Your message dated Thu, 19 Feb 2026 07:50:23 +0000
with message-id <[email protected]>
and subject line Bug#1123021: fixed in mariadb 1:11.8.6-2
has caused the Debian Bug report #1123021,
regarding Increase the `systemd-analyze security mariadb.service` score from
current 8.8
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1123021: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1123021
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: mariadb
Version: 1:11.8.5-1
Severity: wishlist
Running `systemd-analyze security mariadb.service` gives a score of 8.8.
Further hardening would be appreciated; for example, with
`CapabilityBoundingSet`.
This domain needs some research, and cross-referencing with that
upstream potentially has already done on the development branch `main`
and what is tracked at jira.mariadb.org. Debian could help upstream
improve the systemd service and security features, and adopt them in
11.8.x until they are fully upstreamed and can be dropped in Debian.
We should avoid adding features in Debian that upstream disagrees on,
as we don't want to maintain divergent features forever.
--- End Message ---
--- Begin Message ---
Source: mariadb
Source-Version: 1:11.8.6-2
Done: Otto Kekäläinen <[email protected]>
We believe that the bug you reported is fixed in the latest version of
mariadb, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Otto Kekäläinen <[email protected]> (supplier of updated mariadb package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 19 Feb 2026 08:08:08 +0000
Source: mariadb
Architecture: source
Version: 1:11.8.6-2
Distribution: unstable
Urgency: medium
Maintainer: Debian MySQL Maintainers <[email protected]>
Changed-By: Otto Kekäläinen <[email protected]>
Closes: 875890 1123021 1127431 1127863
Changes:
mariadb (1:11.8.6-2) unstable; urgency=medium
.
[ Aquila Macedo ]
* Add systemd hardening patch for MariaDB units (Closes: #1123021)
.
[ Otto Kekäläinen ]
* Add Lintian override for potentially false new error about embedded
libminizip
* Remove patch for x32 compilation now supposedly fixed upstream in ff4209f
* Update patch statuses and Forwarded fields to match latest
* Fix path to mariadb-server.README in mariadb-secure-install
(Closes: #1127863)
* Add preliminary upstream patch to fix MDEV-38811 that affected Akonadi and
any other use case that relies on 'skip-grant-tables' (Closes: #1127431)
* Add functional AppArmor profile for MariaDB 11.8 but keep it in 'complain'
mode for now to collect real usage experience, and enabling 'enforce' mode
some day in the future when likelihood of unanticipated AppArmor denials
is close to zero (Closes: #875890)
Checksums-Sha1:
bbbba1c74b56a4f6c9331b27e6725b18a8bded4e 5608 mariadb_11.8.6-2.dsc
91f4881b2f1fff1afcdabe2cc6b52bc06f417628 297756 mariadb_11.8.6-2.debian.tar.xz
ed78bfaa658aef1403853b7e9dacfc5e175ef2c0 13956
mariadb_11.8.6-2_source.buildinfo
Checksums-Sha256:
4137c812db70166a7ec19045a18d8d4e4378d63b2d2a614882e42f997b0e3ed7 5608
mariadb_11.8.6-2.dsc
e4fdd04453abbab3e8e1d74c45f76e91b13ee66a5b99a0543e235eb5a4cee404 297756
mariadb_11.8.6-2.debian.tar.xz
db9cbf055e46e6bffac547206bcc25596261325750ec7b2e2a61126032658ed8 13956
mariadb_11.8.6-2_source.buildinfo
Files:
62faaaf95260bf66c1eabab28a59d3bd 5608 database optional mariadb_11.8.6-2.dsc
689e67365aacf448fad562d9a027d038 297756 database optional
mariadb_11.8.6-2.debian.tar.xz
69bc48307ae49d98fc607e7fed0e8d81 13956 database optional
mariadb_11.8.6-2_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEmbRSsR88dMO0U+RvvthEn87o2ogFAmmWuloACgkQvthEn87o
2ogoUhAAwE8qDLNGjBKJmAvXAq06CanYCrHq0a6fcoRPrnLRc+uS22Lw58MzCdQF
MGBOOxDQsX7yYwkqnsgnO+xXWKBZoEWssUMEQF0LcDpMfZGknvH7NQeWdAndP/W6
UrklSkjS62KE+exPj8dbin0XHZET/sjIOFlfL/o5IuGC+BMOYaVVGnUTidalxrJe
1vV1wSBHnztJiEPMiNLhhMZKe72IBreaWH0hSdWIIBwejx3gEPMweZrwdTmbcM8+
mwOxMPnc71p0HgeS1RHagDrzzpPRNszIUSesxsCLecG8KTIsYy09AdIni5QzdEe0
0uMPwRsPg3S9dxrbfYOCDcSpvWMLy2JFnKHptD0duLcrsQRqOVy60WbPzsdTZ8i3
PFrEFYGW06Gr7+HoGX9xu4XJpwsxGpkHGkmDvU+2kJMkOglj582oCksUZ3tclDMT
myWftEWlceeMc/B4bYcvHAsu0K0QbnlalzLLd5OwoXQTo1i3kP5VmXIfmpDMTcN+
KlwxPJ1L8Rh6/uu83tuPyEmK3HBe3FUBgebIzlx1/sGWdunbJDwOZxuuAR/tr/96
DWr8J4J/ULz2ZX/DD0HaEJdNDMTKnNn3fbXCrZnvo8SajlRNwOXvgz2feY1d2atJ
51Lsspde4B7ZYZnfBIGFNg/1KOPloN/kh6Cpv2LolvGKUDM54D4=
=QPzK
-----END PGP SIGNATURE-----
pgpIg10phUfAg.pgp
Description: PGP signature
--- End Message ---
