public inbox for [email protected]
help / color / mirror / Atom feedFrom: Simon Riggs <[email protected]>
To: Magnus Hagander <[email protected]>
Cc: Tom Lane <[email protected]>
Cc: [email protected]
Subject: Re: Security information page
Date: Sun, 27 Nov 2005 22:51:05 +0000
Message-ID: <[email protected]> (raw)
In-Reply-To: <[email protected]>
References: <[email protected]>
On Sun, 2005-11-27 at 21:52 +0100, Magnus Hagander wrote:
..Tom Lane wrote
> > I think the bit about "Our goal is to gain and maintain
> > CVE-compatible status" is bogus. As near as I can tell,
> > Mitre's definition of CVE compatibility applies to security
> > products (eg, vulnerability scanners) which Postgres is not.
>
> Um. Not really - products like Debian are CVE compatible
> (http://www.us.debian.org/security/cve-compatibility), so it's not just
> for security products.
>
> > You could maybe say that this one web page is something that
> > could apply for CVE compatibility status, but are we going to
> > jump through those hoops for one web page? Nyet.
>
> Right. I'll take that off until such a time as we're further along that
> process (see Simons mails).
I'll re-raise this as a separate item, later; one step at a time.
> Looks better now?
And the first step looks very good now.
Best Regards, Simon Riggs
view thread (12+ messages) latest in thread
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected], [email protected], [email protected]
Subject: Re: Security information page
In-Reply-To: <[email protected]>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox