Category Archives: Security

MariaDB 11.8 LTS Released

Written by Written by Kaj Arnö Leave a comment on MariaDB 11.8 LTS Released

Now is a good time to upgrade to the freshest MariaDB Server. MariaDB 11.8 is the yearly long term support release for 2025. It’s the first LTS with support for MariaDB Vector, and it includes a number of other updates based on user requests. You can seamlessly upgrade to MariaDB 11.8 from MariaDB 11.4 (the previous LTS) or any older release, back to MariaDB Server 10.0 or earlier, including most versions of MySQL Server.

MariaDB 11.8 LTS includes everything added since 11.4, incorporating changes from 11.5, 11.6, 11.7, as well as new features not released before.

Continue reading “MariaDB 11.8 LTS Released”

MariaDB, an Open Source Alternative

Written by Written by Kaj Arnö

We live in a world where national interests intertwine with IT vendor interests. Interest is currently booming in “European Alternatives“. I’m happy to note that MariaDB Server is unaffected by considerations related to protectionism. In fact, choosing Open Source protects the user – an individual, an organisation, or a government – from protectionism itself.

Licensing prevails over national interests

Politicians come and go. National interests prevail a bit longer than individual politicians.
Companies also evolve, get acquired and merged across national borders.
Licensing of already released software remains constant across mergers and acquisitions.

Continue reading “MariaDB, an Open Source Alternative”

MariaDB 11.8 is LTS

Written by Written by Kaj Arnö

Confirming what you probably already expected: MariaDB Server 11.8 will be a long-term support release. 

Now a Release Candidate – GA in May

With MariaDB Vector as the lead new feature, MariaDB 11.8 succeeds the previous LTS MariaDB 11.4 from a year ago.

As of now, MariaDB 11.8 is at the Release Candidate stage, with GA planned for May.

Lots of new features since MariaDB 11.4

MariaDB 11.8 has about 60 features, large and small, on top of the previous LTS, MariaDB 11.4. At our recent MariaDB Day on 1 Feb 2025 in Brussels, MariaDB Corporation Chief Architect Sergei Golubchik gave an overview of 11.8.

Continue reading “MariaDB 11.8 is LTS”

MariaDB Dump File Compatibility Change

Written by Written by Andrew Hutchings 5 Comments on MariaDB Dump File Compatibility Change

Both MariaDB and MySQL have been around a long time now, and there is always a difficult balance between maintaining compatibility whilst also solving security issues that arise. With the latest bugfix releases of MariaDB, we had to break compatibility a little to improve security, but there are workarounds. We figured we should explain the reasons behind it and how to make things as painless as possible for you.

The Problem

The problem we were solving, and for various reasons we had to do it very quickly, is that it is possible to generate a malicious MariaDB dump file which could execute shell commands from the MariaDB client.

Continue reading “MariaDB Dump File Compatibility Change”

Mission Impossible: Zero-Configuration SSL

Written by Written by Sergei 1 Comment on Mission Impossible: Zero-Configuration SSL

SSL (let’s call it that, even though SSL 2.0 and SSL 3.0 were long replaced by TLS 1.0–1.3 protocols) support was implemented in MySQL in 2001, so MariaDB (born in 2009) always had it. But over more than twenty years of SSL support there was one huge problem with it. It required tedious manual configuration, so most users never bothered and accepted the fact that their queries and data were sent unprotected. Which might have been slightly risky in 2001, but is definitely reckless in 2023.

The traditional approach

Let’s see. First, the user installing MariaDB or MySQL has to generate a private key and a certificate.

Continue reading “Mission Impossible: Zero-Configuration SSL”

Multi-tenancy through catalogs in MariaDB Server

Written by Written by Kaj Arnö 2 Comments on Multi-tenancy through catalogs in MariaDB Server

Let’s say you are a Cloud Service Provider, with many customers – each having many MariaDB Server users and databases. What if several such customers could share a single instance of MariaDB Server? That’s what we call the catalog feature, a feature that – if implemented – could potentially save lots of resources (and thus costs!) in a number of high-end use cases.

How the idea was born

At CloudFest 2023 near Frankfurt in March, we had in-depth meetings with a number of heavy MariaDB Server users – ones that one best would describe as Cloud Service Providers (CSPs).

Continue reading “Multi-tenancy through catalogs in MariaDB Server”

Delaying Server Fest until Wed 6 April 2022

Written by Written by Kaj Arnö

Things happen, schedules change. I don’t want to bother you with details, so you’ll have to take my word for it: Events related to Russia invading Ukraine have caused us to delay our Security themed MariaDB Server Fest with a week, from Wed 30 March to Wed 6 April 2022.

This is probably the mildest of the consequences of the ongoing war. Nonetheless, we apologise for the inconvenience.

Continue reading “Delaying Server Fest until Wed 6 April 2022”

Security: MariaDB Server MiniFest 30 March 2022 – CfP

Written by Written by Kaj Arnö

Mark your calendars! On Wed 30 March 2022 Wed 6 April 2022, we will have the first MariaDB Server MiniFest of the year. The theme of the day is security, in all its shapes and forms – as long as it is relevant to the MariaDB Server user base.

Call for Papers

Submit your paper by 1 March 2022, if your work on security is of interest to the MariaDB ecosystem. We have ongoing discussions with a number of great presenters already, but submissions are welcome.

Continue reading “Security: MariaDB Server MiniFest 30 March 2022 – CfP”