diff options
Diffstat (limited to 'zarb-ml/mageia-dev/2012-April/014243.html')
| -rw-r--r-- | zarb-ml/mageia-dev/2012-April/014243.html | 144 |
1 files changed, 144 insertions, 0 deletions
diff --git a/zarb-ml/mageia-dev/2012-April/014243.html b/zarb-ml/mageia-dev/2012-April/014243.html new file mode 100644 index 000000000..0fe131c7f --- /dev/null +++ b/zarb-ml/mageia-dev/2012-April/014243.html @@ -0,0 +1,144 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> + <HEAD> + <TITLE> [Mageia-dev] mysql CVE's in mga1 => have it update to mariadb + </TITLE> + <LINK REL="Index" HREF="index.html" > + <LINK REL="made" HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20mysql%20CVE%27s%20in%20mga1%20%3D%3E%20have%20it%20update%20to%20mariadb&In-Reply-To=%3C4F884CE6.7040802%40colin.guthr.ie%3E"> + <META NAME="robots" CONTENT="index,nofollow"> + <META http-equiv="Content-Type" content="text/html; charset=us-ascii"> + <LINK REL="Previous" HREF="014239.html"> + <LINK REL="Next" HREF="014244.html"> + </HEAD> + <BODY BGCOLOR="#ffffff"> + <H1>[Mageia-dev] mysql CVE's in mga1 => have it update to mariadb</H1> + <B>Colin Guthrie</B> + <A HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20mysql%20CVE%27s%20in%20mga1%20%3D%3E%20have%20it%20update%20to%20mariadb&In-Reply-To=%3C4F884CE6.7040802%40colin.guthr.ie%3E" + TITLE="[Mageia-dev] mysql CVE's in mga1 => have it update to mariadb">mageia at colin.guthr.ie + </A><BR> + <I>Fri Apr 13 17:57:26 CEST 2012</I> + <P><UL> + <LI>Previous message: <A HREF="014239.html">[Mageia-dev] mysql CVE's in mga1 => have it update to mariadb +</A></li> + <LI>Next message: <A HREF="014244.html">[Mageia-dev] mysql CVE's in mga1 => have it update to mariadb +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#14243">[ date ]</a> + <a href="thread.html#14243">[ thread ]</a> + <a href="subject.html#14243">[ subject ]</a> + <a href="author.html#14243">[ author ]</a> + </LI> + </UL> + <HR> +<!--beginarticle--> +<PRE>'Twas brillig, and David Walser at 13/04/12 15:31 did gyre and gimble: +><i> The objections to this have been quite unwarranted. It sounds like some people +</I>><i> want to institute a new policy that MySQL security bugs won't be fixed. +</I>><i> Upgrading to newer versions of things isn't ideal, but sometimes it's what has +</I>><i> to be done, because there's no other way, and we already do it sometimes in +</I>><i> other cases. There's no reason this should be any more controversial. +</I> +The proposal here was not just to ship a new version, but to ship a +totally different fork -> mysql -> maridadb (it's even in the subject!). + +This is why there have been objections. It's not (primarily at least) to +do with shipping a newer version. + +><i> For us, upgrading to MariaDB instead of MySQL 5.5.22 isn't any different than +</I>><i> what those other distros have done. MariaDB is as much a newer version of what +</I>><i> we have now as MySQL 5.5.22 is. They are both derived from the same code base. +</I>><i> Furthermore, the other distros have been able to upgrade it apparently without +</I>><i> even having to rebuild anything else, so the potential for damage seems to not +</I>><i> be so great after all. +</I> +I disagree. It's a totally different package. There are also bugs +relating to how a service package is enabled/disabled on upgrade which +might lead to people having the service enabled when they have +previously specifically disabled it. + +Should we then patch and upgrade rpm-helper too to deal with this issue? +We've not even addressed it in Cauldron yet, but then I think it may be +something that users could live with in a distro upgrade, but they +certainly would not expect it from a security update. + + +This idea just seems wrong for a stable update. Would we have shipped LO +rather than OOo as an update? I don't think so. Would we have shipped +Xorg rather than the old X as an update? I don't think so either. Why +make a special exception for MariaDB? + +I would far rather ship a newer MySQL package than (to use a cliche) +change horses in midstream[1] + +Col + +1. <A HREF="http://www.phrases.org.uk/meanings/115400.html">http://www.phrases.org.uk/meanings/115400.html</A> + + +-- + +Colin Guthrie +colin(at)mageia.org +<A HREF="http://colin.guthr.ie/">http://colin.guthr.ie/</A> + +Day Job: + Tribalogic Limited <A HREF="http://www.tribalogic.net/">http://www.tribalogic.net/</A> +Open Source: + Mageia Contributor <A HREF="http://www.mageia.org/">http://www.mageia.org/</A> + PulseAudio Hacker <A HREF="http://www.pulseaudio.org/">http://www.pulseaudio.org/</A> + Trac Hacker <A HREF="http://trac.edgewall.org/">http://trac.edgewall.org/</A> +</PRE> + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +<!--endarticle--> + <HR> + <P><UL> + <!--threads--> + <LI>Previous message: <A HREF="014239.html">[Mageia-dev] mysql CVE's in mga1 => have it update to mariadb +</A></li> + <LI>Next message: <A HREF="014244.html">[Mageia-dev] mysql CVE's in mga1 => have it update to mariadb +</A></li> + <LI> <B>Messages sorted by:</B> + <a href="date.html#14243">[ date ]</a> + <a href="thread.html#14243">[ thread ]</a> + <a href="subject.html#14243">[ subject ]</a> + <a href="author.html#14243">[ author ]</a> + </LI> + </UL> + +<hr> +<a href="https://www.mageia.org/mailman/listinfo/mageia-dev">More information about the Mageia-dev +mailing list</a><br> +</body></html> |