refer to our bug database for more details about the individual bugs fixed in this version.

Changes in release 5.0.21:

Functionality added or changed:

  • Security enhancement: Added the global max_prepared_stmt_count system variable to limit the total number of prepared statements in the server. This limits the potential for denial-of-service attacks based on causing the server to run causing the server to run out of memory by preparing huge numbers of statements. The current number of prepared statements is available through the 'prepared_stmt_count' status variable.
  • NDB Cluster: It is now possible to perform a partial start of a cluster. That is, it is now possible to bring up the cluster without running ndbd --initial on all configured data nodes first.
  • NDB Cluster: It is now possible to install MySQL with Cluster support to a non-default location and change the search path for font description files using either the --basedir or --character-sets-dir options. (Previously in MySQL 5.0, ndbd searched only the default path for character sets.)
  • In result set metadata, the MYSQL_FIELD.length value for BIT columns now is reported in number of bits. For example, the value for a BIT(9) column is 9. (Formerly, the value was related to number of bytes.)
  • The default for the innodb_thread_concurrency system variable was changed to 8.

Bugs fixed:

  • Security bugfix: A malicious client, using specially crafted invalid COM_TABLE_DUMP packets was able to trigger an exploitable buffer overflow on the server.
  • Security bugfix: A malicious client, using specially crafted invalid login or COM_TABLE_DUMP packets was able to read uninitialized memory, which potentially, though unlikely in MySQL, could lead to an information disclosure. NDB Cluster: A simultaneous DROP TABLE and table update operation utilising a table scan could trigger a node failure.
  • Conversion of a number to a CHAR UNICODE string returned an invalid result.
  • DELETE and UPDATE statements that used large NOT IN (value_list) clauses could use large amounts of memory.
  • Prevent recursive views caused by using RENAME TABLE on a view after creating it.
  • A LOCK TABLES statement that failed could cause MyISAM not to update table statistics properly, causing a subsequent CHECK TABLE to report table corruption.
  • COUNT(*) on a MyISAM table could return different results for the base table and a view on the base table.