Re: Security information page
| От | Simon Riggs |
|---|---|
| Тема | Re: Security information page |
| Дата | |
| Msg-id | 1133131865.2906.234.camel@localhost.localdomain обсуждение исходный текст |
| Ответ на | Re: Security information page ("Magnus Hagander" <mha@sollentuna.net>) |
| Список | pgsql-www |
On Sun, 2005-11-27 at 21:52 +0100, Magnus Hagander wrote: ..Tom Lane wrote > > I think the bit about "Our goal is to gain and maintain > > CVE-compatible status" is bogus. As near as I can tell, > > Mitre's definition of CVE compatibility applies to security > > products (eg, vulnerability scanners) which Postgres is not. > > Um. Not really - products like Debian are CVE compatible > (http://www.us.debian.org/security/cve-compatibility), so it's not just > for security products. > > > You could maybe say that this one web page is something that > > could apply for CVE compatibility status, but are we going to > > jump through those hoops for one web page? Nyet. > > Right. I'll take that off until such a time as we're further along that > process (see Simons mails). I'll re-raise this as a separate item, later; one step at a time. > Looks better now? And the first step looks very good now. Best Regards, Simon Riggs
В списке pgsql-www по дате отправления: