The 10.5 series update for 21.10 is now available. Please use git-buildpackage to fetch and build from the ubuntu-21.04 branch at https://salsa.debian.org/mariadb- team/mariadb-10.5/tree/ubuntu-21.10
The repository uses pristine-tar, so there is no need to separately download the sources. You can just check the signature/SHA1SUM directly from the git-buildpackage generated tarball. Test builds and testsuite passed on all platforms at https://launchpad.net/~mysql-ubuntu/+archive/ubuntu/mariadb-10.5/+builds?build_text=&build_state=all Debdiffs can be created directly from the repo like in a local clone with 'git diff <tag1>..<tag2> debian/' Changelog: mariadb-10.5 (1:10.5.15-0ubuntu0.21.10.1) impish-security; urgency=medium * SECURITY UPDATE: New upstream version 10.5.15 includes fixes for the following security vulnerabilities (LP: #1961350): - CVE-2021-46661 - CVE-2021-46663 - CVE-2021-46664 - CVE-2021-46665 - CVE-2021-46668 * New upstream version 10.5.14. Includes security fixes for - CVE-2021-46659 - CVE-2022-24048 - CVE-2022-24050 - CVE-2022-24051 - CVE-2022-24052 * Notable upstream functional changes in 10.5.14: - New default value for innodb_change_buffering is 'none' instead of old value 'all' (MDEV-27734). This change should improve crash safety but might cause performance regressions on systems that use old spinning disks (HDD) where seek latency is higher. - New default minimum value for innodb_buffer_pool_size is 20 MB (from 2 MB) -- Otto Kekäläinen <o...@debian.org> Thu, 17 Feb 2022 18:27:55 -0800 ** Description changed: According to https://mariadb.com/kb/en/security/ the latest minor MariaDB releases include security fixes. I am working on updates for all maintained Ubuntu versions for MariaDB: - mariadb-10.3 in Focal - - mariadb-10.5 in Hirsute and Impish + - mariadb-10.5 in Impish MariaDB 10.6 in Jammy will automatically import the new version from Debian Sid once available. MariaDB 10.5 should be removed from Jammy (as already done in Debian Sid and Testing). Security sponsor note this: https://wiki.ubuntu.com/SecurityTeam/PublicationNotes#Sponsoring_MariaDB_Security_Updates -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1961350 Title: CVE-2022-24048 et al affect MariaDB in Ubuntu To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/mariadb-10.3/+bug/1961350/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
