Changelog:
* InnoDB Plugin has been upgraded to version 1.0.11. This version is considered of General Availability (GA) quality.
In this release, the InnoDB Plugin is included in source and binary distributions, except RHEL3, RHEL4, SuSE 9 (x86, x86_64, ia64), generic Linux RPM packages, and any builds produced with the icc compiler. It also does not work for FreeBSD 6 and HP-UX or for Linux on generic ia64.

Bugs fixed:
* Important Change: Replication: The LOAD DATA INFILE statement is now considered unsafe for statement-based replication. When using statement-based logging mode, the statement now produces a warning; when using mixed-format logging, the statement is made using the row-based format. (Bug#34283)
* Partitioning: UPDATE and INSERT statements affecting partitioned tables performed poorly when using row-based replication. (Bug#52517)
* Partitioning: INSERT ON DUPLICATE KEY UPDATE statements performed poorly on tables having many partitions. This was because the handler function for reading a row from a specific index was not optimized in the partitioning handler. (Bug#52455)
* The server could crash on shutdown, if started with --innodb-use-system-malloc=0. (Bug#55581)
* GROUP BY operations used max_sort_length inconsistently. (Bug#55188)
* Building MySQL on Solaris 8 x86 failed when using Sun Studio due to gcc inline assembler code. (Bug#55061)
* In debug builds, an assertion could be raised when the server tried to send an OK packet to the client after having failed to detect errors during processing of the WHERE condition of an UPDATE statement. (Bug#54734)
* The database server could crash when renaming a table that had active transactions. (This issue only affected the database server when built for debugging.) (Bug#54453)
* The server could crash during the recovery phase of startup, if it previously crashed while inserting BLOB or other large columns that use off-page storage into an InnoDB table created with ROW_FORMAT=REDUNDANT or ROW_FORMAT=COMPACT. (Bug#54408)
* For an InnoDB table created with ROW_FORMAT=COMPRESSED or ROW_FORMAT=DYNAMIC, a query using the READ UNCOMMITTED isolation level could cause the server to stop with an assertion error, if BLOB or other large columns that use off-page storage were being inserted at the same time. (Bug#54358)
* A client could supply data in chunks to a prepared statement parameter other than of type TEXT or BLOB using the mysql_stmt_send_long_data() C API function (or COM_STMT_SEND_LONG_DATA command). This led to a crash because other data types are not valid for long data. (Bug#54041)
* mysql_secure_installation did not properly identify local accounts and could incorrectly remove nonlocal root accounts. (Bug#54004)
* Transactions could be incorrectly committed during recovery, rather than rolled back, if the server crashed and was restarted after performing ALTER TABLE...ADD PRIMARY KEY on an InnoDB table, or some other operation that involves copying the entire table. (Bug#53756)
* Portability problems in SHOW STATUS could lead to incorrect results on some platforms. (Bug#53493)
* Builds of MySQL generated a large number of warnings. (Bug#53445)
* With lower_case_table_names set to a nonzero value, searches for table or database names in INFORMATION_SCHEMA tables could produce incorrect results. (Bug#53095)
* The ABI check for MySQL failed to compile with gcc 4.5. (Bug#52514)
* mysql_secure_installation sometimes failed to locate the mysql client. (Bug#52274)
* Reading a ucs2 data file with LOAD DATA INFILE was subject to three problems. 1) Incorrect parsing of the file as ucs2 data, resulting in incorrect length of the parsed string. This is fixed by truncating the invalid trailing bytes (incomplete multibyte characters) when reading from the file. 2) Reads from a proper ucs2 file did not recognize newline characters. This is fixed by first checking whether a byte is a newline (or any other special character) before reading it as a part of a multibyte character. 3) When using user variables to hold column data, the character set of the user variable was set incorrectly to the database charset. This is fixed by setting it to the character set specified in the LOAD DATA INFILE statement, if any. (Bug#51876)
* Searches in INFORMATION_SCHEMA tables for rows matching a nonexistent database produced an error instead of an empty query result. (Bug#49542)
* On FreeBSD, memory mapping for MERGE tables could fail if underlying tables were empty. (Bug#47139)
* The my_like_range_xxx() functions returned badly formed maximum strings for Asian character sets, which caused problems for storage engines. (Bug#45012)
* A debugging assertion could be raised after a write failure to a closed socket. (Bug#42496)
* An assertion failure occurred within yaSSL for very long keys. (Bug#29784)
See also Bug#53463.

To Upgrade:
yum upgrade mysql

This is a minor bugfix release for PHP 5.2.14, there are no fixes included from upstream.

Changelog:

• Bugfix #XXX, relinked packages against mysql 5.0 libraries on EL5
• Bugfix #XXX, removed a case where the PHP mail() header feature added "\r" to messages, this was incompatible with the SMTP mime header rfc.

