Re: #1036797 bullseye-pu: package mariadb-10.5 10.5.20-0+deb11u1

To: Otto Kekäläinen <otto@kekalainen.net>, Debian LTS <debian-lts@lists.debian.org>
Subject: Re: #1036797 bullseye-pu: package mariadb-10.5 10.5.20-0+deb11u1
From: Sylvain Beucler <beuc@beuc.net>
Date: Thu, 22 Jun 2023 22:53:10 +0200
Message-id: <[🔎] b573d5fb-11b7-c5eb-b4d6-8433980e6b11@beuc.net>
In-reply-to: <[🔎] CAOU6tADCEDQeuGdW4bbY2KuDD4g05uCW0ZK3GTepL4+f2KDquw@mail.gmail.com>
References: <[🔎] CAOU6tADCEDQeuGdW4bbY2KuDD4g05uCW0ZK3GTepL4+f2KDquw@mail.gmail.com>

Hello Otto,

On 22/06/2023 19:41, Otto Kekäläinen wrote:

I filed on May 26th this but never got any reply from stable managers:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=103679

It is affected by only one minor CVE-2022-47015. The same CVE was
already fixed in DLA-3444-1 with MariaDB 10.3.39 which was the LTS
until two weeks ago.

Since bullseye is LTS now, I just wanted to quickly get ack'ed by the
LTS team that I should prepare this as for Bullseye?

bullseye is "oldstable" but security updates are still managed by theSecurity Team for 1 year, before LTS takes over in 2024.

https://wiki.debian.org/LTS was recently updated and should carry theright information :)


Cheers!
Sylvain

Reply to:

References:
- #1036797 bullseye-pu: package mariadb-10.5 10.5.20-0+deb11u1
  - From: Otto Kekäläinen <otto@kekalainen.net>

Prev by Date: #1036797 bullseye-pu: package mariadb-10.5 10.5.20-0+deb11u1
Next by Date: c-ares, CVE-2023-31147, CVE-2023-31124
Previous by thread: #1036797 bullseye-pu: package mariadb-10.5 10.5.20-0+deb11u1
Next by thread: c-ares, CVE-2023-31147, CVE-2023-31124
Index(es):
- Date
- Thread