Dear MySQL users,

MySQL Server 5.6.34, a new version of the popular Open Source
Database Management System, has been released. MySQL 5.6.34 is
recommended for use on production systems.

For an overview of what's new in MySQL 5.6, please see

http://dev.mysql.com/doc/refman/5.6/en/mysql-nutshell.html

Starting with 5.6.11, Microsoft Windows packages for MySQL 5.6
are available both as a "full" installer and as a "web" installer.
The full installer is significantly larger and comes bundled with
the latest software releases available. This bundle makes it easy
to download and configure a full server and development suite.

The web installer doesn't come bundled with any actual products
and instead relies on download-on-demand to fetch only the
products you choose to install. This makes the initial download
much smaller but increases install time as the individual products
will need to be downloaded.

For information on installing MySQL 5.6.34 on new servers or upgrading
to MySQL 5.6.34 from previous MySQL releases, please see

http://dev.mysql.com/doc/refman/5.6/en/installing.html

MySQL Server is available in source and binary form for a number of
platforms from our download pages at

http://dev.mysql.com/downloads/

Not all mirror sites may be up to date at this point in time, so if you
can't find this version on some mirror, please try again later or choose
another download site.

We welcome and appreciate your feedback, bug reports, bug fixes,
patches, etc:

https://wikis.oracle.com/display/mysql/Contributing

The following section lists the changes in MySQL 5.6 since
the release of MySQL 5.6.33. It may also be viewed
online at

http://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-34.html

Enjoy!

=============================================================================Changes in MySQL 5.6.34 (2016-10-12)


* Packaging Notes

* Security Notes

* Functionality Added or Changed

Packaging Notes

* RPM and Debian packages now create the
/var/lib/mysql-files directory, which is now the default
value of the secure_file_priv system variable that
specifies a directory for import and export operations.
(Bug #24709892, Bug #24761774)

Security Notes

* Incompatible Change: The secure_file_priv system variable
is used to limit the effect of data import and export
operations. The following changes have been made to how
the server handles this variable:

+ secure_file_priv can be set to NULL to disable all
import and export operations.

+ The server checks the value of secure_file_priv at
startup and writes a warning to the error log if the
value is insecure. A non-NULL value is considered
insecure if it is empty, or the value is the data
directory or a subdirectory of it, or a directory
that is accessible by all users. If secure_file_priv
is set to a nonexistent path, the server writes an
error message to the error log and exits.

+ Previously, the secure_file_priv system variable was
empty by default. Now the default value is platform
specific and depends on the value of the
INSTALL_LAYOUT CMake option, as shown in the
following table.

INSTALL_LAYOUT Value Default secure_file_priv Value
-------------------- ------------------------------------------------
STANDALONE, WIN NULL
DEB, RPM, SLES, SVR4 /var/lib/mysql-files
Otherwise mysql-files under the CMAKE_INSTALL_PREFIX value

+ To specify the default secure_file_priv value
explicitly if you are building from source, use the
new INSTALL_SECURE_FILE_PRIVDIR CMake option. To
specify a directory for the embedded server, set the
new INSTALL_SECURE_FILE_PRIV_EMBEDDEDDIR option. Its
default value is NULL.
(Bug #24679907, Bug #24695274, Bug #24707666)

Functionality Added or Changed

* yaSSL was upgraded to version 2.4.2. This upgrade
corrects issues with: Potential AES side channel leaks;
DSA padding for unusual sizes; the
SSL_CTX_load_verify_locations() OpenSSL compatibility
function failing to handle long path directory names.
(Bug #24512715, Bug #24740291)