On Mon, Jan 31, 2011 at 03:52:03PM -0800, Josh Berkus wrote:
> >> ... currently has security patch information going back to 2004.
> >> I'd like to cut everything which only applies through version 8.0
> >> as obsolete. This would mean cutting all notices starting with
> >> CVE-2006-0678.
> > Well there are two notices prior to that that apply to 8.1.
> Oh, yeah, well spotted. Those two would be untouched.
> > Will the information still be archived someplace if someone needs
> > it?
> The release notes will still be available.
> > I might be more inclined to move it to a separate page than to
> > nuke it completely.
> Why? What's the point in keeping it around?
The *act* of removing it is the one we want to avoid even the
appearance of doing. It's an affirmative act, and one that could make
us look very bad.
David Fetter <david(at)fetter(dot)org> http://fetter.org/
Phone: +1 415 235 3778 AIM: dfetter666 Yahoo!: dfetter
Skype: davidfetter XMPP: david(dot)fetter(at)gmail(dot)com
Remember to vote!
Consider donating to Postgres: http://www.postgresql.org/about/donate
In response to
pgsql-www by date
|Next:||From: Bruce Momjian||Date: 2011-02-02 23:24:31|
|Subject: Re: I thought we were keeping the cvsweb server
|Previous:||From: Tom Lane||Date: 2011-02-01 17:44:12|
|Subject: Re: Purge obsolete security updates? |