Debian Patches
Status for mariadb/1:11.8.8-1
| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| env-perl-usr-bin-perl.patch | Fix perl path in scripts Fix Lintian issue https://lintian.debian.org/tags/incorrect-path-for-interpreter.html Upstream will never accept this patch, see https://github.com/MariaDB/server/pull/1718 |
Otto Kekalainen <otto@debian.org> | yes | https://patch-diff.githubusercontent.com/raw/MariaDB/server/pull/1718.patch | 2020-12-20 | |
| mroonga-mrn-lib-dirs-path-reproducible-build.patch | cmake: add support for reproducible buildS We should use relative path not absolute path. We can use target without breaking reproducibility. This patch can be removed once MariaDB ships with Mroonga v12.00+ that has https://github.com/mroonga/mroonga/commit/27caeb9b8ce7fa432b1251eca475b517c6902a6c |
Sutou Kouhei <kou@clear-code.com> | not-needed | upstream | https://github.com/mroonga/mroonga/issues/298#issuecomment-1030815927 | 2022-02-05 |
| install-files-into-usr.patch | Install PAM modules and systemd units into /usr Since Debian trixie all files need to be installed into their canonical location under /usr. Merged in https://github.com/MariaDB/server/commit/34aac090f2acc1a4b5850810fe41370c19659d55 and thus included in MariaDB 12.3.2 and onward. |
Michael Biebl <biebl@debian.org> | yes | https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1061348 | 2024-01-22 | |
| startup-message.patch | Show banner in server and client startup to drive community engagement Suggest to users that they can support MariaDB development by simply giving a star on GitHub. This patch experiments with how well such a banner works, and may later change the contents to drive some other kind of engagement. Client output: Welcome to the MariaDB monitor. Commands end with ; or \g. Your MariaDB connection id is 17 Server version: 11.8.1-MariaDB-5 from Debian -- Please help get to 10k stars at https://github.com/MariaDB/Server Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. MariaDB [(none)]> Server output: [Note] Please help get to 10k stars at https://github.com/MariaDB/Server Server output if built in git directory: [Note] Starting MariaDB 11.8.1-MariaDB-5 from Debian source revision 1a9c3debfd6b1b16af4e501d3530b866b85c38a8 server_uid eNAjF8/wvUNM09/mSmh+k3a5o5w= as process 1359 Logs will also show as server output: mysqld: Version: '11.8.1-MariaDB-5 from Debian' socket: '/run/mysqld/mysqld.sock' port: 3306 -- Please help get to 10k stars at https://github.com/MariaDB/Server This patch can be dropped if Debian updates to ship Something similar was merged in https://github.com/MariaDB/server/commit/346c7afe9b7071ce9c47892a83d69944b608b3da and thus included in MariaDB 12.3 onward. |
Otto Kekalainen <otto@debian.org> | not-needed | 2024-03-10 | ||
| hide-mysql-command-deprecation-warnings.patch | Disable the 'mysql*' command deprecation warning Many command-line tools expect the commands they run to return without any output in stderr or having error codes. The fact that now in MariaDB 11.4 all 'mysql*' commands emit a deprecation warning causes a lot of scripts to fail, such as the /etc/init.d/mariadb itself and many dependent programs as witnessed via Debian autopkgtests. See examples below. https://ci.debian.net/packages/m/mariadb-connector-odbc/testing/amd64/48373500/ https://ci.debian.net/packages/p/pam-mysql/testing/amd64/48373511/ https://ci.debian.net/packages/r/roundcube/testing/amd64/48373518/ |
Otto Kekalainen <otto@debian.org> | not-needed | 2024-06-30 | ||
| Add-AppArmor-notice-for-Debian-Ubuntu-users-during-server.patch | Add AppArmor notice for Debian/Ubuntu users during server startup When MariaDB fails to start due to permission errors, users on Debian/Ubuntu might not be able to guess that AppArmor might be the cause, and they should check for AppArmor denials in the kernel audit log. Add an informational message during startup that: - Only prints when the 'mariadbd' profile is actually loaded - Includes exact commands from the Debian packaging NEWS - Provides actionable paths for local overrides - Mentions both complain and enforce modes for troubleshooting The message is printed once during normal server startup (not in help or bootstrap modes) through the existing logging infrastructure, ensuring it appears in both syslog and the error log where users will see it when troubleshooting startup failures. |
Otto Kekäläinen <otto@debian.org> | yes | 2026-04-08 | ||
| Fix-misc-spelling-in-MariaDB-Server-repository.patch | Fix misc spelling in MariaDB Server repository Note! Do not update this patch with new typos, but put them in a new patch that can be submitted upstream and tracked separately. * Fix misc typos in MariaDB Server * Fix spelling of 'allows one to' Fix the following Lintian nags introduced in commit c8d040938a7ebe10e62506a726702c5990ef4dda: X: libmariadbd19t64: spelling-error-in-binary choosen chosen [usr/lib/x86_64-linux-gnu/libmariadbd.so.19] X: mariadb-backup: spelling-error-in-binary "allows to" "allows one to" [usr/bin/mariadb-backup] X: mariadb-backup: spelling-error-in-binary choosen chosen [usr/bin/mariadb-backup] X: mariadb-server-core: spelling-error-in-binary "allows to" "allows one to" [usr/sbin/mariadbd] X: mariadb-server-core: spelling-error-in-binary choosen chosen [usr/sbin/mariadbd] X: mariadb-test: spelling-error-in-binary "allows to" "allows one to" [usr/bin/mariadb-client-test-embedded] X: mariadb-test: spelling-error-in-binary "allows to" "allows one to" [usr/bin/mariadb-test-embedded] X: mariadb-test: spelling-error-in-binary "allows to" "allows one to" [usr/bin/test-connect-t] X: mariadb-test: spelling-error-in-binary choosen chosen [usr/bin/mariadb-client-test-embedded] X: mariadb-test: spelling-error-in-binary choosen chosen [usr/bin/mariadb-test-embedded] X: mariadb-test: spelling-error-in-binary choosen chosen [usr/bin/test-connect-t] Merged in https://github.com/MariaDB/server/commit/5879c85f505d3a11d4b8f479f2437416d8a1d724 and thus included in MariaDB 12.3 onward. |
Otto Kekalainen <otto@debian.org> | yes | 2024-03-10 | ||
| Improve-output-from-mariadb-secure-installation-to-be-mor.patch | Improve output from mariadb-secure-installation to be more honest The script is not useful in Debian, and likely misleading to users. Improve the output to be more clear about what it is doing or is not doing. Merged on 'main' in https://github.com/MariaDB/server/commit/3a08a8e3d2212f3f60937b3fd97207c3ea7b933a and thus included in MariaDB 12.3 onward. |
Otto Kekäläinen <otto@debian.org> | yes | 2025-06-04 | ||
| MDEV-37411-suppress-new-warning-about-native-aio.patch | Suppress native AIO warning introduced in 10.8.3 Upstream a87bb96 introduced a new warning, visible at least on all ppc64el and s390x builds which makes the post-build mariadb-test-test fail: [Warning] InnoDB: native AIO failed: falling back to innodb_use_native_aio=OFF The case of this is the ci environment only where there is insufficent fs.aio-max-nr configured. A such we are adding a suppression to the mtr only. The warning is valuable for users. Upstream MDEV-37411 has added a io_setup as a warning, which will fail in the CI environment, so we're pre-emptively suppressing this warning too. Unlike upstream MariaDB, in Debian we removed libaio in for Linux on MariaDB 10.6+ in 612630c6 and completely in 1d648d6f. This was re-added by upstream added a system variable innodb_linux_aio to control, and also provided automated fallback. As such we're readding it back too. With liburing still seccomp filterer in container environments having a libaio fallback is more valuable than the threads implementation of last resort. Edited & Updated: Daniel Black <daniel@mariabdb.org> Upstream rejected this with the conclusion, is that it will start working in Debian/Salsa/Ubuntu/Launchpad once the Linux kernel is new enough to handle the I/O calls and fallbacks properly, or once the CI system increases the value of /proc/sys/fs/aio-max-nr to 1 million or so, to allow multiple parallel MariaDB servers (as started by mariadb-test-run) each have enough quota for native AIO to work. |
Otto Kekäläinen <otto@debian.org> | yes | 2025-08-07 | ||
| include-debian-in-test-merge-alter-result.patch | Make the new merge_alter test indifferent to extra version info Modify the test regex to accept any extra version info, just like it accepts any server version info. The test is supposed to fail on actual differences in behaviour and server info strings are intentionally normalized and not regarded. Without this modification, the test introduced in 9e8e215e would fail in post-build MTR on "from Debian-log" and in autopkgtest on "from Debian": main.merge_alter w4 [ fail ] Test ended at 2025-11-26 22:41:38 CURRENT_TEST: main.merge_alter /usr/share/mariadb/mariadb-test/main/merge_alter.result 2025-11-13 11:45:29.000000000 +0300 /tmp/tmp.3vGjZWHA79/var/4/log/merge_alter.reject 2025-11-27 01:41:38.523996124 +0300 @@ -10,7 +10,7 @@ /*!50003 SET @OLD_COMPLETION_TYPE=@@COMPLETION_TYPE,COMPLETION_TYPE=0*/; DELIMITER /*!*/; # at # -#010909 4:46:40 server id # end_log_pos # CRC32 XXX Start: binlog v 4, server v #.##.## created 010909 4:46:40 at startup +#010909 4:46:40 server id # end_log_pos # CRC32 XXX Start: binlog v 4, server v #.##.## from Debian created 010909 4:46:40 at startup ROLLBACK/*!*/; # at # #010909 4:46:40 server id # end_log_pos # CRC32 XXX Gtid list [] Result length mismatch |
Otto Kekäläinen <otto@debian.org> | not-needed | 2025-11-26 | ||
| sysusers-lock-mysql-account.patch | sysusers.d: lock mysql user and keep Debian home/shell Use u! and set HOME=/nonexistent and shell=/bin/false for the mysql user. This patch should be submitted upstream once proven stable in Debian. |
Aquila Macedo <aquilamacedo@riseup.net> | yes | 2026-01-08 | ||
| set-default-datadir-to-var-lib-mariadb.patch | Update default datadir config to /var/lib/mariadb. Use /var/lib/mariadb as the default datadir for Debian/Ubuntu to improve co-installability between MySQL and MariaDB servers. |
Lena Voytek <lena@voytek.dev> | yes | 2026-03-24 | ||
| Fix-more-misc-spelling-in-MariaDB-Server-repository.patch | Fix more misc spelling in MariaDB Server repository Fixes following Lintian nags: X: mariadb-plugin-connect: spelling-error-in-binary Exeption Exception [usr/lib/mysql/plugin/ha_connect.so] X: mariadb-client-core: spelling-error-in-binary specifiying specifying [usr/bin/mariadb-migrate-config-file] |
Otto Kekalainen <otto@debian.org> | yes | 2026-04-28 | ||
| MDEV-39290-mytop-use-invoking-login-as-default-user-on-Un.patch | MDEV-39290 mytop use invoking login as default user on Unix On non-Windows systems, use the invoking user's login name as the default MariaDB username instead of hardcoding root. Resolve the username from getpwuid($<), falling back to LOGNAME, USER, and finally root. Keep the existing root default on Windows. This makes mytop behave more like the mysql and mariadb clients and avoids confusing authentication failures on systems where local socket access is configured for the OS user rather than root. Also update the connection error text and POD to describe the actual default behavior. (cherry picked from commit 14502365efa17b78281e53dd1ab883f5e298a432) Merged in upstream branch 13.0. Debian patch can be dropped when importing new upstream major version 13.0+. |
Aquila Macedo <aquilamacedo@riseup.net> | yes | 2026-04-08 | ||
| MDEV-34195-tests-avoid-LP64-MYSQL-size-assert-on-x32.patch | MDEV-34195 tests: avoid LP64 MYSQL size assert on x32 x32 defines __x86_64__ but uses the ILP32 ABI, so the LP64 sizeof(MYSQL) == 1272 compile-time assert is selected incorrectly and breaks the build. Guard the x86_64 check with !defined(__ILP32__) so the LP64 size assert only applies to real amd64 LP64 builds, while leaving the existing Windows amd64 and i386 checks unchanged. (cherry-picked from 936f04c4f9bd5d66014942bd27e1996b2e740626) Merged on 10.11, and will be included in next release (10.11.19+, 11.8.9+). |
Aquila Macedo <aquilamacedo@riseup.net> | yes | 2026-04-20 | ||
| MDEV-39509-Fix-invalid-iv-length-with-OpenSSL-4.0.patch | MDEV-39509: Fix "invalid iv length" with OpenSSL 4.0 OpenSSL 4.0 changed the behavior of EVP_CIPHER_CTX_new: It now initializes the internal iv_len with a sentinel value of -1. When calling EVP_CipherInit_ex with the cipher, key, and IV simultaneously, the provider validates the IV against this sentinel before the cipher's default metadata is applied, triggering an error. This patch implements a two-stage initialization for OpenSSL 4.0+: - Call EVP_CipherInit_ex with only the cipher to "thaw" the context and set the correct default iv_len. - Perform a second call to provide the actual Key and IV data. This approach ensures compatibility with OpenSSL 4.0 while avoiding EVP_CipherInit_ex2 to maintain support for FIPS mode and older versions. (cherry picked from commit 5ca4ab639ad5f99d74f794b54ba1b4d6182ec2a9 from upstream feature branch, not yet merged) |
Georg Richter <georg@mariadb.com> | yes | 2026-05-02 | ||
| Update-TLS-test-regexes-for-OpenSSL-4.0-error-message-cha.patch | Update TLS test regexes for OpenSSL 4.0 error message changes OpenSSL 4.0 changed TLS alert error messages from "ssl/tls alert ..." to "tls alert ...", causing main.ssl_crl and main.tlsv13 to fail with result mismatches like: -ERROR 2026 (HY000): TLS/SSL error: ssl/tls alert handshake failure -ERROR 2026 (HY000): TLS/SSL error: ssl/tls alert handshake failure +ERROR 2026 (HY000): TLS/SSL error: tls alert handshake failure +ERROR 2026 (HY000): TLS/SSL error: tls alert handshake failure Update the `--replace_regex` patterns in both tests to accept the new "tls alert" variant alongside the existing "sslv3" and "ssl/tls" formats, normalizing them to the expected "ssl/tls" output so the result files remain valid across OpenSSL versions. |
Otto Kekäläinen <otto@debian.org> | yes | 2026-06-05 |
All known versions for source package 'mariadb'
- 1:11.8.8-1 (sid)
- 1:11.8.6-6 (forky)
- 1:11.8.6-0+deb13u1 (trixie)
- 1:10.11.14-0+deb12u2 (bookworm)