[debian-mysql] Bug#1105976: mariadb: CVE-2025-30722 CVE-2025-30693

Sat May 24 02:30:52 BST 2025

Hi!

> Hi,
>
> FYI: The new upstream minor version have been ready for review for 10+
> days, and they include these CVE fixes. There are however potential
> regressions so I am holding back from uploading yet.
>
> * https://salsa.debian.org/mariadb-team/mariadb-server/-/merge_requests/119
> * https://salsa.debian.org/mariadb-team/mariadb-server/-/merge_requests/121
> * https://salsa.debian.org/mariadb-team/mariadb-server/-/merge_requests/120
> * https://salsa.debian.org/mariadb-team/mariadb-server/-/merge_requests/118
> * https://salsa.debian.org/mariadb-team/mariadb-10.5/-/merge_requests/22

MariaDB 11.10.13 is now out and ready for upload in MR!119.

Should we make this a security upload or put into stable-updates?
Does the security team have a preference?

I am fine either way.

- Otto