Re: CVE Links are broken on the PG 10.1 news page
| От | Magnus Hagander |
|---|---|
| Тема | Re: CVE Links are broken on the PG 10.1 news page |
| Дата | |
| Msg-id | CABUevEzj23g3g3rO+t4WeXXEH8936nWXUpj=HQW4_OM=8+mLrA@mail.gmail.com обсуждение исходный текст |
| Ответ на | Re: CVE Links are broken on the PG 10.1 news page (Daniel Gustafsson <daniel@yesql.se>) |
| Ответы |
Re: CVE Links are broken on the PG 10.1 news page
|
| Список | pgsql-www |
On Fri, Nov 10, 2017 at 2:56 PM, Daniel Gustafsson <daniel@yesql.se> wrote:
> On 10 Nov 2017, at 12:14, Damien Clochard <damien@dalibo.info> wrote:
>
> Le 10.11.2017 11:17, Daniel Gustafsson a écrit :
>>> On 10 Nov 2017, at 11:15, Damien Clochard <damien@dalibo.info> wrote:
>>> here :
>>> https://www.postgresql.org/about/news/1801/
>>> The 3 CVE links lead to a 404 page on RH website :
>>> https://access.redhat.com/security/cve/CVE-2017-12172
>>> https://access.redhat.com/security/cve/CVE-2017-15098
>>> https://access.redhat.com/security/cve/CVE-2017-15099
>> IIRC that’s the case with every security release, the Redhat site aren’t
>> publishing them immediately but will eventually (soonish) have them.
>
> Ok I was not aware of that. It makes sense but maybe we could had this explanation in the release announcement so that people like me don't get confused by the broken links ? :)
Even better would probably be to not make them actual links until the target
URL exists.
We used to do it that way. Which then meant they usually didn't get updated until the next round of releases, because it got forgotten :/
В списке pgsql-www по дате отправления: