though to hear more people chime in now, so that if I
go ahead and implement some improvements, it is likely to be useful
and not be blocked later and turn out to be wasted effort.
On Fri, 29 Nov 2024 at 09:46, Otto Kekäläinen wrote:
>
> Hi!
>
> > As the initial author of the fork
Hi!
> As the initial author of the fork, I contributed some improvements that I
> thought would be accepted upstream. However, I didn't think other changes
> (such
> as hacks to support jessie) would be accepted, as some of those hacks had been
> removed previously. If the salsa-ci maintainers ag
Hi!
Thanks Sylvain for your reply. Hopefully others on the LTS list can
also chip in too, so we get more more data points and views.
> > 1. Why use `debian/.gitlab-ci.yml` instead of `debian/salsa-ci.yml`?
>
> First, most of this was written by Anton (in Cc:) when mid-2022 when
> experimenting wi
Hi!
I was reading https://lts-team.pages.debian.net/git-workflow-lts.html
and have a couple of questions:
1. Why use `debian/.gitlab-ci.yml` instead of `debian/salsa-ci.yml`?
2. Why run `git checkout -b upstream` and not `git checkout -b
upstream/latest` as per DEP-14?
3. Why do you delete `deb
Hi Sylvain!
I noticed you wrote the page
https://lts-team.pages.debian.net/wiki/TestSuites/galera.html
Are you working on Galera updates for (E)LTS? Do you want me to team
up with me? I could do the updates and you could simply review/approve
to help ensure quality is flawless?
Let me know what
Hi Sylvain,
Thanks for your review on these yesterday! I have updated both to
address your feedback:
https://salsa.debian.org/mariadb-team/galera-4/-/merge_requests/27
https://salsa.debian.org/mariadb-team/mariadb-10.5/-/merge_requests/18
Can you add the entries in
https://salsa.debian.org/secur
Hi!
> > If somebody shouts _yes_, I will post new versions for review at
> > * https://salsa.debian.org/mariadb-team/mariadb-10.5/-/merge_requests
> > * https://salsa.debian.org/mariadb-team/galera-4/-/merge_requests
>
> YES :)
>
> Let me know when the new versions are available for review.
Great
Hi!
I am willing to do the minor version security/bugfix imports for
MariaDB 10.5.x and Galera 4.x to Bullseye, but to ensure highest
quality and good process, I am seeking somebody who could collaborate
on it.
I expect a collaborator to
1. Review the MR of the import and point out if they see an
Hi!
FYI, MariaDB did an extra batch of releases in June. This message is
about 10.3 series.
No MariaDB 10.3.40 did not happen as 10.3 series it out of scope.
However, thinking of cherry-picking 10.4 changes, I did however check
the release notes of 10.4.30. The 3 top issues at
https://mariadb.com
Hi LTS team!
I filed on May 26th this but never got any reply from stable managers:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=103679
It is affected by only one minor CVE-2022-47015. The same CVE was
already fixed in DLA-3444-1 with MariaDB 10.3.39 which was the LTS
until two weeks ago.
S
Hello!
FYI to avoid duplicate/conflicting work:
MariaDB just released a batch of new security/maintenance releases. I
am working to import 10.3, 10.5 and 10.11 into Debian (and eventually
into Ubuntu).
You can follow progress in real time via git commits showing up at
https://salsa.debian.org/ma
> > On 19/03/2023 23:04, Otto Kekäläinen wrote:
> > > Following up on this topic, I noticed that I can't even manually
> > > override the Lintian image version at the moment as the
> > > Buster/Bullseye/Bookworm tags don't exist at
> >
debian.org/salsa-ci-team/pipeline/-/merge_requests/407
I am a bit surprised I seem to be the only one running Salsa-CI when
preparing stable/LTS uploads, this issue must have been making the
pipeline red for everybody building RELEASE=bullseye/buster/stretch.
On Sun, 15 Jan 2023 at 13:25, Otto Kekäläi
Hi!
On Mon, 26 Dec 2022 at 14:08, Otto Kekäläinen wrote:
>
> On Mon, 5 Dec 2022 at 01:18, Utkarsh Gupta wrote:
> >
> > Hi Otto,
> >
> > On Mon, Dec 5, 2022 at 5:33 AM Otto Kekäläinen wrote:
> > > I didn't get a reply to this, so asking again.
&g
Hi!
