Description:
end_connection prints out messages like this, depending on *session* log_warnings value:

Aborted connection 2 to db: 'unconnected' user: 'root' host: '' (Got timeout reading communication packets)

This is wrong because it allows a minimally privileged user to write copious amounts of errors to the .err file, unless he is restricted by the number of MAX_CONNECTIONS_PER_HOUR in his user account.

How to repeat:
1. start server with --log-warnings=0;

2. connect any client, set session log_warnings=2; then kill the client app/thread
   so that mysql_close() is skipped.

3. notice in the server error log is an aborted connection error

Suggested fix:
end_connection should reference global_system_variables.log_warnings instead of 
thd->variables.log_warnings

the added bonus with this fix is that *existing* connections will not print errors when ending after an admin has globally set log_warnings=1 (or 0).

Noted in 5.6.4 changelog.

Previously, "Aborted connection" errors were written to the error log
based on the session value of log_warnings, which permitted users
with minimal privileges to cause many messages to be written to the
log unless restricted by the MAX_CONNECTIONS_PER_HOUR resource limit.
Now this logging is based on the global log_warnings variable. There
are no remaining uses of the session log_warnings variable, so it has
been removed that the variable has only a global value. 

Also updated log_warnings description to indicate that it is global only.

the patch for this bug made it not possible to enable session-level warnings in future, in case it would be needed.

http://bugs.mysql.com/bug.php?id=66953