5.0.46 is available since 19th of July.
Enterprise source tarballs were removed from ftp.mysql.com: http://www.planetmysql.org/kaj/?p=123 New location (thanks to GPL): http://download.dorsalsource.org/files/4/7/141/mysql-5.0.46.tar.gz
mysql-bugs, what do you think about using dorsalsource.org as SRC_URI?
wschlich: I'm not in favour of it, and I'm trying to have a discussion with upstream about the matter already.
robbat2, thanks for the info :)
*** Bug 191552 has been marked as a duplicate of this bug. ***
Dorsal has not released a tarball of 5.0.48 yet, and the question of following it remains. The new URL here is my email to the upstream packagers list.
It has: http://download.dorsalsource.org/files/b/5/165/mysql-5.0.48.tar.gz
*** Bug 192334 has been marked as a duplicate of this bug. ***
Since upgrading from 4.1 to 5.0.44, I've been crashing regularly. I have just reported this as http://bugs.mysql.com/bug.php?id=31008, but for all I know this is something that could have been addressed in the more current releases.
What's the showstopper here? I'd be happy with even 5.0.45 - it appears to have a query indexing performance fix (when needing two indexes it actually uses them both instead of getting confused and doing a full table scan) that would speed up a lot of the queries in one of my website deployments on a hardened gentoo system that a different deployment benefits from (unfortunately and out of my choice) using debian.
What I was referring to turned to be due to faulty hardware, but still I don't see much logic in treating an older, buggy version as current.
For those interested in an update, see the URL to the packagers list above. As for the actual status, I've got ebuilds for the latest 5.1 and 5.0.4[568] ready to go, but I haven't put them out yet because of the ongoing packagers discussion. In simple terms, MySQL AB's folk would like distros to NOT provide the 'MySQL Enterprise' path (regardless, it cannot be packaged directly as that for trademark reasons, which we already abide by), and ONLY provide 'MySQL Community'. I'm not happy with that path, based on the past state of the community edition, and the pain of migration that this places on the Gentoo userbase. Additionally, there was a late bug in 5.0.48 discovered only after the release (not caught by QA and not caught by their testcases), so it was withdrawn upstream.
(In reply to comment #12) > For those interested in an update, see the URL to the packagers list above. > > As for the actual status, I've got ebuilds for the latest 5.1 and 5.0.4[568] > ready to go, but I haven't put them out yet because of the ongoing packagers > discussion. > > In simple terms, MySQL AB's folk would like distros to NOT provide the 'MySQL > Enterprise' path (regardless, it cannot be packaged directly as that for > trademark reasons, which we already abide by), and ONLY provide 'MySQL > Community'. Well, why should we care at all? I mean, the "MySQL Enterprise" sources are available and GPL'ed, right? I don't see any reason to not use them then. > Additionally, there was a late bug in 5.0.48 discovered only after the release > (not caught by QA and not caught by their testcases), so it was withdrawn > upstream. So I guess there will be a 5.0.50 soon?
(In reply to comment #12) > In simple terms, MySQL AB's folk would like distros to NOT provide the 'MySQL > Enterprise' path (regardless, it cannot be packaged directly as that for > trademark reasons, which we already abide by), and ONLY provide 'MySQL > Community'. I'm not happy with that path, based on the past state of the Didn't Sun at one point require a convoluted download process for Java? Manually download the source into the right location and then it could be emerged. Perhaps, this would be a suitable workaround.
> Well, why should we care at all? Because I'd like to maintain good relations with upstream, and not reach situations like the Gaim upstream had. > I mean, the "MySQL Enterprise" sources are available and > GPL'ed, right? I don't see any reason to not use them then. The sources are available, distributed by the folk at DorsalSource/ProvenScaling. It's the same tarball that upstream provides to enterprise customers that pay the $$$, and don't provide to the community directly. > So I guess there will be a 5.0.50 soon? I'm hoping that MySQL AB will release a 5.0.50 or a .48-r1 soon, but I haven't seen any tagging in their bkbits repo yet.
(In reply to comment #15) > > Well, why should we care at all? > > Because I'd like to maintain good relations with upstream, Well, seems like upstream did not waste a sensible thought about their relations with us, the community. They made use of their right to do that splitting bullshit, so let us make use of our right to use the redistributed GPL'ed MySQL Enterprise tarballs. I'd prefer NOT to support a company that has written "hey, look, our software is free/GPL" on their flag, but presses distributions to not make use of that freeness. That's just hypocritical. > and not reach situations like the Gaim upstream had. Pardon, I am uninformed about that -- what happened to Gaim? > > I mean, the "MySQL Enterprise" sources are available and > > GPL'ed, right? I don't see any reason to not use them then. > > The sources are available, distributed by the folk at > DorsalSource/ProvenScaling. It's the same tarball that upstream provides to > enterprise customers that pay the $$$, and don't provide to the community > directly. As the license explicitly permits this, I see no reason to not make use of those sources. Of course, if ProvenScaling vanishes, so does our source of MySQL Enterprise source tarballs, but well, a calculable risk (same would go for MySQL itself).
> Pardon, I am uninformed about that -- what happened to Gaim? They refused bugs from Gentoo for a while, and iirc even banned anybody with 'Gentoo' in their hostmask from their IRC channel. Plus refusing patches. To get some action on this, I'm going to put my 5.1 bumps into the tree by the end of the weekend (probably sometime on Sunday), and 5.0 as soon as there is a 5.0.50 available.
(In reply to comment #17) > > Pardon, I am uninformed about that -- what happened to Gaim? > > They refused bugs from Gentoo for a while, and iirc even banned anybody with > 'Gentoo' in their hostmask from their IRC channel. Plus refusing patches. Ok, an undesirable situation. Why did that happen at all? > To get some action on this, I'm going to put my 5.1 bumps into the tree by the > end of the weekend (probably sometime on Sunday), and 5.0 as soon as there is a > 5.0.50 available. Thanks, Robin!
So, any news on this topic? :) The mailing list thread referenced doesn't seem to have received any new postings :(
The discussion died out, and upstream still haven't released .50
The 5.0.50 tarball is on some mirrors now, however it fails parts of the upstream testsuite :-( mysql-test-run in default mode: *** Failing the test(s): openssl_1 rpl_openssl rpl_ssl ssl ssl_8k_key ssl_compress ssl_connect mysql-test-run in ps-protocol mode: *** Failing the test(s): openssl_1 rpl_openssl rpl_ssl ssl ssl_8k_key ssl_compress ssl_connect (plus archive_gis is failing on my big-endian box again).
Is it possible to still have the ebuild in tree even with the failures? Are they known to upstream?
I emailed my upstream contact about them, and recieved no response. i'll commit it hardmasked if there's a real demand for it, but i would strongly discourage usage, esp since .52 claims security fixes (but .52 isn't on the mirrors yet).
I see that community-5.0.51 came out as well, and it also fails the openssl tests. Since I didn't get any other response from upstream, I've filed a bug for them, and raised it on the packagers mailing list: http://bugs.mysql.com/bug.php?id=33050
Dunno ifit's worth reporting but I've came across this blog: http://tretkowski.de/blog/archives/398-MySQL-5.0.51-released.html MySQL 5.0.51 released That's the good news. The bad news is, it's still affected by CVE-2007-5925, which allows remote authenticated users to cause a denial of service (database crash). Jörg Brühe wrote on the packagers mailinglist that's because the sources for 5.0.51 were cloned before the fix got in. I don't know exactly how their release model works, but looks like it needs to be improved. To make it even worse, bug #32125 which has a patch for the problem, was set to private a few days ago. Because we already have the patch in our MySQL packages since exactly three weeks, it's available in our subversion repository.
(In reply to comment #25) > MySQL 5.0.51 released > That's the good news. The bad news is, it's still affected by CVE-2007-5925, > which allows remote authenticated users to cause a denial of service (database > crash). Jörg Brühe wrote on the packagers mailinglist that's because the > sources for 5.0.51 were cloned before the fix got in. I don't know exactly how > their release model works, but looks like it needs to be improved. > > To make it even worse, bug #32125 which has a patch for the problem, was set to > private a few days ago. Because we already have the patch in our MySQL packages > since exactly three weeks, it's available in our subversion repository. > bug 198988, we already have that fixed for Enterprise -- community is missing the patch though.
Yeah it seems that dorsalsource stopped posting new packages for some reason...
I was getting them from provenscaling's mirror, but 5.0.52 hasn't turned up their either. Has anybody here seen the 5.0.52 tarball anywhere?
Looked all around even asked on #mysql on irc, haven't fount one. How hard is it to check out the sources and just roll one up?
Right, I've got a cold, so I decided to finally bump my mySQL. Here's what I did I checked out mysql-5.0 revision 1.2541.47.2, because according to http://mysql.bkbits.net:8080/mysql-5.0/?PAGE=cset&REV=mysql-5.0.52 thats when 5.0.52 got tagged, rolled it up in a nice tar.gz, renamed the ebuild, bumped mysql-extras to not apply a security patch, that's already now applied and emerged. SSL test still fails: penssl_1 [ fail ] mysqltest: At line 19: query 'connect con1,localhost,ssl_user1,,,,,SSL' failed: 2026: SSL connection error The result from queries just before the failure was: drop table if exists t1; create table t1(f1 int); insert into t1 values (5); grant select on test.* to ssl_user1@localhost require SSL; grant select on test.* to ssl_user2@localhost require cipher "DHE-RSA-AES256-SHA"; grant select on test.* to ssl_user3@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB/emailAddress=abstract.mysql.developer@mysql.com"; grant select on test.* to ssl_user4@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB/emailAddress=abstract.mysql.developer@mysql.com" ISSUER "/C=SE/ST=Uppsala/L=Uppsala/O=MySQL AB"; grant select on test.* to ssl_user5@localhost require cipher "DHE-RSA-AES256-SHA" AND SUBJECT "xxx"; flush privileges; More results from queries before failure can be found in /var/tmp/portage/dev-db/mysql-5.0.52/work/mysql/mysql-test/var/log/openssl_1.log Stopping All Servers Restoring snapshot of databases Resuming Tests rpl_openssl [ fail ] timeout Stopping All Servers Restoring snapshot of databases Resuming Tests But everything else seems to work fine. Anyway here are the files http://tvu.org.ru/mysql/mysql-5.0.52.ebuild http://tvu.org.ru/mysql/mysql-5.0.52.tar.gz http://tvu.org.ru/mysql/mysql-extras-20071212.tar.bz2
http://lists.mysql.com/commits/40371 The above contains a patch for the OpenSSL test failure issue. Will apply later in the weekend (sorry about the delays, been busy with family stuff and usual year end madness).
According to http://www.jasonlitka.com/2007/12/27/upgrading-to-mysql-5054-on-rhel-and-centos/ this has been fixed in 5.0.54
The SSL wasn't fixed in 5.0.54, but after 5.0.54, I used the patch from upstream anyway now. Sorry about the delay, this was a hard release to deal with. The extras tarball contains 359k of new patches, of which a massive 217k was me having to do the min/min -> MYSQL_MIN/MAX change by hand because of a large number of rejects. It's pmasked in the tree for now, I would appreciate if everybody would run the full testsuite, esp on the less major arches, as well as their own stuff to try it out.
