Hello,

We recently were informed of some security fixes in Mysql 5.5.41: http://www.ubuntu.com/usn/usn-2480-1/ and are wondering whether there are plans to include these in an upcoming MariaDB release.  Right now, we are running 10.0.13, so we're trying to plan the next upgrade. We see that there have been similar fixes included in MariaDB 10.0.14 and 10.0.15, so this seems likely.

Based on this https://mariadb.com/kb/en/mariadb/development/security/ list of CVE's, it looks like the MariaDB 10.0.15 and MariaDB 5.5.40 include the same security fixes (presumably pulled from Mysql 5.5.40). Can we expect that the fixes from Mysql 5.5.41 will be included in an upcoming MariaDB 10.0.16 release? Would appreciate any insight into the general schedule for addressing these vulnerabilities.

Thanks!

Raina Masand and Lyle Franklin

Cloud Foundry Core Services Team