バージョン 4.1.10a のリリースと同時に、 バージョン 4.0系の最新バージョンである バージョン 4.0.24 も公開されました。
4.1.10a と同様に、UDFに関する セキュリティ問題の修正が含まれています。
また UDF問題のほかにも、4.0.24 では数多くの修正が加えられています。詳しくはチェンジログを参照ください。

　ダウンロードは MySQL AB のサイトからどうぞ。



以下チェンジログ：


■機能の追加と変更：
* Security improvement: The server creates `.frm', `.MYD', `.MYI', `.MRG', `.ISD', and `.ISM' table files only if a file with the same name does not already exist.

* Security improvement: User-defined functions should have at least one symbol defined in addition to the `xxx' symbol that corresponds to the main `xxx()' function. These auxiliary symbols correspond to the `xxx_init()', `xxx_deinit()', `xxx_reset()',
`xxx_clear()', and `xxx_add()' functions. `mysqld' by default no longer loads UDFs unless they have at least one auxiliary symbol defined in addition to the main symbol.
The '--allow-suspicious-udfs' option controls whether UDFs that have only an `xxx' symbol can be loaded.
By default, the option is off. `mysqld' also checks UDF filenames when it reads them from the `mysql.func' table and rejects those that contain directory pathname separator characters. (It already checked names as given in `CREATE FUNCTION' statements.)
See the section in the manual on writing UDFs.

* `InnoDB': Added configuration option and settable global variable `innodb_autoextend_increment' for setting the size in megabytes by which `InnoDB' tablespaces are extended when they become full. The default value is 8, corresponding to the fixed increment of 8MB in previous versions of MySQL.

* InnoDB: Do not acquire an internal `InnoDB' table lock in `LOCK TABLES' if `AUTOCOMMIT=1'. This helps in porting old `MyISAM' applications to `InnoDB'. `InnoDB' table locks in that case caused deadlocks very easily.


■バグ修正：
* `FOUND_ROWS()' returned an incorrect value after a `SELECT SQL_CALC_FOUND_ROWS DISTINCT' statement that selected constants and included `GROUP BY' and `LIMIT' clauses. (Bug #7945)

* Queries of the form `(SELECT ...) ORDER BY ...' were being treated as a `UNION'. This improperly resulted in only distinct values being returned (because `UNION' by default eliminates.) (Bug #7672)

* Index cardinality was not being updated properly for `TEMPOARY' tables under some circumstances, such as `CREATE TABLE ... SELECT' followed by `ANALYZE TABLE'. (Bug #7519)

* Fixed a server crash caused by `DELETE FROM TBL_NAME ... WHERE ... ORDER BY TBL_NAME.COL_NAME' when the `ORDER BY' column was qualified with the table name. (Bug #8392)

* Fixed a bug in `MATCH ... AGAINST' in natural language mode that could cause a server crash if the `FULLTEXT' index was not used in a join (`EXPLAIN' did not show `fulltext' join mode) and the search query matched no rows in the table (Bug #8522).

* Platform and architecture information in version information produced for `--version' option on Windows was always `Win95/Win98 (i32)'. More accurately determine platform as `Win32' or `Win64' for 32-bit or 64-bit Windows, and architecture as `ia32' for x86, `ia64' for Itanium, and `axp' for Alpha. (Bug #4445)

* `InnoDB': Honor the `--tmpdir' startup option when creating temporary files. Previously, `InnoDB' temporary files were always created in the temporary directory of the operating system. On Netware, `InnoDB' will continue to ignore `--tmpdir'. (Bug #5822)

* Fixed an optimization problem that allowed a negative number to be stored in a `DOUBLE UNSIGNED' column when it was assigned a value from a signed `DOUBLE' column. (Bug #7700)

* Fixed a failure of multiple-table updates to replicate properly on slave servers when `--replicate-*-table' options had been specified. (Bug #7011)

* Renamed `set_bit()' and `clear_bit()' functions in source code to avoid a conflict with functions of the same names in Linux kernel header files. (Bug #7971)

* Part of the information being used to cache access-permission lookups was not always reinitialized properly, particularly for connections from localhost on Windows. The result was connection failures that appeared to occur randomly. (Bug #5569)

* Corrected a problem with the `QUOTE()' function returning bad results. (Bug #8248)

* Fixed a problem where `INSERT INTO ...SELECT' failed when the source and target table were the same. (Bug #6034)

* Fixed a problem where RPM installation on Linux as a non-privileged user would result in incomplete installation. (Bug #7347)

* Change thread stack size used for building Linx RPM distributions to avoid warnings about stack size during server startup. (Bug #6226)

* InnoDB: Use native `tmpfile()' function on Netware. All InnoDB temporary files are created under `sys:\tmp'. Previously, InnoDB temporary files were never deleted on Netware.

* Fixed a symlink vulnerability in the `mysqlaccess' script. Reported by Javier Fernandez-Sanguino Pena and Debian Security Audit Team (http://www.debian.org/security/audit). (CAN-2005-0004 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0004))

* Fixed support for C API function `mysql_list_fields()', which was accidentally broken in 4.0.22 (Bug#6761)

* Make `query_cache_wlock_invalidate' system variable visible in `SHOW VARIABLES' output. (Bug #7594)

* Fixed a bug which caused `FROM_UNIXTIME()' function to return `NULL' for zero argument instead of the Epoch. (Bug #7515)

* Now in datetime values two digit year is interpreted as year in 20th or 21st century even with zero month and day. (Bug #7297)

* Fixed a bug in `QUOTE' function when used in conjunction with some other string functions. This lead to severe buffer overflow and server crashing. (Bug #7495)

* InnoDB: Fixed a bug: 32-bit `mysqld' binaries built on HP-UX-11 did not work with `InnoDB' files greater than 2 GB in size. (Bug #6189)

* Fixed that, when encountering a "disk full" or "quota exceeded" write error, `MyISAM' sometimes didn't sleep and retry the write, thus resulting in a corrupted table. (Bug #7714)

* Fixed that a slave could crash after replicating many `ANALYZE TABLE', `OPTIMIZE TABLE', or `REPAIR TABLE' statements from the master. (Bug #6461, Bug #7658)

* Fixed a bug where MySQL was allowing concurrent updates (inserts, deletes) to a table if binary logging is enabled. Changed to ensure that all updates are executed in a serialized fashion, because they are executed serialized when binlog is replayed. (Bug #7879)

* Fixed a bug that caused the slave to stop on statements that produced an error on the master. (Bug #8412)

* Documented problem with using `mysqldump' in 4.0.x to dump `TIMESTAMP(2)' and `TIMESTAMP(4)' column types. (Bug #6530)