Hi! On 14 Feb 2012, at 00:11, Robbie Williamson wrote:
One thing to note, the primary motivator for this proposal isn't about moving to a more "open source friendly" application. We have genuine security concerns/issues with how MySQL handles and publishes their security updates. We can't simply update supported prior Ubuntu releases to newer MySQL versions, so we have to backport patches. Their lack of information and access to the bugs addressed makes it *very* time consuming and difficult for our security and SRU teams to do this. If we can resolve these issues, then MySQL's future in main looks much brighter.
As an addition to the lack of transparent security bugs, it should be noted that MySQL has an interesting release policy that may be incompatible with LTS-styled distributions. MySQL policy only aims to support 2 active GA releases at any one time. In today's world, that is MySQL 5.1 and MySQL 5.5. If MySQL 5.6 becomes GA by April/June/October 2012 (as we suspect -- there is no roadmap/milestone), support will only exist for MySQL 5.5 and MySQL 5.6. With an average of 12-18 months in a release cycle for MySQL, this puts active support for MySQL 5.5 out by sometime in 2014. Ubuntu's next LTS release needs support for security till 2017 Today, only MariaDB is giving you 5 years of community support for every GA release out there (from the date of the GA). i.e. if a bug is reported, and it is security related, it will be backported into older releases as long as they remain in active support. There is no trigger to have a paying customer have a bug, as long as the bug is currently in one of the many supported GA releases and reported on the very public Launchpad bug tracker :-) cheers, -c -- Colin Charles, http://bytebot.net/blog/ | twitter: @bytebot | skype: colincharles MariaDB: Community developed. Feature enhanced. Backward compatible. Download it at: http://www.mariadb.org/ Open MariaDB/MySQL documentation at the Knowledgebase: http://kb.askmonty.org/