1. 29 Jul, 2010 4 commits
    • Vasil Dimov's avatar
      Merge mysql-5.1-bugteam -> mysql-trunk-merge · e91498e9
      Vasil Dimov authored
      e91498e9
    • Alexander Barkov's avatar
      Postfix for BUG#45012. · c7071a72
      Alexander Barkov authored
      Problem: The original patch didn't compile on debug_werror
      due to wrong format in printf("%d") for size_t variables.
      
      Fix: Adding cast to (int).
      c7071a72
    • 's avatar
      Manual merge · c61ce414
      authored
      c61ce414
    • 's avatar
      BUG#49124 Security issue with /*!-versioned */ SQL statements on Slave · 2ad690fd
      authored
      /*![:version:] Query Code */, where [:version:] is a sequence of 5 
      digits representing the mysql server version(e.g /*!50200 ... */),
      is a special comment that the query in it can be executed on those 
      servers whose versions are larger than the version appearing in the 
      comment. It leads to a security issue when slave's version is larger 
      than master's. A malicious user can improve his privileges on slaves. 
      Because slave SQL thread is running with SUPER privileges, so it can
      execute queries that he/she does not have privileges on master.
      
      This bug is fixed with the logic below: 
      - To replace '!' with ' ' in the magic comments which are not applied on
        master. So they become common comments and will not be applied on slave.
      
      - Example:
        'INSERT INTO t1 VALUES (1) /*!10000, (2)*/ /*!99999 ,(3)*/
        will be binlogged as
        'INSERT INTO t1 VALUES (1) /*!10000, (2)*/ /* 99999 ,(3)*/
      2ad690fd
  2. 28 Jul, 2010 1 commit
  3. 26 Jul, 2010 4 commits
  4. 24 Jul, 2010 4 commits
  5. 23 Jul, 2010 3 commits
  6. 22 Jul, 2010 2 commits
  7. 21 Jul, 2010 11 commits
  8. 20 Jul, 2010 11 commits