[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#47257: [PATCH 1/1] gnu: mariadb: Update to 10.5.9 [fixes CVE-2021-27
|
From: |
Mark H Weaver |
|
Subject: |
bug#47257: [PATCH 1/1] gnu: mariadb: Update to 10.5.9 [fixes CVE-2021-27928]. |
|
Date: |
Fri, 19 Mar 2021 20:42:33 -0400 |
Mark H Weaver <mhw@netris.org> writes:
> 'package/inherit' is usually the right thing when defining other kinds
> of package variants, however.
One addendum to this guideline: if the package variant you're defining
overrides the 'source' field[*], it's probably pointless to use
'package/inherit', because the fixes embodied in the original package's
replacement would most likely be lost anyway.
[*] One exception is if the overridden 'source' field merely adds some
additional patches to the original package, while taking care to
preserve any existing patches -- that last part is important, even if
the original package doesn't including any patches at the time you look.
In that case, 'package/inherit' might well be helpful.
More generally, when inheriting from another package, it's useful to ask
yourself what should happen if the package you're inheriting from is
later grafted, and to try to arrange for that to happen automatically.
Thanks,
Mark
bug#47257: [PATCH v2] gnu: mariadb: Fix CVE-2021-27928., Léo Le Bouter, 2021/03/25
bug#47257: [PATCH v3] gnu: mariadb: Fix CVE-2021-27928., Léo Le Bouter, 2021/03/25