commit a67e39ccc6209c719138738fa5370c3eb63640d7 Author: Bas Couwenberg <email@example.com> Date: Wed Sep 15 06:38:49 2021 +0000 Don't require debian.cnf to be executable in logrotate (Closes: #994284) When using a non-default configuration with password access to the database, the logrotate postscript fails causing the systemd service to be marked as failed: ● logrotate.service - Rotate log files Loaded: loaded (/lib/systemd/system/logrotate.service; static) Active: failed (Result: exit-code) since Wed 2021-09-15 00:00:01 CEST; 6h ago TriggeredBy: ● logrotate.timer Docs: man:logrotate(8) man:logrotate.conf(5) Process: 4138993 ExecStart=/usr/sbin/logrotate /etc/logrotate.conf (code=exited, status=1/FAILURE) Main PID: 4138993 (code=exited, status=1/FAILURE) CPU: 204ms Sep 15 00:00:01 foobar systemd: Starting Rotate log files... Sep 15 00:00:01 foobar logrotate: [64B blob data] Sep 15 00:00:01 foobar logrotate: error: 'Access denied for user 'root'@'localhost' (using password: NO)' Sep 15 00:00:01 foobar logrotate: error: error running shared postrotate script for '/var/lib/mysql/mysqld.log /var/log/mysql/mysql.log /var/lib/mysql/mariadb.log /var/log/mysql/mysql-slow.log /var/log/mysql/mariadb-s> Sep 15 00:00:01 foobar systemd: logrotate.service: Main process exited, code=exited, status=1/FAILURE Sep 15 00:00:01 foobar systemd: logrotate.service: Failed with result 'exit-code'. Sep 15 00:00:01 foobar systemd: Failed to start Rotate log files. The problem is that the postrotate script only uses /etc/mysql/debian.cnf when it is executable, which a config files should not be. Changing the test from -x to -r to ensure the file exists and is readable resolves the issue. commit ebc371bc0378e9e304359d77b9694f7ded145837 Author: Otto Kekäläinen <firstname.lastname@example.org> Date: Sat Jul 17 17:35:29 2021 -0700 Salsa-CI: Add testing for Bullseye upgrades and backports Now as Debian 11 "Bullseye" has been released add it to the upgrade tests and also build a backport for it. commit 3927f8b5186b895f48b9c6bf0f2df86ad0d630cc Author: Otto Kekäläinen <email@example.com> Date: Tue Sep 14 14:19:30 2021 -0700 Salsa-CI: Add workarounds for Stretch->Bookworm upgrade bugs Officially Stretch to Bookworm upgrades are not supported, but since they can be made to work, let's continue testing those scenarios of nice test coverage. commit b05b77d076f6468bfcb7ed35ec238de9634b919b Author: Otto Kekäläinen <firstname.lastname@example.org> Date: Tue Sep 14 14:15:21 2021 -0700 Add new overrides to be clean on Lintian v2.105.0 These are issues that cannot be fixed in Debian packaging now and thus adding an override is the best course of action to make Salsa-CI green again and protect from any potential actual regressions. commit 7e0f097904f244c975f152604294043578190b14 Author: Otto Kekäläinen <email@example.com> Date: Tue Sep 14 21:33:23 2021 -0700 Open new changelog entry
There are 2 open security issues in bullseye.
You can find information about how to handle these issues in the security team's documentation.