MariaDB Dump File Compatibility Change

Both MariaDB and MySQL have been around a long time now, and there is always a difficult balance between maintaining compatibility whilst also solving security issues that arise. With the latest bugfix releases of MariaDB, we had to break compatibility a little to improve security, but there are workarounds. We figured we should explain the reasons behind it and how to make things as painless as possible for you.

The Problem

The problem we were solving, and for various reasons we had to do it very quickly, is that it is possible to generate a malicious MariaDB dump file which could execute shell commands from the MariaDB client.

Mission Impossible: Zero-Configuration SSL

SSL (let’s call it that, even though SSL 2.0 and SSL 3.0 were long replaced by TLS 1.0–1.3 protocols) support was implemented in MySQL in 2001, so MariaDB (born in 2009) always had it. But over more than twenty years of SSL support there was one huge problem with it. It required tedious manual configuration, so most users never bothered and accepted the fact that their queries and data were sent unprotected. Which might have been slightly risky in 2001, but is definitely reckless in 2023.

The traditional approach

Let’s see. First, the user installing MariaDB or MySQL has to generate a private key and a certificate.

Quick peek: MariaDB Galera Cluster Security talk

Seppo Jaakola is going to present the topic “MariaDB Galera Cluster Security” at the Security MariaDB Server Fest (Wed 6 April 2022).

I’m currently watching his talk. Let me share with you some details. Seppo is not talking about native MariaDB security features that are by default supported by Galera, but due to the distributed cluster topology additional security related measures are needed. He talks about cluster topology, cluster communication security, Galera enhancement Data at REST encryption and the new 10.9 feature Node screening by IP Allowlist.

Do you have questions to ask Seppo?

10.7 preview feature: Password Reuse Check plugin

By default, MariaDB does not check if a user reuses a password. Some security policies require users to choose a new password each time, and the Password Reuse Check plugin, available in a MariaDB 10.7.0 preview, enables this functionality.

Old passwords are stored in the mysql.password_reuse_check_history table, and the period they are retained for is determined by the password-reuse-check-interval system variable, which specifies a number of days. By default this is zero, meaning unlimited retention.

The password can be used in conjunction with other password validation plugins, such as the Simple Password Check plugin or the CrackLib Password Check plugin.

MariaDB 10.4.13, 10.3.23, 10.2.32, 10.1.45 and 5.5.68 now available

The MariaDB Foundation is pleased to announce the availability of MariaDB 10.4.13, MariaDB 10.3.23, MariaDB 10.2.32, MariaDB 10.1.45 and MariaDB 5.5.68, the latest stable releases in their respective series.

This is the final release of MariaDB 5.5, and MariaDB 5.5 will no longer receive any updates or bugfixes.

See the release notes and changelogs for details.

Download MariaDB 10.4.13

Release Notes Changelog What is MariaDB 10.4?


Download MariaDB 10.3.23

Release Notes Changelog What is MariaDB 10.3?

MariaDB 10.4.5 Now Available

The MariaDB Foundation is pleased to announce the availability of MariaDB 10.4.5, the second MariaDB 10.4 release candidate.

See the release notes and changelogs for details.

Download MariaDB 10.4.5

Release Notes Changelog What is MariaDB 10.4?

MariaDB APT and YUM Repository Configuration Generator


Contributors to MariaDB 10.4.5

Aleksey Midenkov (Tempesta)
Alexander Barkov (MariaDB Corporation)
Alexey Botchkov (MariaDB Corporation)
Andrea Kao
Andrei Elkin (MariaDB Corporation)
Anel Husakovic (MariaDB Foundation)
Daniel Bartholomew (MariaDB Corporation)
Daniel Black (IBM)
Elena Stepanova (MariaDB Corporation)
Eugene Kosov (Tempesta)
Galina Shalygina (MariaDB Corporation)
hygonsoc
Ian Gilfillan (MariaDB Foundation)
Igor Babaev (MariaDB Corporation)
Jan Lindström (MariaDB Corporation)
Kentoku Shiba
Marko Mäkelä (MariaDB Corporation)
Michael Widenius (MariaDB Corporation and MariaDB Foundation)
Michal Schorm (Red Hat)
Nikita Malyavin (Tempesta)
Oleksandr Byelkin (MariaDB Corporation)
Olivier Bertrand
qingda2019
Rasmus Johansson (MariaDB Corporation)
Robert Bindar (MariaDB Foundation)
Sachin Setiya (MariaDB Corporation)
Seppo Jaakola (Codership)
Sergei Golubchik (MariaDB Corporation)
Sergei Petrunia (MariaDB Corporation)
Sergey Vojtovich (MariaDB Foundation)
Sujatha Sivakumar (MariaDB Corporation)
Thirunarayanan Balathandayuthapani (MariaDB Corporation)
Varun Gupta (MariaDB Corporation)
Vicențiu Ciorbaru (MariaDB Foundation)
Vladislav Vaintroub (MariaDB Corporation)
Vlad Lesin
wayne
willhan
Zsolt Parragi (Percona)
39 Contributors

