Public bug reported: MariaDB announced new minor maintenance releases on Nov 1st, 2024: https://mariadb.com/resources/blog/mariadb-community- server-q4-2024-maintenance-releases/
In this round of releases, there are *no* CVE tracked security fixes (https://mariadb.com/kb/en/security/), but I would still suggest these to be made available for all Ubuntu users in all supported Ubuntu releases. All MySQL releases have always had related CVEs, and for past 10 years almost all MariaDB releases have have at least one CVE as well and thus have been uploaded to Ubuntu as security releases by security sponsors (see e.g. https://bugs.launchpad.net/ubuntu/+source/mariadb/+bug/2067125 and https://wiki.ubuntu.com/SecurityTeam/PublicationNotes#Sponsoring_MariaDB_Security_Updates). Hence, these uploads would need to be done following the New upstream microrelease policy (https://canonical-sru-docs.readthedocs- hosted.com/en/latest/reference/requirements/#new-upstream- microreleases). I am already working on MariaDB updates for all Debian releases. After that, I could invest the effort to do it for all Ubuntu releases, but to minimize wasted effort, I'd like to have confirmation from ~ubuntu-sru that the New upstream microrelease policy indeed could be applied for all maintained Ubuntu versions for MariaDB: - mariadb-10.6 (10.6.20) in Jammy - mariadb (10.11.10) in Noble - mariadb (11.4.4) in Oracular ** Affects: mariadb (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2086527 Title: New upstream microreleases: MariaDB 11.4.4 et al To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/mariadb/+bug/2086527/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs