Re: Security question

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Potvin, Jérémi <Jeremi(dot)Potvin(at)cra-arc(dot)gc(dot)ca>
Cc: "pgsql-novice(at)lists(dot)postgresql(dot)org" <pgsql-novice(at)lists(dot)postgresql(dot)org>
Subject: Re: Security question
Date: 2019-09-26 16:34:11
Message-ID: 17938.1569515651@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-novice

=?iso-8859-1?Q?Potvin=2C_J=E9r=E9mi?= <Jeremi(dot)Potvin(at)cra-arc(dot)gc(dot)ca> writes:
> I would like to know what's the best way to track PostgreSQL security patches / CVE notifications.
> Should I subscribe to any particular mailing list(s)? RSS feed(s)?

pgsql-announce is what to read for release notices.

> I just want to make sure I get notified as soon as possible whenever a security vulnerability is identified with PostgreSQL.

Our release notices generally mention any new CVEs fixed in a release set.
For historical data see
https://www.postgresql.org/support/security/

regards, tom lane

In response to

Responses

Browse pgsql-novice by date

  From Date Subject
Next Message Potvin 2019-09-26 16:37:07 RE: Security question
Previous Message Potvin 2019-09-26 16:12:14 Security question