[debian-mysql] Bug#914172: Bug#914172: Bug#914172: Bug#914172: mariadb-server-10.1: mariadb-server sec-update (10.1.37-0+deb9u1) uninstalls default-mysql-server, mysql-server, mariadb-server-10.1 & mariadb-client-10.1

Robie Basak robie.basak at ubuntu.com
Thu Nov 22 17:32:49 GMT 2018

On Thu, Nov 22, 2018 at 10:44:42AM +0100, David Escala wrote:
> Perhaps we should change the apt dist-upgrade command for security updates
> (suggestions?), but
> not adding new dependencies in a security update may also be a good policy.

You should use apt pinning to restrict package upgrades to security
updates only. See what the unattended-upgrades package does for an
example. Removing apt's visibility of stuff that it already has
installed on the system is a hack that will lead to the problem you've

I'm interested for someone to confirm that pinning will solve this
problem correctly in this particular case. I believe that it will but am
not certain.

I don't know about Debian's policies in adding dependencies to security
updates. Clearly it is to be avoided, but there might be some situations
when it is necessary for security purposes. Therefore, I'm not sure that
this should be considered a bug at all from mariadb packaging's point of
view, unless there is some other reason that the dependency addition
should not have gone in.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-mysql-maint/attachments/20181122/bda0ee3d/attachment.sig>

More information about the pkg-mysql-maint mailing list