Skip site navigation (1) Skip section navigation (2)

PostgreSQL RPM Repository: Security announcement

From: Devrim GÜNDÜZ <devrim(at)gunduz(dot)org>
To: PostgreSQL Announce ML <pgsql-announce(at)postgresql(dot)org>
Subject: PostgreSQL RPM Repository: Security announcement
Date: 2012-07-12 14:25:32
Message-ID: (view raw, whole thread or download thread mbox)
Lists: pgsql-announce

Red Hat Inc's Information Security Team has recently contacted us about
a possible security issue with a previous PostgreSQL RPM repository.

A few years ago, when the project first started, the project used the domain, which was first replaced by, and the
replaced with the final location: . During these
transitions, we made a lot of effort to make our users comfortable, such
as auto-updating the repo URL. However, there are a lot of articles on
the Internet that still point to the old URLs. is scheduled to be managed by the PostgreSQL NPO in Canada,
so it will stay as a community domain. However, is not
under our control anymore. All the links currently return OK, but
someone may one day place malware on the site, resulting in a security

So, if you are the YUM repo user, and are still using the very old
domain name, please update the repository RPM as soon as possible:

If you want to verify that you are using the correct
repository/packages, please use this GPG key to verify your packages:

Feel free to contact me for any questions.

PostgreSQL Community RPM Developer

pgsql-announce by date

Next:From: David FetterDate: 2012-07-16 05:04:04
Subject: == PostgreSQL Weekly News - July 15 2012 ==
Previous:From: Daniele VarrazzoDate: 2012-07-11 10:54:11
Subject: PGXN Client 1.1 released

Privacy Policy | About PostgreSQL
Copyright © 1996-2017 The PostgreSQL Global Development Group