| From: | Daniel Gustafsson <daniel(at)yesql(dot)se> |
|---|---|
| To: | Bruce Momjian <bruce(at)momjian(dot)us> |
| Cc: | Jacob Champion <jacob(dot)champion(at)enterprisedb(dot)com>, Wolfgang Walther <walther(at)technowledgy(dot)de>, Christoph Berg <myon(at)debian(dot)org>, Andres Freund <andres(at)anarazel(dot)de>, Peter Eisentraut <peter(at)eisentraut(dot)org>, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org>, Thomas Munro <thomas(dot)munro(at)gmail(dot)com>, Nazir Bilal Yavuz <byavuz81(at)gmail(dot)com>, Antonin Houska <ah(at)cybertec(dot)at> |
| Subject: | Re: [PoC] Federated Authn/z with OAUTHBEARER |
| Date: | 2025-04-08 16:42:19 |
| Message-ID: | 95D38828-C54C-494F-BAB9-71E62A3B8B57@yesql.se |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
> On 8 Apr 2025, at 18:33, Bruce Momjian <bruce(at)momjian(dot)us> wrote:
> Would we have to put out minor releases for curl CVEs? I don't think we
> have to for OpenSSL so would curl be the same?
Why do you envision this being different from all other dependencies we have?
For OpenSSL we also happily build against a version (and until recently,
several versions) which is EOL and don't even recieve security fixes.
--
Daniel Gustafsson
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jacob Champion | 2025-04-08 16:43:01 | Re: [PoC] Federated Authn/z with OAUTHBEARER |
| Previous Message | Fujii Masao | 2025-04-08 16:41:49 | Re: Enhancing Memory Context Statistics Reporting |