Bugs fixed in MySQL 3.23.58

The following issues have been resolved in 3.23.58.

* Fixed buffer overflow in password handling which could potentially be exploited by MySQL users with `ALTER' privilege on the `mysql.user' table to execute random code or to gain shell access with the UID of the mysqld process (thanks to Jedi/Sector One for spotting and reporting this bug).

* `mysqldump' now correctly quotes all identifiers when communicating with the server. This assures that during the dump process, `mysqldump' will never send queries to the server that result in a syntax error. This problem is *not* related to the `mysqldump' program's output, which was not changed. (Bug #1148)

* Fixed table/column grant handling - proper sort order (from most specific to less specific, *note Request access::) was not honored. (Bug #928)

* Fixed overflow bug in `MyISAM' and `ISAM' when a row is updated in a table with a large number of columns and at least one 'BLOB/TEXT' column.

* Fixed MySQL so that field length (in C API) for the second column in `SHOW CREATE TABLE' is always larger than the data length. The only known application that was affected by the old behaviour was Borland dbExpress, which truncated the output from the command. (Bug #1064)

* Fixed `ISAM' bug in `MAX()' optimisation.

* Fixed `Unknown error' when doing `ORDER BY' on reference table which was used with `NULL' value on `NOT NULL' column. (Bug #479)

Please refer to our bug database at http://bugs.mysql.com/ for more details about the individual bugs fixed in this version.