[debian-mysql] Bug#914172: Bug#914172: Bug#914172: Bug#914172: mariadb-server-10.1: mariadb-server sec-update (10.1.37-0+deb9u1) uninstalls default-mysql-server, mysql-server, mariadb-server-10.1 & mariadb-client-10.1
robie.basak at ubuntu.com
Thu Nov 22 17:32:49 GMT 2018
On Thu, Nov 22, 2018 at 10:44:42AM +0100, David Escala wrote:
> Perhaps we should change the apt dist-upgrade command for security updates
> (suggestions?), but
> not adding new dependencies in a security update may also be a good policy.
You should use apt pinning to restrict package upgrades to security
updates only. See what the unattended-upgrades package does for an
example. Removing apt's visibility of stuff that it already has
installed on the system is a hack that will lead to the problem you've
I'm interested for someone to confirm that pinning will solve this
problem correctly in this particular case. I believe that it will but am
I don't know about Debian's policies in adding dependencies to security
updates. Clearly it is to be avoided, but there might be some situations
when it is necessary for security purposes. Therefore, I'm not sure that
this should be considered a bug at all from mariadb packaging's point of
view, unless there is some other reason that the dependency addition
should not have gone in.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 819 bytes
Desc: not available
More information about the pkg-mysql-maint