public inbox for [email protected]help / color / mirror / Atom feed
separate security tag? 5+ messages / 2 participants [nested] [flat]
* separate security tag? @ 2025-12-10 12:23 Wim Bertels <[email protected]> 0 siblings, 1 reply; 5+ messages in thread From: Wim Bertels @ 2025-12-10 12:23 UTC (permalink / raw) To: pgsql-pkg-debian Hello, in the context of https://manpages.debian.org/trixie/unattended-upgrades/unattended-upgrades.8.en.html could it possible to automatically update only the security updates within the pgdg repository? mvg, Wim ^ permalink raw reply [nested|flat] 5+ messages in thread
* Re: separate security tag? @ 2025-12-10 13:48 Christoph Berg <[email protected]> parent: Wim Bertels <[email protected]> 0 siblings, 1 reply; 5+ messages in thread From: Christoph Berg @ 2025-12-10 13:48 UTC (permalink / raw) To: Wim Bertels <[email protected]>; +Cc: pgsql-pkg-debian Re: Wim Bertels > in the context of > https://manpages.debian.org/trixie/unattended-upgrades/unattended-upgrades.8.en.html > > could it possible to automatically update only the security updates > within the pgdg repository? I wouldn't know how to tag the packages in a way that apt would understand. For security.debian.org, that's based on the whole repo being "security", but for apt.pg.o, we don't have that. Christoph ^ permalink raw reply [nested|flat] 5+ messages in thread
* Re: separate security tag? @ 2025-12-11 08:33 Wim Bertels <[email protected]> parent: Christoph Berg <[email protected]> 0 siblings, 1 reply; 5+ messages in thread From: Wim Bertels @ 2025-12-11 08:33 UTC (permalink / raw) To: ; +Cc: pgsql-pkg-debian Christoph Berg schreef op wo 10-12-2025 om 14:48 [+0100]: > Re: Wim Bertels > > in the context of > > https://manpages.debian.org/trixie/unattended-upgrades/unattended-upgrades.8.en.html > > > > could it possible to automatically update only the security updates > > within the pgdg repository? > > I wouldn't know how to tag the packages in a way that apt would > understand. For security.debian.org, that's based on the whole repo > being "security", but for apt.pg.o, we don't have that. > tnx Christoph, i was assuming that it would be possible somehow, so the question then becomes: could it be possible to have a security.postgresql.org and apt.postgresql.org ? Wim ^ permalink raw reply [nested|flat] 5+ messages in thread
* Re: separate security tag? @ 2025-12-11 11:48 Christoph Berg <[email protected]> parent: Wim Bertels <[email protected]> 0 siblings, 1 reply; 5+ messages in thread From: Christoph Berg @ 2025-12-11 11:48 UTC (permalink / raw) To: Wim Bertels <[email protected]>; +Cc: pgsql-pkg-debian Re: Wim Bertels > so the question then becomes: > could it be possible to have a > security.postgresql.org > and > apt.postgresql.org We could have separate suites foo-pgdg-security instead. But I think that doesn't really solve the problem because it has too many sub-dimensions. Say you switched to the apt.pg.o version of pgbouncer because you wanted a newer feature. Would you later want only security updates for it? If someone else switches to it later for another feature, would we have to maintain pgbouncer-feature1-security and pgbouncer-feature2-security? For the server packages, the discussion is similar. This would be a huge extra effort, and the problem space is already complicated enough. If you want stable stable, use what is in Debian. If you want newer versions, go with apt.pg.o. I already try to mention CVEs in the package changelogs, though sometimes I miss them. I could try to make sure that happens more often. Christoph ^ permalink raw reply [nested|flat] 5+ messages in thread
* Re: separate security tag? @ 2025-12-11 14:35 Wim Bertels <[email protected]> parent: Christoph Berg <[email protected]> 0 siblings, 0 replies; 5+ messages in thread From: Wim Bertels @ 2025-12-11 14:35 UTC (permalink / raw) To: [email protected] <[email protected]>; +Cc: pgsql-pkg-debian Christoph Berg schreef op do 11-12-2025 om 12:48 [+0100]: > > This would be a huge extra effort, and the problem space is already > complicated enough. i can imagine thank you for the work done and being done ^ permalink raw reply [nested|flat] 5+ messages in thread
end of thread, other threads:[~2025-12-11 14:35 UTC | newest] Thread overview: 5+ messages (download: mbox mbox.gz follow: Atom feed) -- links below jump to the message on this page -- 2025-12-10 12:23 separate security tag? Wim Bertels <[email protected]> 2025-12-10 13:48 ` Christoph Berg <[email protected]> 2025-12-11 08:33 ` Wim Bertels <[email protected]> 2025-12-11 11:48 ` Christoph Berg <[email protected]> 2025-12-11 14:35 ` Wim Bertels <[email protected]>
This inbox is served by agora; see mirroring instructions for how to clone and mirror all data and code used for this inbox