To Upgrade:

yum upgrade php

Changes in MySQL 5.1.49 (09 July 2010)

InnoDB Notes:

* InnoDB Plugin has been upgraded to version 1.0.10. This version is considered of General Availability (GA) quality.

In this release, the InnoDB Plugin is included in source and binary distributions, except RHEL3, RHEL4, SuSE 9 (x86, x86_64, ia64), and generic Linux RPM packages. It also does not work for FreeBSD 6 and HP-UX or for Linux on generic ia64.

Bugs fixed:

* Security Fix: After changing the values of the innodb_file_format or innodb_file_per_table configuration parameters, DDL statements could cause a server crash. (Bug#55039)
* Security Fix: Joins involving a table with with a unique SET column could cause a server crash. (Bug#54575)
* Security Fix: Incorrect handling of NULL arguments could lead to a crash for IN() or CASE operations when NULL arguments were either passed explicitly as arguments (for IN()) or implicitly generated by the WITH ROLLUP modifier (for IN() and CASE). (Bug#54477)
* Security Fix: A malformed argument to the BINLOG statement could result in Valgrind warnings or a server crash. (Bug#54393)
* Security Fix: Use of TEMPORARY InnoDB tables with nullable columns could cause a server crash. (Bug#54044)
* Security Fix: The server could crash if there were alternate reads from two indexes on a table using the HANDLER interface. (Bug#54007)
* Security Fix: Using EXPLAIN with queries of the form SELECT ... UNION ... ORDER BY (SELECT ... WHERE ...) could cause a server crash. (Bug#52711)
* Security Fix: LOAD DATA INFILE did not check for SQL errors and sent an OK packet even when errors were already reported. Also, an assert related to client-server protocol checking in debug servers sometimes was raised when it should not have been. (Bug#52512)
*Replication: When using unique keys on NULL columns in row-based replication, the slave sometimes chose the wrong row when performing an update. This happened because a table having a unique key on such a column could have multiple rows containing NULL for the column used by the unique key, and the slave merely picked the first row containing NULL in that column. (Bug#53893)
*Replication: FLUSH LOGS could in some circumstances crash the server. This occurred because the I/O thread could concurrently access the relay log I/O cache while another thread was performing the FLUSH LOGS, which closes and reopens the relay log and, while doing so, initializes (or re-initializes) its I/O cache. This could cause problems if some other thread (in this case, the I/O thread) is accessing it at the same time.

Now the thread performing the FLUSH LOGS takes a lock on the relay log before actually flushing it. (Bug#53657)

See also Bug#50364.
*Replication: Two related issues involving temporary tables and transactions were introduced by a fix made in MySQL 5.1.37:
1. When a temporary table was created or dropped within a transaction, any failed statement that following the CREATE TEMPORARY TABLE or DROP TEMPORARY TABLE statement triggered a rollback, which caused the slave diverge from the master.
2. When a CREATE TEMPORARY TABLE ... SELECT * FROM ... statement was executed within a transaction in which only tables using transactional storage engines were used and the transaction was rolled back at the end, the changes—including the creation of the temporary table—were not written to the binary log.

The current fix restores the correct behavior in both of these cases. (Bug#53560)

