Re: CVE Links are broken on the PG 10.1 news page

Поиск
Список
Период
Сортировка
От Jonathan S. Katz
Тема Re: CVE Links are broken on the PG 10.1 news page
Дата
Msg-id EB171448-8F3B-4AFA-88EE-73D8BE8A1C32@postgresql.org
обсуждение исходный текст
Ответ на Re: CVE Links are broken on the PG 10.1 news page  (Tom Lane <tgl@sss.pgh.pa.us>)
Ответы Re: CVE Links are broken on the PG 10.1 news page
Список pgsql-www
Дерево обсуждения 
> On Nov 10, 2017, at 11:32 AM, Tom Lane <tgl@sss.pgh.pa.us> wrote:
>
> Magnus Hagander <magnus@hagander.net> writes:
>> On Fri, Nov 10, 2017 at 2:56 PM, Daniel Gustafsson <daniel@yesql.se> wrote:
>>> On 10 Nov 2017, at 12:14, Damien Clochard <damien@dalibo.info> wrote:
>>>> The 3 CVE links lead to a 404 page on RH website :
>>>> https://access.redhat.com/security/cve/CVE-2017-12172
>>>> https://access.redhat.com/security/cve/CVE-2017-15098
>>>> https://access.redhat.com/security/cve/CVE-2017-15099
>
>>> Even better would probably be to not make them actual links until the
>>> target URL exists.
>
>> We used to do it that way. Which then meant they usually didn't get updated
>> until the next round of releases, because it got forgotten :/
>
> FWIW, I see that -12172 just got de-embargoed.  Probably the other two
> will follow shortly.

Interestingly enough, when I checked post-release yesterday, they were available, so they must have been re-embargoed
shortlythereafter. 

Jonathan

В списке pgsql-www по дате отправления: