Skip to content
Percona Software for MySQL Documentation

Rate this page
Thanks for your feedback
Thank you! The feedback has been submitted.

For help, click the link below to get free database assistance or contact our experts for personalized support.

Get help from Percona

Percona Server for MySQL 9.7.1-1 (2026-06-29)

Instead of releasing Percona Server for MySQL 9.7.0-1, we are skipping to 9.7.1-1. This build includes all of the enhancements and bug fixes from MySQL 9.7.0-0.

Get started with Quickstart Guide for Percona Server for MySQL.

Percona Server for MySQL 9.7.1-1 includes all the features and bug fixes available in the MySQL 9.7.1 Community Edition and enterprise-grade features developed by Percona.

Release highlights

MySQL 9.7.1

Improvements and bug fixes provided by Oracle for MySQL 9.7.1 and included in Percona Server for MySQL are the following:

  • Connection attribute parsing could read a length-encoded size field before verifying that the complete field was present in the packet, leading to an out-of-bounds read. A size check is now performed before reading the field. (Bug #39116965)

  • A regression in row size estimation for ROW_FORMAT=COMPRESSED tables could cause CREATE TABLE to fail with Row size too large for tables that were accepted in earlier releases. (Bug #39129182, Bug #120323)

  • Under certain circumstances, when calculating the maximum possible index record size, an assertion failure could occur. (Bug #85060, Bug #25579578)

Find the complete list of bug fixes and changes in the MySQL 9.7.1 Release Notes.

Security updates

This release addresses the following security vulnerabilities:

  • CVE-2026-46850: A vulnerability in MySQL Shell (Shell for VS Code) allows a low-privileged attacker with network access via HTTP to compromise MySQL Shell, with potential scope change impact on additional products (CVSS 3.1 Base Score 9.9).

  • CVE-2026-46860: A vulnerability in MySQL Router allows an unauthenticated attacker with network access via HTTP to compromise MySQL Router (CVSS 3.1 Base Score 9.8).

  • CVE-2026-46861: A vulnerability in MySQL NDB Cluster (NDB Operator) allows a low-privileged attacker with network access via HTTP to access or modify critical data, with potential scope change impact (CVSS 3.1 Base Score 9.6).

  • CVE-2026-46862: A vulnerability in MySQL Router allows an unauthenticated attacker with network access via TLS to cause a hang or repeatable crash of MySQL Router (CVSS 3.1 Base Score 7.5).

  • CVE-2026-46863: A vulnerability in MySQL Server connection handling allows an unauthenticated attacker with network access via multiple protocols to cause a hang or repeatable crash of the server (CVSS 3.1 Base Score 7.5).

  • CVE-2026-46869: A vulnerability in MySQL Shell (Dump and Load) allows an unauthenticated attacker with network access to access critical data when user interaction is required (CVSS 3.1 Base Score 6.5).

  • CVE-2026-46870: A vulnerability in MySQL Shell (Shell for VS Code) allows a low-privileged attacker with network access to compromise MySQL Shell, with potential scope change impact (CVSS 3.1 Base Score 8.5).

  • CVE-2026-46871: A vulnerability in MySQL Shell (Shell for VS Code) allows a low-privileged attacker with network access via multiple protocols to access critical data (CVSS 3.1 Base Score 6.5).

New features

  • PS-10070: Updated the existing component to use the new KMIP library.

  • PS-10083: Enhanced Thread Pool Statistics.

  • PS-10989: Added JSONL (JSON Lines) output format for Audit Log Filter.

Improvements

  • PS-8867: Increased the verbosity of the data dictionary upgrade process, making it easier to diagnose problems that occur during upgrade.

  • PS-9774: The Audit Log Filter table_access class and read and insert subclasses now log statements in the audit log.

  • PS-10312: The audit log buffer is now flushed on server shutdown when the ASYNCHRONOUS logging strategy is in use, preventing the loss of buffered events.

  • PS-10331: Reduced memory pressure in the Audit Log Filter component caused by VFS buffering.

  • PS-10339: Resolved an inconsistency in audit_log_filter.format=NEW between the 8.0 plugin and the 8.4 component.

  • PS-11004: Removed format=OLD and set JSONL as the default for Audit Log Filter.

  • PS-11161: Performance optimizations for mem_root_deque.

Bug Fixes

  • PS-8670: InnoDB could crash on startup while resuming an interrupted ALTER TABLESPACE encryption operation because progress was persisted before affected pages were flushed to disk in the target encryption state.

  • PS-9773: The Audit Log Filter audit_log_read() function always showed "null" instead of the bookmarked and current information.

  • PS-9791: The audit log format was incorrect.

  • PS-10228: An audit log filter defined with no value did not log any events.

  • PS-10338: audit_log_filter_set_filter() returned OK for filters that referenced unknown field names instead of reporting the error.

  • PS-10348: The Audit Log Filter did not support filtering by integer fields.

  • PS-10351: Reduced the number of events emitted by the Audit Log Filter to improve performance.

  • PS-10378: With the MeCab plugin, a boolean-mode full-text query that used LIMIT still computed ranking scores for all matches, preventing the limit-based optimization from being applied.

  • PS-10435: The general_query.str event field in audit log filters could not be replaced.

  • PS-10448: A prepared INSERT statement failed to write rows across partitions.

  • PS-10449: After changing SUM(DISTINCT x) to -SUM(DISTINCT -x), the value unexpectedly changed.

  • PS-10853: The audit_log_filter plugin crashed because throwing calls were made from filesystem functions declared noexcept.

  • PS-10872: Corrected event subclass naming in the Audit Log Filter and aligned its JSON output with the upstream format.

  • PS-10951: audit_log_filter_set_user() incorrectly updated active sessions instead of only new connections.

  • PS-10987: Improved Audit Log Filter message and connection events by suppressing nested general/status records in audit_log_filter.event_mode=REDUCED.

  • PS-11014: Audit Log Filter replace-field rules returned Parse 'function' arguments list must be an array when query_digest() was specified as a plain JSON string.

  • PS-11073: Tables with large rows that were originally created on earlier MySQL versions could not be created on MySQL 9.7.0.

  • PS-11181: MyRocks could overflow a buffer when rocksdb_merge_buf_size was set above 4 GB.

  • PS-11241: The debug make_page_dirty command logged generic byte updates for compressed index pages, violating redo parser invariants during crash recovery.

  • PS-11242: Preallocated transaction IDs used by clone consistent snapshot could break the descending order of rw_trx_list and trigger a debug assertion during commit.

  • PS-11243: Crash recovery could crash while replaying an unfinished tablespace encryption operation when GTID mode and binary logging were enabled.

Builds and packaging

  • Percona Server for MySQL releases include a mixture of PGO and non-PGO builds. Where Profile-Guided Optimization (PGO) is enabled, the compiler uses runtime profiling data from representative workloads to guide optimization, which can improve throughput and reduce latency compared with non-PGO builds.

  • See Profile-Guided Optimization (PGO) and non-PGO builds for benefits, considerations, and which build you receive for your platform.

Install Percona Server for MySQL 9.7

Upgrade Percona Server for MySQL

The Percona Server for MySQL GitHub repository

Download product binaries, packages, and tarballs at Percona Software Downloads

Contribute to the documentation

For training, contact Percona Training - Start learning now