[debian-mysql] MariaDB 10.1.38 update pending

Moritz Muehlenhoff jmm at inutil.org
Sat Feb 23 14:58:13 GMT 2019


On Sat, Feb 23, 2019 at 02:41:10PM +0100, Salvatore Bonaccorso wrote:
> Hi Otto,
> 
> On Fri, Feb 22, 2019 at 01:29:35PM +0200, Otto Kekäläinen wrote:
> > Hello!
> > 
> > su 10. helmik. 2019 klo 13.32 Otto Kekäläinen (otto at debian.org) kirjoitti:
> > >
> > > Anyway, regardless of what you want to to, the MariaDB 10.1.38 without
> > > any extras is available at
> > > https://salsa.debian.org/mariadb-team/mariadb-10.1/commits/stretch
> > > with everything set for upload if you want to make a security upload.
> > > Gitlab-CI tests pass and it was already uploaded to Ubuntu 18.04 and
> > > no regressions have been found.
> > >
> > > If we want to postpone this to next stable update and put in some
> > > extra bugfixing patches, then that is fine by me. Those patches would
> > > go anyway on top of what is in Stretch branch of mariadb-10.1 now.
> > 
> > I tried to research on Feb 10-11th when the next Stretch update is
> > scheduled for, but I didn't find any dates announced. Then it was
> > however released last weekend. If I would have known that I would have
> > pushed this into a stable update..
> > Please let me know if there is a stable updates schedule somewhere.
> 
> Have a look on https://release.debian.org/ they are usually announced
> there (and a post been made by SRM on debian-release at l.d.o and related
> interested lists, like debian-security, I think as well debian-boot
> etc ...).
> 
> I think there is a well a ics file which one can import with the
> dates, https://wiki.debian.org/SocialEventAndConferenceCalendars but
> this one might be to not contain all dates.
> 
> Doe to personal constraints I think I will not be able to review your
> changes, but here my opinion: Given the lack of information for the
> two CVEs we might be better of to (this time) release a DSA, and in
> particular include as well the changes to adress the build failures
> (not sure on the others, an imput from SRM if they are okay would be
> good I think). At least wo security updates (coturn and dovecot) were
> blocked on last point release to enter 9.8 because they picked up the
> dependency for mariadb on security, which was then not available on
> all previous built architectures.
> 
> Mortiz what do you think? Go for a DSA based on the new upstrema
> version *and* the other proposed fixes?

Yeah, sounds good.

Cheers,
        Moritz



More information about the pkg-mysql-maint mailing list