Qualys announced they had found an exploit in one of the Linux core libraries – glibc – using a buffer overflow technique in gethostbyname(). They have developed a proof-of-concept in which simply sending a specially created e-mail to a mail server enabled them to create a remote shell to the Linux machine. According to Qualys, “This bypasses all existing protections (like ASLR, PIE and NX) on both 32-bit and 64-bit systems.”. How does it affect MySQL servers? Read on!

The vulnerable library call provides DNS name resolution and although it’s been obsoleted in favour of other calls, it is still widely used by both legacy and modern applications.

Having a quick search, MySQL does not seem to rely on gethostbyname() almost at all. A few uses can be found in MySQL Cluster code (NDB), …

I must admint I was greatly impressed by the Oracle activity on MySQL yesterday. I cannot say I didn’t see it was coming, but most certainly the magnitude of what happened, the flood of announcements, was a bit overwhelming. Looking at the list of improvements, I started wondering what can it actually mean to the MySQL ecosystem.

Several years ago MySQL was forked into several different projects driven by groups of passionates as well as commercial businesses. Many considered the pace of MySQL evolution to be insufficient, while some didn’t agree with the direction or was complaining on the quality.

These were not unfounded. Rather than on the software itself, MySQL AB was focusing more on preparing itself for public offering, which eventually didn’t happen. It sold out to Sun. However, instead of …

Most of the time I think of myself as living in a fairly progressive and enlightened world. I'm fotunate that I work with a set of wonderful people, I can travel all over the world and I'm a member of an excellent theatre company. As a result, hatred of things, or at least expressions of hatred are generally just not tolerated in any of the circles in which I run. (With the exception, of course, of things that FAIL, like a particularly bad piece of code - but even then it's less about hatred and more about not liking something that didn't work)

There are two social acceptable exceptions to that rule, though: Americans, and cats.

I was reading a blog post earlier this morning (which I won't link to because that's not the point here) which was a fun post about older people finding new music. As a person who is not getting any younger myself, the blog post was quite enjoyable. Smack in the middle of it though, there was a fairly …

Mark has some good thoughts on drizzle. I think they’re all valid… and have some extra thoughts too:

“I have problems to solve today”. This is (of course) an active concern in my brain… If we don’t have something out that solves some set of problems with reasonable stability and reliability (and soon), then we are failing. I feel we’re getting there, and will have a solid foundation to build upon.

Drizzle replication, MySQL replication: “I can’t compare the two until Drizzle replication is running in production.“. Completely agree. We need to only say replication is stable and reliable when it really is. Realistic test suites are needed. Very defensive programming of the replication system is needed (you want to know when something has gone wrong). …

I am certainly not the only person to have ever noticed the mean-spirited way people and primates assault things which are new or different or not understood or simply disliked, however there is a specific instance of this herd/mob insanity which I have only recently come to recognize for what it is.

This is, simply, the hostile reaction to innovation from the disapproving herd.

No, I am not realizing for the first time that some people don’t like new or different ideas. It is, however, the first time I have actually put this together while looking at the RDBMS market and comparing, say, MySQL and its competitors.

Specifically: the storage engine concept in MySQL, whereby one may choose to utilize different storage engines, which may have different capabilities suiting themselves to particular needs or environments. If you need transactions, you use a transactional storage engine. If you do not need them nor the overhead …