There are 5 open security issues in trixie.
There are 5 open security issues in sid.
commit 30b5dd870ac1663bed7b3eb49701b28b6c67eef7 Author: Otto Kekäläinen <otto@debian.org> Date: Tue May 20 13:09:53 2025 -0700 Salsa CI: Replace deprecated 'except' with 'rules' > The keywords only and except are deprecated and not being actively > developed. To control when to add jobs to pipelines, use rules instead. https://docs.gitlab.com/ci/yaml/#only--except This is identical how Salsa CI does it nowadays. commit d3c30d82040178d18a42275190333b8a568e919b Author: Otto Kekäläinen <otto@debian.org> Date: Tue May 20 17:55:15 2025 +0000 Salsa CI: Remove duplicate `-i` in `sed` Remove the second `-i` option from the `sed` command used to modify `/usr/sbin/policy-rc.d`. The `-i` option should only appear once before the script and filename. commit f1944e0ed0352c7ee0e23a020e6238ffd64e36b3 Author: Otto Kekäläinen <otto@debian.org> Date: Tue May 20 11:17:10 2025 -0700 Salsa CI: Unify the mariadb.org upgrade tests Replace the `*test-full-upgrade` template with `*test-install-all` in the `mariadb.org-10.11 upgrade` CI job to be consistent with all the other mariadb.org upgrade jobs (11.8, 11.7, 11.4, 10.6, 10.5). commit c880a67f0a4f5eea76f32c6434699438c12352a5 Author: Otto Kekäläinen <otto@debian.org> Date: Fri May 16 17:56:53 2025 -0700 Salsa CI: Stop using Gnitpick The project https://github.com/Seravo/gnitpick has no commits in past 3 years and seems stale. Some of the corner cases causing bugs have not been fixed for a long time, and the job hasn't really been useful on the MariaDB pipeline as contributors are writing good enough git commit message titles and message bodies anyway. Thus remove the job as not useful enough to justify looking at results on maintaining it. commit 855bc4f63d4449e46a9e2ad91396e3dbf95107f4 Author: Otto Kekäläinen <otto@debian.org> Date: Mon May 5 21:31:01 2025 -0700 Salsa CI: Fix all upgrades to make pipeline fully green - Remove failing cross-builds - Disable time consuming and low-value ANY and ALL builds - Add usrmerge related workaround for libc6-dev in Jammy - Add usrmerge related workaround for /etc/init.d/* files that depend on /lib/lsb/init-functions - Add usrmerge related workaround for upgrades that depend on libsystemd0 but which need an older version to stay compatible with older libc6 - Properly pin mariadb.org repositories so that installs don't take any MariaDB packages from Debian until the pin file is deleted and actual upgrade test intentionally should use Debian archive versions - Verify in mariadb.org tests that correct version was actually installed - Document versions in each test - Remove allowed failures now that jobs pass - Remove variable to enable missing-breaks job as it is now on by default - Add Ubuntu and MySQL 8.4 upgrade test commit 9fec666bfa70a6192d5246ee2eb6d5f1222a7037 Author: Otto Kekäläinen <otto@debian.org> Date: Mon May 5 21:23:59 2025 -0700 Salsa CI: Remove existing /lib* diversions by base-files to upgrade it This is required for Ubuntu Noble upgrades to Debian unstable to work. commit a4569278a0aa782560291b13b79573ed1adba497 Author: Otto Kekäläinen <otto@debian.org> Date: Mon May 5 21:23:09 2025 -0700 Salsa CI: Unify with similar job logic in Galera and Entr packages commit ee32c39762328118b7e63c46b9c70849876000a7 Author: Otto Kekäläinen <otto@debian.org> Date: Mon May 5 21:21:17 2025 -0700 Salsa CI: Strip now obsolete apt key directives commit c8cae8daeb98bc6b01f83dac1e9bad7e2c688a13 Author: Otto Kekäläinen <otto@debian.org> Date: Mon May 5 21:18:23 2025 -0700 Salsa CI: Ignore apt key errors when testing upgrades from old releases commit 1ebf308301fba7fb52d8c2d659a87578c897fec8 Author: Otto Kekäläinen <otto@debian.org> Date: Mon May 5 21:17:47 2025 -0700 Salsa CI: Force apt/dpkg to install new config files and not stop Updates of Ubuntu Focal and Jammy failed on: Configuration file '/etc/adduser.conf' ==> File on system created by you or by a script. ==> File also in package provided by package maintainer. What would you like to do about it ? Your options are: Y or I : install the package maintainer's version N or O : keep your currently-installed version D : show the differences between the versions Z : start a shell to examine the situation The default action is to keep your current version. *** adduser.conf (Y/I/N/O/D/Z) [default=N] Ensure dpkg always installs the package maintainer version without presenting any interactive dialogs. commit 10221fbde71ae7931aa08eb675c7a92983d3b99e Author: Otto Kekäläinen <otto@debian.org> Date: Tue Apr 22 20:21:50 2025 -0700 Salsa CI: Always assume `apt-get --yes` Apply system-wide setting to always assume apt was run with `--yes` as in the non-interactive mode there is no point in asking confirmation. commit 473effed701a45c1458a361dda9a33e01c95d96b Author: Jing Luo <jing@jing.rocks> Date: Wed May 7 17:14:19 2025 +0900 d/copyright: misc fixes, remove the full text of BSD-3 and Artistic Signed-off-by: Jing Luo <jing@jing.rocks> commit de814999ab710e04d7f999757273db9be22d446e Author: Jing Luo <jing@jing.rocks> Date: Tue May 6 18:36:07 2025 +0900 d/copyright: move "On Debian systems..." to comment stanza The paragraph "On Debian systems, the complete text of...can be found in /usr/share/common-licenses/..." is not really a part of the copyright notice, so it belongs to the comment stanza. Also fix typos (?) "On Debian and systems". Signed-off-by: Jing Luo <jing@jing.rocks> commit 4dce10729922ec0905c910d34884ab24013de079 Author: Jing Luo <jing@jing.rocks> Date: Tue May 6 18:26:25 2025 +0900 d/copyright: remove old FSF address This gets rid of multiple lintian warnings. Signed-off-by: Jing Luo <jing@jing.rocks> commit dc89cd53fe9d0b42c1bb867758d8300026adafd0 Author: Jing Luo <jing@jing.rocks> Date: Tue May 6 17:55:27 2025 +0900 d/upstream/metadata: change github url protocol from git to https Don't remember since when, but github.com no longer supports the git protocol. Signed-off-by: Jing Luo <jing@jing.rocks> commit a5aa1f3020ad1696b2c001aa44fcb821c332de13 Author: Otto Kekäläinen <otto@debian.org> Date: Wed Apr 23 16:50:43 2025 -0700 Disable additional tests that failed on sparc64 (MDEV-36670) Disable more tests that failed in the sparc64 build of 1:11.8.1-4 and which are most likely due to same root cause as the vector failures. commit b74310c29cdf05c1184e67e6e1a5a9375c205dd1 Author: Otto Kekäläinen <otto@debian.org> Date: Wed Apr 23 16:49:08 2025 -0700 Open new changelog entry
Among the 18 debian patches available in version 1:11.8.1-4 of the package, we noticed the following issues: