MySQL 5.7 Release Notes
Important Change: The linked OpenSSL library for MySQL Server has been updated to version 1.1.1q. Issues fixed in OpenSSL version 1.1.1q are described at https://www.openssl.org/news/cl111.txt and https://www.openssl.org/news/vulnerabilities.html. (Bug #34414695)
The linked curl library for MySQL Server (Enterprise Edition) has been updated to version 7.84.0. (Bug #34138733, Bug #34614578)
MySQL Server’s AES_ENCRYPT()
and
AES_DECRYPT()
functions now support the use
of a key derivation function (KDF) to create a cryptographically
strong secret key from information such as a password or a
passphrase that you pass to the function. The derived key is
used to encrypt and decrypt the data, and it remains in the
MySQL Server instance and is not accessible to users. Using a
KDF is highly recommended, as it provides better security than
specifying your own premade key or deriving it by a simpler
method when you use the function. The functions support HKDF
(available from OpenSSL 1.1.0), for which you can specify an
optional salt and context-specific information to include in the
keying material, and PBKDF2 (available from OpenSSL 1.0.2), for
which you can specify an optional salt and set the number of
iterations used to produce the key.
(WL #12669, WL #15188)
InnoDB: In debug builds, a descending b-tree scan raised a debug assertion failure. (Bug #34144951)
InnoDB:
An index latch order violation in
dict_table_x_lock_indexes()
caused an
assertion failure.
(Bug #32912868)
InnoDB:
A TRUNCATE TABLE
operation failed
to free an acquired mutex in specific cases.
(Bug #107858, Bug #34380370)
The server did not always process nested views as expected. (Bug #33876690)
mysqlpump might not be given the correct
permissions to use derived tables (tables that are generated by
a query FROM
clause), causing the dump
process to stop if these were present. Derived tables are now
handled separately and privileges are set for them.
(Bug #33866103)
When using
--log-timestamps=SYSTEM
, ISO 8601
timestamps in log messages did not take account of daylight
saving time.
(Bug #28632725, Bug #32893161)
The GRANT OPTION
privilege was
treated as related to database operations.
(Bug #25203933, Bug #34159579)