Recent changes to support better security by increasing strength of Diffie-Hellman cipher suites from 512-bit to 2048-bit were introduced to MySQL Server 5.7. While this change enhances security, it is an aggressive change in that 2048-bit DH ciphers are not universally supported. This has become a problem specifically for Java users, as only Java 8 JRE (currently) supports DH ciphers greater than 1024 bits. Making the problem more acute, this change was back-ported from MySQL Server 5.7 to the recent 5.6.26 and 5.5.45 releases in response to a community bug report. This blog post will identify affected applications, existing workarounds, and our plans to provide a more …
[Read more]MySQL 5.6.26 was recently released (it is the latest MySQL 5.6, is GA), and is available for download here.
For this release, there are 3 “Functionality Added or Changed” items, 1 “Security Fix”, and 36 other bug fixes.
Out of those other 36 bugs, 13 are InnoDB, 1 Partitioning, 3 Replication, and 19 misc. (including 3 potentially crashing bug fixes, and 1 performance-related fix) Here are the ones of note:
- Functionality Added/Changed: Replication: When using a multi-threaded slave, each worker thread has its own queue of transactions to process. In previous MySQL versions, STOP SLAVE waited for all workers to process their entire queue. This logic has been changed so that STOP SLAVE first finds the newest transaction that was committed by any worker thread. Then, it waits for all workers to complete …
The Percona version of MySQL has been such a good replacement for the generic MySQL version that many of the features and options that existed in Percona have been merged into the generic MySQL. Innodb_fast_checksum was an option added to … Continue reading →
MySQL 5.6.25 was recently released (it is the latest MySQL 5.6, is GA), and is available for download here.
For this release, there are 2 “Functionality Added or Changed” items of note:
- Functionality Added/Changed: MySQL distributions now include an innodb_stress suite of test cases. Thanks to Mark Callaghan for the contribution. (Bug #76347)
- Functionality Added/Changed: my_print_defaults now masks passwords. To display passwords in cleartext, use the new –show option.
In addition to those, there were 55 other bug fixes:
- 10 InnoDB
- 8 Replication
- 3 Partitioning (one overlaps w/ an InnoDB bug fix)
- 35 Miscellaneous (and 6 of …
I accidentally stumbled upon this Stack Overflow question this morning:
I am wondering if there is any difference in regards to performance between the following:
SELECT ... FROM ... WHERE someFIELD IN(1,2,3,4); SELECT ... FROM ... WHERE someFIELD between 0 AND 5; SELECT ... FROM ... WHERE someFIELD = 1 OR someFIELD = 2 OR someFIELD = 3 ...;
It is an interesting question because there was no good way to answer it when it was asked in 2009. All of the queries resolve to the same output in EXPLAIN. Here is an example using the sakila schema:
mysql> EXPLAIN SELECT * FROM film WHERE film_id BETWEEN 1 AND 5\G mysql> EXPLAIN SELECT * FROM film WHERE film_id IN (1,2,3,4,5)\G mysql> EXPLAIN SELECT * FROM film WHERE film_id =1 or film_id=2 or film_id=3 or film_id=4 or film_id=5\G ********* 1. row ********* id: 1 …[Read more]
Student questions are always interesting! They get me to think and to write. The question this time is: “How do I write a Bash Shell script to process multiple MySQL script files?” This post builds the following model (courtesy of MySQL Workbench) by using a bash shell script and MySQL script files, but there’s a disclaimer on this post. It shows both insecure and secure approaches and you should avoid the insecure ones.
It seems a quick refresher on how to use arrays in
bash
shell may be helpful. While it’s essential in a
Linux environment, it’s seems not everyone masters the
bash
shell.
Especially, since I checked my …
[Read more]MySQL 5.6.24 was recently released (it is the latest MySQL 5.6, is GA), and is available for download here.
For this release, there are 4 “Functionality Added or Changed” items:
- Functionality Added/Changed: CMake support was updated to handle CMake version 3.1.
- Functionality Added/Changed: The server now includes its version number when it writes the initial “starting” message to the error log, to make it easier to tell which server instance error log output applies to. This value is the same as that available from the version system variable. (Bug #74917)
- Functionality Added/Changed: ALTER TABLE did not take advantage of fast alterations that might otherwise apply to the operation to …
While I previously blogged about installing Netbeans 8, some of my students would prefer to use the Eclipse IDE. This post shows how to install and configure Eclipse IDE, include the mysql-connector-java.jar, and write Java to access the MySQL.
You can download Eclipse IDE and then open it in
Fedora’s Archive Manager. You can use the Archive
Manager to Extract the Eclipse IDE to a directory
of your choice. I opted to extract it into my
student
user’s home directory, which is
/home/student
.
After extracting the Eclipse IDE, you can check the
contents of the eclipse
directory with the following
command:
ls -al eclipse |
You should see the following:
… |
Today, oCERT published advisory 2015-003 describing a TLS vulnerability in MySQL and derivative products. The content isn’t exactly news – it is documented legacy behavior and the subject of an earlier blog post describing how MySQL Server 5.7 solves the problem. That said, the efforts of Duo Security are certainly appreciated and welcomed – it provides a meaningful context to discuss how to properly harden existing MySQL 5.5 and 5.6 deployments, as well as frame a discussion on potential changes in these versions to increase security.
Vulnerability
The vulnerability described in the advisory relies on the legacy behavior of the client …
[Read more]Updated 2015-04-25: add the link to the slides of my PLMCE talk and a link to a bug number.
MaxScale 1.1.0 is out and includes the new Binlog Server module. This is the first post in s series of three. The two others are about Operations and High Availability. The links to the 2 other posts are at the end of this page.
In this post, I present how to install and configure MaxScale as a Binlog