Hi all
I see this issue reported from other user in centos bug tracker and I dont understand why is not possible to update mariadb from Centos repo to last versions when each new mariadb version is even safer and offers greater speed
I look for this repo http://mirror.centos.org/centos/7/os/x86_64/Packages/ with mariadb 5.5.56 but it is very old. Was added by centos 9 months ago and the last improved version is 5.5.60
Really to Centos dont like MariaDB security?
best regards
Centos Repo dont update to last MARIADB
Re: Centos Repo dont update to last MARIADB
You clearly missed TrevorH's comment in that bug report, especially the link to the backporting page.
Are there any particular CVEs you think you are missing? Those are what counts.
That said, CentOS rebuilds the same packages that RHEL ships. CentOS does not have the possibility to update MariaDB ahead of RHEL.
Are there any particular CVEs you think you are missing? Those are what counts.
That said, CentOS rebuilds the same packages that RHEL ships. CentOS does not have the possibility to update MariaDB ahead of RHEL.
Re: Centos Repo dont update to last MARIADB
See the RHEL backporting page https://access.redhat.com/security/updates/backportingReally to Centos dont like MariaDB security?
In addition, you can see the rpm changelog by running e.g. rpm -q mariadb-server --changelog | less and see information like
Code: Select all
* Thu Jun 08 2017 Honza Horak <hhorak@redhat.com> - 1:5.5.56-2
- Do not fix context and change owner if run by root in mariadb-prepare-db-dir
Related: #1458940
- Check properly that datadir includes only expected files
Related: #1356897
* Mon Jun 05 2017 Honza Horak <hhorak@redhat.com> - 1:5.5.56-1
- Rebase to 5.5.56
That release also fixes the following security issues:
CVE-2016-5617/CVE-2016-6664 CVE-2017-3312 CVE-2017-3238 CVE-2017-3243
CVE-2017-3244 CVE-2017-3258 CVE-2017-3313 CVE-2017-3317 CVE-2017-3318
CVE-2017-3291 CVE-2017-3302 CVE-2016-5483/CVE-2017-3600 CVE-2017-3308
CVE-2017-3309 CVE-2017-3453 CVE-2017-3456 CVE-2017-3464
Resolves: #1458933
New deps required by upstream: checkpolicy and policycoreutils-python
License text removed by upstream: COPYING.LESSER
Do not ignore test-suite failure
Downstream script mariadb-prepare-db-dir fixed for CVE-2017-3265
Resolves: #1458940
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Re: Centos Repo dont update to last MARIADB
Hi
CVEs talks about if a module version have a security issues then it will be removed maintaining previous versions but MariaDB 5.5.60 have not any security issues worst than the old offered version 5.5.56 in http://mirror.centos.org/centos/7/os/x86_64/Packages/
I asked about this issue and still it is unsolved (wont fix)
CVEs talks about if a module version have a security issues then it will be removed maintaining previous versions but MariaDB 5.5.60 have not any security issues worst than the old offered version 5.5.56 in http://mirror.centos.org/centos/7/os/x86_64/Packages/
I asked about this issue and still it is unsolved (wont fix)
Re: Centos Repo dont update to last MARIADB
See the RHEL backporting page https://access.redhat.com/security/updates/backporting
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Re: Centos Repo dont update to last MARIADB
Using any one of several MariaDB "official" versions is easily possible using the MariaDB repo generator:
https://downloads.mariadb.org/mariadb/r ... tro=CentOS
Please carefully read the warning(s) about third party repositories:
https://wiki.centos.org/AdditionalResou ... positories
https://downloads.mariadb.org/mariadb/r ... tro=CentOS
Please carefully read the warning(s) about third party repositories:
https://wiki.centos.org/AdditionalResou ... positories