[debian-mysql] MariaDB and MySQL security releases

Otto Kekäläinen otto at seravo.fi
Fri Mar 14 06:59:53 UTC 2014


2014-03-14 0:39 GMT+02:00 Stewart Smith <stewart at flamingspork.com>:
> You cannot generally take the security patches by hand unless Maria is
> going through all the code changes in Oracle releases and finding out
> which ones exactly are the security issues. Maybe they are... maybe they
> aren't.. maybe this will change for MariaDB 10.0, but at least
> historically for MariaDB 5.5 I haven't seen them doing that.


You're right. I can feasibly only hand pick security fixes that are in
the MariaDB bzr log individual commits and described as security
fixes. Not all will be like that. So point release updates to stable
distro releases (as MySQL does) is definitely best and only approach
to maintaining these packages.


-- 
Check out our blog at http://seravo.fi/blog
and follow @ottokekalainen



More information about the pkg-mysql-maint mailing list