> > Do you use Salsa-CI (and Lintian v2.115.3) for quality assurance of
> > your packages before uploading to Debian Bullseye or Buster?
>
> Until a few minutes ago, no, I did not test using the latest version
> of Lintian from unstable. Rather, I was using the version in
> buster/bullseye/str
QA packages before upload to _any_ Debian release?
On Sun, 20 Nov 2022 at 13:50, Otto Kekäläinen wrote:
>
> > > I do however have some challenges that some of the build jobs don't
> > > honor the RELEASE variable. For example Lintian is run with the latest
> > >
On Mon, 5 Dec 2022 at 01:18, Utkarsh Gupta wrote:
>
> Hi Otto,
>
> On Mon, Dec 5, 2022 at 5:33 AM Otto Kekäläinen wrote:
> > I didn't get a reply to this, so asking again.
>
> I could take care of the upload but if you'd like to do that, please
> feel fre
Hi Emilio!
I didn't get a reply to this, so asking again.
On Sun, 20 Nov 2022 at 17:57, Otto Kekäläinen wrote:
>
> Hello Emilio!
>
> MariaDB 1:10.3.37-0+deb10u1 is ready for upload at
> https://salsa.debian.org/mariadb-team/mariadb-10.3/-/commits/buster
>
> Do yo
Hello Emilio!
MariaDB 1:10.3.37-0+deb10u1 is ready for upload at
https://salsa.debian.org/mariadb-team/mariadb-10.3/-/commits/buster
Do you want to take care of the upload?
> > I do however have some challenges that some of the build jobs don't
> > honor the RELEASE variable. For example Lintian is run with the latest
> > 2.115 version and not the Bullseye/Buster version, so it leads to
> > failures that are not actual regressions.
>
> Can you briefly clarify what thi
Hi!
I was wondering how common is it for DDs to use Salsa-CI while doing
quality assurance prior to Bullseye and Buster uploads?
I have been using Salsa-CI since many years back, and the MariaDB
releases in Buster and Bullseye were done during the Salsa-CI era, and
I continue to run Salsa-CI for
Hello LTS team!
Users of Debian LTS are currently affected by a bug that prevents
skipping Debian releases. If skipping a release is not possible in an
upgrade, it makes using LTS kind of moot.
For discoverability, I posted a summary and workaround steps at
https://bugs.debian.org/cgi-bin/bugrepo
Hi Emilio!
Please try pushing now. I don't see any of your commits on
https://salsa.debian.org/mariadb-team/mariadb-10.3/-/commits/buster
yet.
On Sat, 8 Oct 2022 at 16:08, Otto Kekäläinen wrote:
>
> > btw, while importing my changes, I have noticed that I have a bunch of extra
&
Hi Emilio!
On Sat, 8 Oct 2022 at 16:04, Otto Kekäläinen wrote:
>
> On Fri, 30 Sept 2022 at 04:31, Emilio Pozuelo Monfort
> wrote:
> >
> > On 26/09/2022 05:39, Otto Kekäläinen wrote:
> > > Hello Emilio!
> > >
> > > I see you uploaded:
> &
> btw, while importing my changes, I have noticed that I have a bunch of extra
> files in my debian/ dir. Which are neither in git, nor in the 10.3.34 buster
> update. Which is weird, because I based my update on upstream +
> 10.3.34-0+deb10u1. After some investigation, I found that the upstream ta
On Fri, 30 Sept 2022 at 04:31, Emilio Pozuelo Monfort wrote:
>
> On 26/09/2022 05:39, Otto Kekäläinen wrote:
> > Hello Emilio!
> >
> > I see you uploaded:
> > https://tracker.debian.org/news/1362643/accepted-mariadb-103-110336-0deb10u1-source-into-oldstable/
>
Hello Emilio!
I see you uploaded:
https://tracker.debian.org/news/1362643/accepted-mariadb-103-110336-0deb10u1-source-into-oldstable/
I don't see the commits at
https://salsa.debian.org/mariadb-team/mariadb-10.3/-/commits/buster -
please push there to avoid getting the versions out of sync and ca
Hi!
On Mon, Feb 14, 2022 at 4:04 AM Markus Koschany wrote:
>
> Hello,
>
> Just a heads-up. New CVE have been reported for MariaDB 10.3. It is likely
> that
> 10.1 in Stretch is affected as well. Otto Kekäläinen (maintainer) is currently
> investigating if it is feasibl
Hello!
