| From: | "Jonathan S(dot) Katz" <jkatz(at)postgresql(dot)org> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Magnus Hagander <magnus(at)hagander(dot)net>, Daniel Gustafsson <daniel(at)yesql(dot)se>, Damien Clochard <damien(at)dalibo(dot)info>, pgsql-www(at)lists(dot)postgresql(dot)org |
| Subject: | Re: CVE Links are broken on the PG 10.1 news page |
| Date: | 2017-11-10 16:55:21 |
| Message-ID: | EB171448-8F3B-4AFA-88EE-73D8BE8A1C32@postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-www |
> On Nov 10, 2017, at 11:32 AM, Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
>
> Magnus Hagander <magnus(at)hagander(dot)net> writes:
>> On Fri, Nov 10, 2017 at 2:56 PM, Daniel Gustafsson <daniel(at)yesql(dot)se> wrote:
>>> On 10 Nov 2017, at 12:14, Damien Clochard <damien(at)dalibo(dot)info> wrote:
>>>> The 3 CVE links lead to a 404 page on RH website :
>>>> https://access.redhat.com/security/cve/CVE-2017-12172
>>>> https://access.redhat.com/security/cve/CVE-2017-15098
>>>> https://access.redhat.com/security/cve/CVE-2017-15099
>
>>> Even better would probably be to not make them actual links until the
>>> target URL exists.
>
>> We used to do it that way. Which then meant they usually didn't get updated
>> until the next round of releases, because it got forgotten :/
>
> FWIW, I see that -12172 just got de-embargoed. Probably the other two
> will follow shortly.
Interestingly enough, when I checked post-release yesterday, they were available, so they must have been re-embargoed shortly thereafter.
Jonathan
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Magnus Hagander | 2017-11-10 17:29:59 | Re: CVE Links are broken on the PG 10.1 news page |
| Previous Message | Tom Lane | 2017-11-10 16:32:30 | Re: CVE Links are broken on the PG 10.1 news page |