Skip site navigation (1) Skip section navigation (2)

Extra security measures for next week's releases

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: pgsql-hackers(at)postgreSQL(dot)org
Subject: Extra security measures for next week's releases
Date: 2013-03-28 17:03:05
Message-ID: 14040.1364490185@sss.pgh.pa.us (view raw or flat)
Thread:
Lists: pgsql-hackers
The core committee has decided that one of the security issues due to be
fixed next week is sufficiently bad that we need to take extra measures
to prevent it from becoming public before packages containing the fix
are available.  (This is a scenario we've discussed before, but never
had to actually implement.)

What we intend to do is shut off updates from the master git repo to
the anonymous-git mirror, and to github, from Monday afternoon until
Thursday morning.  Commit-log emails to pgsql-committers will also be
held for this period.  This will prevent the commits that fix and
document the bug from becoming visible to anyone except Postgres
committers.  Updates will resume as soon as the release announcement
is made.

Although committers will still be able to work normally, we realize
that this is likely to be a handicap for non-committers; and it will
also mean that buildfarm runs will not test any new commits until the
mirrors are allowed to update.  We do not intend to start doing this
as a routine thing, and apologize in advance for any disruption.
It seems necessary in this instance, however.

			regards, tom lane


Responses

pgsql-hackers by date

Next:From: Steve SingerDate: 2013-03-28 19:06:30
Subject: Re: pg_upgrade segfaults when given an invalid PGSERVICE value
Previous:From: Kohei KaiGaiDate: 2013-03-28 16:33:24
Subject: Re: [sepgsql 1/3] add name qualified creation label

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group