Are LTS folks aware about the change in libcrypt1 where tt was split
out of libc into a separate package?
Perl needs /lib/x86_64-linux-gnu/libcrypt.so.1 to run, and when it
gets removed Perl immediately stops working, and thus no dpkg command
will proceed anymore [1].
As it breaks dpkg, i
> But what would be the point? You'd end up with a less-tested version
> of 10.3 compared to regular buster and if people need to move from
> 10.1 to 10.3, they can just as well upgrade to Buster.
>
> So, advise people to upgrade for anyone running the -server packages and
> keep the client-side to
Hello!
> >> During the 10.5 packaging cycle I have tested building backports for
> >> every commit (see e.g.
> >> https://salsa.debian.org/mariadb-team/mariadb-10.5/-/pipelines/191851).
> >> The galera-4 dependency is already available in
> >> stretch-backports-sloppy. If you are interested in bac
On Tue, 3 Nov 2020 at 21:02, Holger Levsen wrote:
..
> > What options do we have anyway? Does the LTS team think they should be
> > responsible for providing security updates beyond what upstreams do?
>
> yes, that's what we often do.
Not even MariaDB devs always manage to correctly take patches
Hello!
I don't have any particular plans. I'll keep updating the package for
as long as upstream provides updates. For 10.1 the updates are indeed
officially over now: https://mariadb.org/about/#maintenance-policy
What options do we have anyway? Does the LTS team think they should be
responsible
Hello Debian LTS team!
Regarding CVE-2020-15180 I have prepared updates for Ubuntu Trusty
(5.5), Ubuntu Bionic (10.1), Focal (10.3), Groovy (10.3) and Debian
Stretch (10.1), Buster (10.3) and Sid (10.5).
The Debian and Ubuntu security teams have already processed these and
DSA and USN are in the
Hello!
I just realized Emilio represents the LTS team and he already took care of this.
ke 21. lokak. 2020 klo 11.25 Otto Kekäläinen (o...@debian.org) kirjoitti:
>
> Hello Debian LTS team!
>
> Regarding CVE-2020-15180 I have prepared updates for Ubuntu Trusty
> (5.5), Ubuntu Bioni
Hello Emilio and anybody else who might at some point upload MariaDB
to jessie-security or stretch-security!
Please use as the starting point the latest version in the MariaDB
team Salsa repos
- mariadb-10.0 branch 'jessie'
- mariadb-10.1 branch 'stretch' (from 2020 onwards LTS)
I have prepared t
> Thinking about this some more, maybe we could attempt this, backporting
> security
> fixes from MariaDB 10.1 or forward-porting them from MariaDB 5.5 (still
> supported until April 2020). That way we don't force any 10.0 -> 10.1
> migration
> on our users (though MySQL 5.5 users will still have
Hello!
to 3. tammik. 2019 klo 3.40 Robie Basak (robie.ba...@canonical.com) kirjoitti:
>
> Hi Otto and the LTS team,
>
> On Mon, Dec 31, 2018 at 10:50:34AM +0200, Otto Kekäläinen wrote:
> > I think that is *if* makes sense to engineer some automatic upgrade path in
> >
Hello Debian LTS team!
I think that is *if* makes sense to engineer some automatic upgrade path in
an LTS release, then it would be to introduce MariaDB 10.1 into Jessie.
Upgrading from MySQL 5.5 and MariaDB 10.0 to MariaDB 10.1 is pretty safe,
and the maintenance period of MariaDB 10.1 would matc
Hello!
pe 28. jouluk. 2018 klo 9.27 Jan Ingvoldstad
(jan-debian-lts-2...@oyet.no) kirjoitti:
>
> On 2018-12-27 18:51, Lars Tangvald wrote:
>
> > Upgrading to 5.6 would be less risky than MariaDB 10.1, but it's a
> > similar sort of risk.
>
> I don't know what the risk with switching to MariaDB 10.
Hello!
ke 19. jouluk. 2018 klo 18.01 Holger Levsen (hol...@layer-acht.org) kirjoitti:
> > Also note that mariadb 10.0 is EOL in three months[2].
>
> I think this rules out mariadb 10.0 as a sensible upgrade path here.
> (Also, switching from mysql to mariadb in an LTS security upload???)
Do we ha
41 matches
Mail list logo
