| From: | Potvin, Jérémi <Jeremi(dot)Potvin(at)cra-arc(dot)gc(dot)ca> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | "pgsql-novice(at)lists(dot)postgresql(dot)org" <pgsql-novice(at)lists(dot)postgresql(dot)org> |
| Subject: | RE: Security question |
| Date: | 2019-09-26 16:37:07 |
| Message-ID: | 3f9bfbffab044379ad0e7554ea92967e@cra-arc.gc.ca |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-novice |
Thank you very much for your prompt response.
Jérémi
-----Original Message-----
From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Sent: September 26, 2019 12:34 PM
To: Potvin, Jérémi <Jeremi(dot)Potvin(at)cra-arc(dot)gc(dot)ca>
Cc: pgsql-novice(at)lists(dot)postgresql(dot)org
Subject: Re: Security question
=?iso-8859-1?Q?Potvin=2C_J=E9r=E9mi?= <Jeremi(dot)Potvin(at)cra-arc(dot)gc(dot)ca> writes:
> I would like to know what's the best way to track PostgreSQL security patches / CVE notifications.
> Should I subscribe to any particular mailing list(s)? RSS feed(s)?
pgsql-announce is what to read for release notices.
> I just want to make sure I get notified as soon as possible whenever a security vulnerability is identified with PostgreSQL.
Our release notices generally mention any new CVEs fixed in a release set.
For historical data see
https://www.postgresql.org/support/security/
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Pól Ua Laoínecháin | 2019-10-08 05:52:33 | Re: Getting to grips with Recursive CTEs. |
| Previous Message | Tom Lane | 2019-09-26 16:34:11 | Re: Security question |