[Bug 2031548] Re: 8.0.34 client lib change in behavior/output - new warning - breaking apps
Francis Devereux
2031548 at bugs.launchpad.net
Tue Sep 19 15:37:41 UTC 2023
Even for focal security updates? It was surprising to me that a security
update introduced this new stderr output and it would be even more
surprising if a security update removed a feature (unless doing so was
necessary to fix a security problem).
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to apr-util in Ubuntu.
https://bugs.launchpad.net/bugs/2031548
Title:
8.0.34 client lib change in behavior/output - new warning - breaking
apps
Status in MySQL Server:
Unknown
Status in apr-util package in Ubuntu:
Confirmed
Status in libdbd-mysql-perl package in Ubuntu:
Fix Released
Status in mysql-8.0 package in Ubuntu:
Confirmed
Status in apr-util source package in Focal:
Fix Released
Status in libdbd-mysql-perl source package in Focal:
Fix Released
Status in mysql-8.0 source package in Focal:
Confirmed
Status in apr-util source package in Jammy:
Fix Released
Status in libdbd-mysql-perl source package in Jammy:
Fix Released
Status in mysql-8.0 source package in Jammy:
Confirmed
Status in apr-util source package in Lunar:
Fix Released
Status in libdbd-mysql-perl source package in Lunar:
Fix Released
Status in mysql-8.0 source package in Lunar:
Confirmed
Status in apr-util source package in Mantic:
Confirmed
Status in libdbd-mysql-perl source package in Mantic:
Fix Released
Status in mysql-8.0 source package in Mantic:
Confirmed
Bug description:
The introduction of this warning output in a MINOR version/security
update is completely inappropriate, regardless of it's validity. A
minor version update of a package should NEVER change fundamental
behavior
WARNING: MYSQL_OPT_RECONNECT is deprecated and will be removed in
a future version.
Any application (particularly web applications) that depended on mysql
client library are now broken due to this additional warning being
just dumped into the output of the app, such a API endpoints producing
JSON.
Please produce a newer build that does output the warning.
I am not arguing for or against the change in functionality/defaults
on the MYSQL_OPT_RECONNECT -- only about the zero-warning introduction
of new warning level output in a dependent library.
If this were a "hey we just found a major security problem, and we see
you are using the function in a way that triggers it, so we are going
to spew out an _ERROR_ level warning", that might be justifiable.
Spewing out a new warning to say "Your app MIGHT break in the future."
when the new effect is "We're going to break it NOW!" is not.
8.0.33-0ubuntu0.20.04.4 is last working
8.0.34-0ubuntu0.20.04.1 is when the BUG was introduced.
To manage notifications about this bug go to:
https://bugs.launchpad.net/mysql-server/+bug/2031548/+subscriptions
More information about the foundations-bugs
mailing list