[Mageia-dev] mysql CVE's in mga1 => have it update to mariadb

Thomas Backlund tmb at mageia.org
Fri Apr 13 08:55:34 CEST 2012


Maarten Vanraes skrev 13.4.2012 09:28:
> regarding bug https://bugs.mageia.org/show_bug.cgi?id=5260
>
> after talking with mariadb people and some others, i'm proposing to update
> mysql 5.5.10 to mariadb-5.5.23 in mga1.
>

Are you serious ??

> however, QA should extra-double-test the php-mysql dependency, as mariadb
> noted that php-mysql seems to have a very strict versioning scheme sometimes
> and having a new mysql provider without rebuilding php-mysql often fails...
>

You do realize that QA would have to test _way_ more than that...
It would pretty much mean doing a full QA on mga1 release

$ urpmq --whatrequires lib64mysql18 |sort -u
amarok
bacula-dir-mysql
bind
cherokee
courier-authlib-devel
cyrus-imapd
cyrus-imapd-murder
cyrus-imapd-nntp
cyrus-imapd-utils
dovecot-plugins-mysql
gda2.0-mysql
gnokii-smsd-mysql
grass
kexi
lib64gammu7
lib64gdal1
lib64mnogosearch3.2
lib64mysql18
lib64mysqlcppconn6
lib64mysql-devel
lib64qt3-mysql
lib64redland-devel
lib64sasl2-plug-sql
libgda4.0-mysql
lighttpd-mod_mysql_vhost
lua-sql-mysql
motion
mysql-client
mythtv-plugin-zoneminder
nagios-check_mysql
nagios-check_mysql_query
net-snmp-trapd
ntop
pdns-backend-mysql
perl-DBD-mysql
php-mysql
php-mysqli
php-pdo_mysql
postfix-mysql
preludedb-mysql
proftpd-mod_sql_mysql
pure-ftpd
python-mysql
qt4-database-plugin-mysql
rsyslog-mysql
ruby-mysql
stardict-tools
xbmc


And then all indirect deps need to be verified.

--
Thomas


More information about the Mageia-dev mailing list