CVE-2020-10997

Percona XtraDB backup >= 2.4.11 suffers an issue whereby the whole command line is captured and output to resulting backup file location, and where –history command line argument is passed this too is captured within the PERCONA_SCHEMA.xtrabackup_history table. In addition to the information being present within the process list and standard error output.

This issue is resolved in >= 2.4.20 and >= 8.0.11 .

Applicability

Access to backup files is required in order to exploit this error, protection of backup files and media is already a well known best-practise and we encourage our users to continue to follow this practise.

Authenticated access to the MySQL server is required to collect command line data where –history was used during backup.

Authenticated access to the Linux system on which PXB is being executed or access to the Process …

The other day on a call, a client asked me an interesting question.  We were discussing some testing they were doing in Amazon Relational Database Service (RDS).  The question came up “since RDS is managed, how can I prove to my security team that the data is actually encrypted?”  We’ve all read whitepapers and blogs that talk about encryption in the cloud, but it is something I’ve not needed to validate before.  Instead, I just enable encryption when I create an RDS instance and move along to the next steps of the setup. This discussion really got me thinking – what is the best way to enable and test encryption at rest in my RDS instance?

Encryption at Rest – MySQL Fundamentals

Before getting too far into the RDS specifics, I wanted to cover the basics of encryption at rest in MySQL.  There are essentially two ways to encrypt data at rest:

• Full disk encryption (filesystem/block …

Databases are complicated software made to handle the concurrent load while making specific guarantees about data consistency and availability. There are many scenarios which should be tested that can only happen under concurrent conditions.

Pstress is a probability-based open-source database testing tool designed to run in concurrency and to test if the database can recover when something goes wrong. It generates random transactions based on options provided by the user. With the right set of options, users can test features, regression, and crash recovery. It can create the concurrent load on a cluster or on a single server.

The tool is currently in beta, but it has already become very important within the testing pipeline for Percona. Pstress is widely used by Percona’s QA team during each phase of testing. It has …

MySQL Shell is a powerful tool.  It allows Javascript, Python and SQL access to MySQL.

Usage of MySQL Shell can be
1. As admin tool to MySQL Server
2. As Scripting Engine to run Javascript or Python or SQL to access MySQL Server
3. As a tools to allow Document Store access (like collection API) with MySQL Server
4. As MySQL InnoDB Cluster admin Tooling

Customization and extensible framework is essential to a tool as such DB administrators can create customized report and extension to do the daily job.

This tutorial is written to provide a short summary how we can create a MySQL Shell Report in Python.

What is MySQL Shell Report
MySQL Shell report can be executed thru "\show"


 There are 3 'report's coming with MySQL Shell - namely 'query', 'thread', 'threads'.

Query Report :
Getting the "help" …

MySQL has the capability of generating random passwords for user accounts, as an alternative to requiring explicit administrator-specified literal passwords.

The post MySQL Security - Random Password Generation first appeared on dasini.net - Diary of a MySQL expert.

Last time I shared a video that is an introduction to Using MySQL without the SQL.   This time I am adding two more videos -- one on Document Collections and another on simple indexes.  The MySQL Document Store is a simple, easy to use way to for developers to store data without much of the traditional pre-requisite chores needed with a relational database.

You simple connect to the MySQL instance using the new MySQL Shell to the schema of your choice, create a document collection, and can start saving data right …

Percona XtraDB Cluster 8.0 is on the final stretch before GA release, and we have pre-release packages available for testing.

I wanted to see how Percona XtraDB Cluster 8.0 performs in CPU and IO-bound scenarios, like in my previous posts about MySQL Group Replication.

In this blog, I want to evaluate Percona XtraDB Cluster 8.0 scaling capabilities in cases when we increase the number of nodes and increase user connections. The version I used is available here: Percona-XtraDB-Cluster-8.0.18. …

When I run a benchmark and want to measure the CPU efficiency of something, I find it’s often a good choice to run a benchmark program, as well as the database, on the same server. This is in order to eliminate network impact and to look at single-thread performance, to eliminate contention.

Usually, this approach gives rather stable results; for example, benchmarking MySQL with Sysbench OLTP Read-Only workload I get a variance of less than one percent between 1-minute runs.

In this case, though, I was seeing some 20 percent difference between the runs, which looked pretty random and would not go away even with longer 10-minute runs.

The benchmark I did was benchmarking MySQL through ProxySQL (all running on the same machine):

Sysbench -> ProxySQL -> MySQL 

As I thought more about possible reasons, I thought CPU scheduling might be a problem. As requests pass …

Today, I am going to tell very interesting use-case where we have used Blackhole engine as replication filter.
We have an Aurora Cluster(let's call it C1) where multiple db's are hosted and multiple applications are writing data into it. While in another project one application wanted to read the data from one of the db's hosted on aurora cluster C1 & this new project is hosted into another account.
Now the challenge is we don't want self hosted db which supports replication filters(replicate-do-db) and bring …

A time for new beginnings beckons upon us, and Codership is pleased to announce the much anticipated Release Candidate of MySQL 8.0 that comes with Galera 4. It comes with MySQL 8.0.19 and includes the Galera Replication Library 4.5 Release Candidate and wsrep API version 26. 

Galera 4 and MySQL 8.0.19 have many new features, but here are some of the highlights:

• Streaming replication to support large transactions by splitting transaction replication then applying them in smaller fragments.
• Improved foreign key support, as write set certification rules are optimised and there will be a reduction in the number of foreign key related false conflicts in certifications.
• Group commit is …