Package: release.debian.org Severity: normal
I hereby request permission from the release team to upload mariadb-10.0 release 10.0.33-1 to the next Jessie point release. This upload does not strictly qualify the criteria listed at https://www.debian.org/doc/manuals/developers-reference/pkgs.html#upload-stable but the security team suggested this upstream micro release, which contains a few minor security fixes, would be a good fit for a stable point release instead of going in as an urgent security update. Current changelog draft: +mariadb-10.0 (10.0.33-0+deb8u1) jessie; urgency=medium + + * New upstream version 10.0.33. Includes fixes for the following + security vulnerabilities: + - CVE-2017-10378, MDEV-13819 + - CVE-2017-10268 + * Refresh patches on top of MariaDB 10.0.33 + + -- Otto Kekäläinen <o...@debian.org> Tue, 21 Nov 2017 11:05:51 +0100 I will prepare the final changelog when I have thumbs up from you to do so. Please also advise me on what is the correct revision string and release pocket string – my experience is mostly about security uploads, very seldom have I done point release stable updates. Here is debdiff for current git head; https://anonscm.debian.org/cgit/pkg-mysql/mariadb-10.0.git/diff/debian/?id2=debian/10.0.32-1&id=jessie and diff off the whole package, including upstream sources: https://anonscm.debian.org/cgit/pkg-mysql/mariadb-10.0.git/diff/?id2=debian/10.0.32-1&id=jessie
