Re: [HACKERS] BUG #2052: Federal Agency Tech Hub Refuses to Accept

public inbox for [email protected]  
help / color / mirror / Atom feed

From: Bruce Momjian <[email protected]>
To: John R Pierce <[email protected]>
Cc: Peter Eisentraut <[email protected]>
Cc: [email protected]
Cc: Simon Riggs <[email protected]>
Cc: Tom Lane <[email protected]>
Cc: Stephen Frost <[email protected]>
Cc: Ferindo Middleton <[email protected]>
Cc: [email protected]
Subject: Re: [HACKERS] BUG #2052: Federal Agency Tech Hub Refuses to Accept
Date: Fri, 25 Nov 2005 17:57:20 -0500 (EST)
Message-ID: <[email protected]> (raw)
In-Reply-To: <[email protected]>

John R Pierce wrote:
> Bruce Momjian wrote:
> > If someone wants to create a separate web page to track fixes related to
> > CVE number, that is fine.  My guess is that most people reading the
> > release notes don't care about the CVE numbers themselves (just that
> > each release has all known security bugs fixed), and most bugs that are
> > fixed don't have CVE numbers at commit time.
> 
> I think its quite reasonable for the one line description of a postgres 
> bug to reference "CVE-2005-0247 multiple buffer overflows..." or 
> whatever, I guess it kind of depends on which came first...  if the CVE 
> security item came first, and was entered into the PGSQL bug tracker, 
> then this makes a LOT of sense.  if the CVE folks create their entry 
> AFTER the bug has been entered into PGSQL, it makes less sense.

We don't have a bug tracker, see the current FAQ.

-- 
  Bruce Momjian                        |  http://candle.pha.pa.us
  [email protected]               |  (610) 359-1001
  +  If your life is a hard drive,     |  13 Roberts Road
  +  Christ can be your backup.        |  Newtown Square, Pennsylvania 19073

view thread (16+ messages)

reply

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Reply to all the recipients using the --to and --cc options:
  reply via email

  To: [email protected]
  Cc: [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected]
  Subject: Re: [HACKERS] BUG #2052: Federal Agency Tech Hub Refuses to Accept
  In-Reply-To: <[email protected]>

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox