Fixed with 1:10.1.38-0ubuntu0.18.04.2 on bionic
** Changed in: mariadb-10.1 (Ubuntu)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1757107
Title:
Security u
** Changed in: mariadb-10.1 (Ubuntu Artful)
Status: Confirmed => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1757107
Title:
Security update 10.1.30-0ubuntu0.17.10.1 regresses smok
I have now adopted a workflow where I use dgit to verify that what is in
the packaging git matches what is uploaded.
Example:
git clone salsa/mariadb-10.1.git salsa
dgit -d ubuntu clone mariadb-10.1 bionic,-security distro
cp -ra distro/* salsa
cd salsa
git diff
This will make me able to
** Changed in: mariadb-10.1 (Ubuntu)
Importance: Critical => Undecided
** Changed in: mariadb-10.1 (Ubuntu)
Assignee: (unassigned) => Otto Kekäläinen (otto)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpa
Using git is good. The root of the problem here was that another DD had
tagged commit https://salsa.debian.org/mariadb-
team/mariadb-10.1/commit/d6c1b1f9cac58d92c3a0494c501e40d905b5 as
https://salsa.debian.org/mariadb-
team/mariadb-10.1/commits/debian/10.1.25-1 falsely.
In reality, the tag deb
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: mariadb-10.1 (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1757107
Title:
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: mariadb-10.1 (Ubuntu Artful)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1757107
> They have been introduced when the person doing the Ubuntu upload has
recreated the debdiffs using a different base version.
$ git clone https://salsa.debian.org/mariadb-team/mariadb-10.1
$ cd mariadb-10.1/
$ git checkout ubuntu-17.10
$ grep pie debian/rules
export DEB_BUILD_MAINT_OPTIONS = har
Hello!
As you can see in the git blame of debian/rules, I did not do any changes to
the line with -pie:
https://salsa.debian.org/mariadb-team/mariadb-10.1/blame/ubuntu-17.10/debian/rules
I think I found out what has happened. If I look at the changelog found
in via 'pull-lp-source -d mariadb-10.
There are many packaging changes that were introduced in the security
update, that regress security.
For example:
$ pull-lp-source -d mariadb-10.1 artful-release
$ pull-lp-source -d mariadb-10.1 artful-security
$ debdiff mariadb-10.1_10.1.25-1.dsc mariadb-10.1_10.1.30-0ubuntu0.17.10.1.dsc
| filt
Unsubscribing the Sponsors Team for now as there's nothing to sponsor
quite yet.
Please resubscribe us when there is.
Thank you.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1757107
Title:
Securi
@xnox Waiting for your comments. I would like to know where you get the
sources you are comparing and what unfit-for-security-upload changes did
you see in them exactly?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.laun
I am unable to figure out what has happened here.
For example the change you did now:
diff -Nru mariadb-10.1-10.1.30/debian/rules mariadb-10.1-10.1.30/debian/rules
--- mariadb-10.1-10.1.30/debian/rules 2018-01-02 11:51:23.0 +
+++ mariadb-10.1-10.1.30/debian/rules 2018-03-20 21:36:
Just to be clear, in https://salsa.debian.org/mariadb-
team/mariadb-10.1/branches there is a branch for each Ubuntu release,
and they have been branches of the release tag of the last Debian
release they synced from and shipped with.
All security updates are done on their own branch and there is n
All of the changes in https://anonscm.debian.org/cgit/pkg-
mysql/mariadb-10.1.git/diff/debian/?id=ubuntu/10.1.30-0ubuntu0.17.10.1&id2=debian/10.1.25-1
are packaging wise necessary minimum changes for the security update to
work (e.g. refreshing patches, applying a FTBFS patch, adopt to upstream
bui
@otto
I was working from the reverse. Specifically, performing debdiff between
artful-release & artful-security, and noticing un-necessary changes to
packaging. Note that -security/-updates uploads should not, in general,
introduce any packaging changes or improvements. Yes, there are commits
chan
The reason behind this debdiff, is that autopkgtests started to fail,
and the database is not running after the install, which is grave.
Binaries are missing PIE, yet they were built with PIE in the release
pocket.
See e.g.:
http://autopkgtest.ubuntu.com/packages/mariadb-10.1/artful/amd64
--
Yo
It is easiest if we list the commits that caused the regressions, and
then selectively revert them.
Here are some I found quickly:
- -pie
https://salsa.debian.org/mariadb-team/mariadb-10.1/commit/b4fe91faee29bc1597e2876e1c2cc6bdd162fb66
- dh_systemd_start removal
https://salsa.debian.org/mariadb
** Tags added: id-5ab3c4d27fa5364dd97ee6d2
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1757107
Title:
Security update 10.1.30-0ubuntu0.17.10.1 regresses smoke test, mariadb
not started upon inst
** Patch added: "lp1757107.diff"
https://bugs.launchpad.net/ubuntu/+source/mariadb-10.1/+bug/1757107/+attachment/5085457/+files/lp1757107.diff
** Description changed:
+ [Impact]
+
+ - In debian/rules, -pie introduced, yet previously the build was fully
+ hardened. (I believe this is cosmetic
** Also affects: mariadb-10.1 (Ubuntu Artful)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1757107
Title:
Security update 10.1.30-0ubuntu0.17.10.1 regres
21 matches
Mail list logo