Thanks, and enjoy MariaDB! …

MariaDB 10.3.15, MariaDB Connector/C 3.0.10, MariaDB Connector/Node.js 2.0.5 and MariaDB Connector/ODBC 3.1.1 Now Available

The MariaDB Foundation is pleased to announce the availability of MariaDB 10.3.15, the latest stable release in the MariaDB 10.3 series, as well as MariaDB Connector/C 3.0.10, MariaDB Connector/ODBC 3.1.1 and MariaDB Connector/Node.js 2.0.5, the latest MariaDB Connector releases.

See the release notes and changelogs for details.

Download MariaDB 10.3.15

Release Notes Changelog What is MariaDB 10.3?

MariaDB APT and YUM Repository Configuration Generator


Download MariaDB Connector/C 3.0.10

Release Notes Changelog About MariaDB Connector/C


MariaDB Connector/Node.js 2.0.5

Release Notes Changelog About MariaDB Connector/Node.js


Download MariaDB Connector/ODBC 3.1.1

Release Notes Changelog About MariaDB Connector/ODBC


Contributors to MariaDB 10.3.15

Aleksey Midenkov (Tempesta)
Alexander Barkov (MariaDB Corporation)
Alexey Botchkov (MariaDB Corporation)
Andrea Kao
Andrei Elkin (MariaDB Corporation)
Anel Husakovic (MariaDB Foundation)
Daniel Bartholomew (MariaDB Corporation)
Daniel Black (IBM)
Elena Stepanova (MariaDB Corporation)
Eugene Kosov (Tempesta)
Galina Shalygina (MariaDB Corporation)
Ian Gilfillan (MariaDB Foundation)
Igor Babaev (MariaDB Corporation)
Jan Lindström (MariaDB Corporation)
Marko Mäkelä (MariaDB Corporation)
Michael Widenius (MariaDB Corporation and MariaDB Foundation)
Nikita Malyavin (Tempesta)
Oleksandr Byelkin (MariaDB Corporation)
Olivier Bertrand
qingda2019
Rasmus Johansson (MariaDB Corporation)
Robert Bindar (MariaDB Foundation)
Sergei Golubchik (MariaDB Corporation)
Sergei Petrunia (MariaDB Corporation)
Sergey Vojtovich (MariaDB Foundation)
Sujatha Sivakumar (MariaDB Corporation)
Thirunarayanan Balathandayuthapani (MariaDB Corporation)
Varun Gupta (MariaDB Corporation)
Vladislav Vaintroub (MariaDB Corporation)
Vlad Lesin
wayne
Zsolt Parragi (Percona)
32 Contributors

Thanks, and enjoy MariaDB! …

MariaDB 10.2.24 Now Available

The MariaDB Foundation is pleased to announce the availability of MariaDB 10.2.24, the latest stable release in the MariaDB 10.2 series. See the release notes and changelogs for details.

Download MariaDB 10.2.24

Release Notes Changelog What is MariaDB 10.2?

MariaDB APT and YUM Repository Configuration Generator


Contributors to MariaDB 10.2.24

Aleksey Midenkov (Tempesta)
Alexander Barkov (MariaDB Corporation)
Alexey Botchkov (MariaDB Corporation)
Anel Husakovic (MariaDB Foundation)
Bernhard M. Wiedemann (SUSE)
Chris Calender (MariaDB Corporation)
Daniel Bartholomew (MariaDB Corporation)
Daniel Black (IBM)
Elena Stepanova (MariaDB Corporation)
Eugene Kosov (Tempesta)
Ian Gilfillan (MariaDB Foundation)
Igor Babaev (MariaDB Corporation)
Jan Lindström (MariaDB Corporation)
Marko Mäkelä (MariaDB Corporation)
Michael Widenius (MariaDB Corporation and MariaDB Foundation)
Michal Schorm (Red Hat)
Nikita Malyavin (Tempesta)
Oleksandr Byelkin (MariaDB Corporation)
Olivier Bertrand
qingda2019
Robert Bindar (MariaDB Foundation)
Sachin Setiya (MariaDB Corporation)
Sergei Golubchik (MariaDB Corporation)
Sergei Petrunia (MariaDB Corporation)
Sergey Vojtovich (MariaDB Foundation)
Sujatha Sivakumar (MariaDB Corporation)
Thirunarayanan Balathandayuthapani (MariaDB Corporation)
Varun Gupta (MariaDB Corporation)
Vladislav Vaintroub (MariaDB Corporation)
Vlad Lesin
Zsolt Parragi (Percona)
31 Contributors

Thanks, and enjoy MariaDB! …