On 10/11/2015 04:54 AM, Greg Sabino Mullane wrote:
> The release notes for the new version reference some CVEs that
> have not been publically released yet. Are they slow, or is
> this something that needs to be added to the release
> process checklist?
These days MITRE is lagging 2-6 weeks behind publication for getting
CVEs on their website. That's why I didn't bother to link them from the
announcement.
I don't know that there's anything the PostgreSQL project can do about
it. If anyone on this list is connected with MITRE, please ask them
what they need to be more prompt.
--
Josh Berkus
PostgreSQL Experts Inc.
http://pgexperts.com