[ubuntu/noble-security] mariadb 1:10.11.11-0ubuntu0.24.04.2 (Accepted)

Eduardo Barretto eduardo.barretto at canonical.com
Mon Mar 31 09:54:41 UTC 2025 

mariadb (1:10.11.11-0ubuntu0.24.04.2) noble-security; urgency=medium

  * Fix building with Clang on RISC-V to unblock the promotion of the
    10.11.11 upstate to Ubuntu 24.04 "Noble"
  * Backport upstream fix for INSERT SELECT on NOT NULL (Closes: #1099515)
    to fix severe regression in 10.11.11
  * Add patch to remove unnecessary capabilities from AmbientCapabilities
    and revert "Set CAP_IPC_LOCK capability if possible" to mitigate potential
    security issue in a change in 10.11.11

mariadb (1:10.11.11-0ubuntu0.24.04.1) noble-security; urgency=medium

[ Otto Kekäläinen ]
* SECURITY UPDATE: New upstream version 10.11.11. Includes fixes for several defects
  as noted at https://mariadb.com/kb/en/mariadb-10-11-11-release-notes/ as
  well the following security issues (LP: #2099785):
  - CVE-2025-21490
* This release includes upstream version 10.11.10, with fixes for regressions
  as noted at https://mariadb.com/kb/en/mariadb-10-11-10-release-notes/
* This release includes upstream version 10.11.9, with fixes for regressions
  as noted at https://mariadb.com/kb/en/mariadb-10-11-9-release-notes/
* Update server trace to include new parameters and values
* Add main.having_cond_pushdown to MTR skiplist on s390x
* Skip test main.mysqld--help-aria due to MDEV-34733
* Update configuration traces to match changes done in MDEV-35785
* Update configuration traces with new query allocator values from MDEV-35750
* Update server trace to include new parameters and values. This includes now
  MariaDB client parameter 'quick-max-column-width' and new MariaDB Server
  parameters 'innodb-log-file-mmap' and 'optimizer-join-limit-pref-ratio'.
  Also the parameters 'innodb-lru-flush-size' and
  'innodb-purge-rseg-truncate-frequency' seems to have been removed, and
  'innodb-purge-batch-size' got a new default value '1000'.
* Include Debian packaging bugfixes done upstream:
  - MDEV-35907: debian-start script fails when using non-standard socket path
  - Set CAP_IPC_LOCK capability if possible
* Include several restart/shutdown related fixes that have been in Debian
  unstable in MariaDB 11.4 for a long time, and which are likely needed to
  avoid occasional shutdown issues, in particular on upgrades (LP: #2034125)
  in both Debian and Ubuntu
  - Make SysV init more verbose in case of MariaDB start failures (Related: #1033234)
  - Limit check of running mysqld/mariadbd to system users (Related: #1032047)
  - When shutting down 'mariadbd', fallback to 'mysqld'
* Make d/watch more specific to circumvent bug in .10 vs .11 detection
* Add Lintian overrides for new upstream documentation JavaScript files
* Apply `wrap-and-sort -va` with latest devscripts 2.24.8
* Add NEWS item to explain new `mariadb-dump` option `--sandbox`

[ Phil Dibowitz ]
* Add some info on getting back to passwordless root (Related: #1088133)

[ Joe Bliss ]
* Revert backticks change in commit 0300a915 to be compatible with databases
  containing hyphenated table names (LP: #2085554)

Date: 2025-03-27 11:03:11.784111+00:00
Signed-By: Eduardo Barretto <eduardo.barretto at canonical.com>
https://launchpad.net/ubuntu/+source/mariadb/1:10.11.11-0ubuntu0.24.04.2
-------------- next part --------------
Sorry, changesfile not available.

More information about the noble-changes mailing list