This regression was introduced by Bug#43929.
* Replication: When CURRENT_USER() or CURRENT_USER was used to supply the name and host of the affected user or of the definer in any of the statements DROP USER, RENAME USER, GRANT, REVOKE, and ALTER EVENT, the reference to CURRENT_USER() or CURRENT_USER was not expanded when written to the binary log. This resulted in CURRENT_USER() or CURRENT_USER being expanded to the user and host of the slave SQL thread on the slave, thus breaking replication. Now CURRENT_USER() and CURRENT_USER are expanded prior to being written to the binary log in such cases, so that the correct user and host are referenced on both the master and the slave. (Bug#48321)
* An ALTER TABLE statement could convert an InnoDB compressed table (with row_format=compressed) back to an uncompressed table (with row_format=compact). (Bug#54679)
* A signal-handler redefinition for SIGUSR1 was removed. The redefinition could cause the server to encounter a kernel deadlock on Solaris when there are many active threads. Other POSIX platforms might also be affected. (Bug#54667)
* InnoDB could issue an incorrect message on startup, if tables were created under the setting innodb_file_per_table=ON and the server was restarted under the setting innodb_file_per_table=OFF. The message was of the form InnoDB: Warning: allocated tablespace n, old maximum was 0. (Bug#54658)
* The make_binary_distribution target to make could fail on some platforms because the lines generated were too long for the shell. (Bug#54590)
* The server failed to disregard sort order for some zero-length tuples, leading to an assertion failure. (Bug#54459)
* The default value of myisam_max_extra_sort_file_size could be higher than the maximum accepted value, leading to warnings upon the server start. (Bug#54457)
* Inconsistent checking of the relationship between SHOW statements and INFORMATION_SCHEMA queries caused such queries to fail sometimes. (Bug#54422)
* If a session tried to drop a database containing a table opened with HANDLER in another session, any DATABASE statement (CREATE, DROP, ALTER) executed by that session produced a deadlock. (Bug#54360)
* Fast index creation could fail, leaving the new secondary index corrupted. (Bug#54330)
* A client could supply data in chunks to a prepared statement parameter other than of type TEXT or BLOB using the mysql_stmt_send_long_data() C API function (or COM_STMT_SEND_LONG_DATA command). This led to a crash because other data types are not valid for long data. (Bug#54041)
* Builds of the embedded mysqld would fail due to a missing element of the struct NET. (Bug#53908, Bug#53912)
* The definition of the MY_INIT macro in my_sys.h included an extraneous semicolon, which could cause compilation failure. (Bug#53906)
* A client with automatic reconnection enabled saw the error message Lost connection to MySQL server during query if the connection was lost between the mysql_stmt_prepare() and mysql_stmt_execute() C API functions. However, mysql_stmt_errno() returned 0, not the corresponding error number 2013. (Bug#53899)
* Queries that used MIN() or MAX() on indexed columns could be optimized incorrectly. (Bug#53859)
* Some combinations of SELECT and SELECT FOR UPDATE statements could fail with errors about locks, or incorrectly release a row lock during a semi-consistent read operation. (Bug#53674)
* The Lock_time value in the slow query log was negative for stored routines. (Bug#53191)
* The results of some ORDER BY ... DESC queries were sorted incorrectly. (Bug#51431)
* Index Merge between three indexes could return incorrect results. (Bug#50389)
*Performing large numbers of RENAME TABLE statements caused excessive memory use. (Bug#47991)
* The server could crash with an out of memory error when trying to parse a query that was too long to fit in memory. Now the parser rejects such queries with an ER_OUT_OF_RESOURCES error. (Bug#42064)
* Sort-index_merge for join tables other than the first table used excessive memory. (Bug#41660)
* Valgrind warnings in the InnoDB compare_record() function were corrected. (Bug#38999)
* mysqld could fail during execution when using SSL. (Bug#34236)


To Upgrade:
yum upgrade mysql

We are proud to announce the latest release for our flagship Atomic Secured Linux product, the latest in unified threat management systems.  Atomic Secured Linux(tm) is an out-of-the-box Unified Security Suite for Linux(tm) systems designed to protect your servers against both known and unknown threats. It is distributed through a subscription yum channel ensuring that ASL is always kept up to date. Unlike other security solultions, ASL works by combining security at all layers, from the aKernel all the way up to the application layer to provide the most complete protection available for Linux servers and helps to ensure that your system is compliant with commercial and government security standards. ASL includes the most hardened kernel on the market, automated system hardening techniques, userspace and host Intrusion Prevention Systems (IPS), malware/rootkit detection and elimination, blacklisting technologies and web application firewalling to protect multiuser and web application hosting environments like no other solution. ASL is uniquely effective at addressing emerging threats posed by vulnerabilities in todays complex systems and applications, such as web hosting environments, multiuser systems, CRM's, ERPs, forums, shopping carts, Content Management systems and custom applications.

Changelog:

[+] Add support for 2.6.32.16-4 kernels
[+] Add support for Cloudlinux 5
[+] Feature Request #393, Add local hostname information to ASL Web
[=] Updated ossec_database_setup routine to start mysql on a new install event
[=] Updated configuation to reorder ossec configuration after notification configuration
[=] RSS Feed now uses the Atomicorp Website RSS feed
[=] Add mysql start routine to ossec_database_setup.sh
[=] Minor change to web_app_inventory to improve performance. (about 10-15%)

Bugfixes:

[-] Bugfix #XXX, fixed case where proftp clamav was not working for anonymous ftp
[-] Bugfix #XXX, case #3466 entries were not showing in the blocklist
[-] Bugfix #XXX, correct condition where ASL Web counld not consistently add/remove whitelist entries
[-] Bugfix #XXX, ASL Web Geo-block removals on an empty list.
[-] Bugfix #XXX, ASL Web Blocklist blacklist/whitelist/unblock multi-taging
[-] Bugfix #386, rules disabled by vhost will be set to nolog/noauditlog by default

Legend: [+] New Feature/Capability, [=] Change to existing feature, [-] Bugfix

Release Notes:

2.2.10 marks the final phase of the deprecation of support for denyhosts. As of 2.2.10 denyhosts is no longer a supported package in ASL. In addition support for CloudLinux 5 was added in this release.

Additional components updated in this release:

• ossec 2.4.1-7
• gradm 2.2.0-1

Components removed in this release:

• denyhosts 2.6

Upgrading to 2.2.10:

1) yum upgrade asl asl-web gradm ossec-hids

2) yum remove denyhosts

3) asl -s -f