Re: Future of MariaDB in stretch-lts (was: Re: CVE-2020-15180: MariaDB)
On 03/11/2020 20:02, Holger Levsen wrote:
On Mon, Nov 02, 2020 at 09:15:32PM +0200, Otto Kekäläinen wrote:
I don't have any particular plans. I'll keep updating the package for
as long as upstream provides updates. For 10.1 the updates are indeed
officially over now: https://mariadb.org/about/#maintenance-policy
What options do we have anyway? Does the LTS team think they should be
responsible for providing security updates beyond what upstreams do?
yes, that's what we often do.
Or are you thinking about providing backports?
or we do this ;)
During the 10.5 packaging cycle I have tested building backports for
every commit (see e.g.
The galera-4 dependency is already available in
stretch-backports-sloppy. If you are interested in backports, that
could be a viable option.
how compatible are 10.1 and 10.5?
buster has 10.3, so if anything, we should upgrade to 10.3. However that's a
major upgrade, so before doing that, we should consider carefully consider
whether we can get 10.1 supported for longer (perhaps with some upstream help).