[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Upload MariaDB 1:10.3.37-0+deb10u1 ?

Hi!

On Mon, 26 Dec 2022 at 14:08, Otto Kekäläinen <otto@debian.org> wrote:
>
> On Mon, 5 Dec 2022 at 01:18, Utkarsh Gupta <guptautkarsh2102@gmail.com> wrote:
> >
> > Hi Otto,
> >
> > On Mon, Dec 5, 2022 at 5:33 AM Otto Kekäläinen <otto@debian.org> wrote:
> > > I didn't get a reply to this, so asking again.
> >
> > I could take care of the upload but if you'd like to do that, please
> > feel free to do so and I can take care of the paperwork. One quick
> > thing I spotted in the target in d/ch is "buster". Could you please
> > change that to "buster-security" instead?
> >
> > Let me know if you'd like to upload yourself or want me to take care
> > of it. Thanks.
>
> Sorry for the late reply, but 10.3.37 does not include any CVE tracked
> security fixes (https://mariadb.com/kb/en/security/) so I guess it
> does not warrant a buster-*security* upload. I will just leave it at
> https://salsa.debian.org/mariadb-team/mariadb-10.3/-/commits/buster as
> the base for importing 10.3.38 in January/February.

Upstream released today 10.3.38 but it does not have CVEs either:
- https://mariadb.com/kb/en/mariadb-10-3-38-release-notes/
- https://mariadb.com/kb/en/security/

I can however prepare an upload to Debian LTS if you think it would be
justified purely on maintenance/bugs fixed.
Reply to: