Hi,
On Fri, 2016-02-19 at 02:03 -0400, Michael Gauthier wrote:
> The instructions on http://yum.postgresql.org/howtoyum.php for
> installing the PostgreSQL YUM repository are insecure.
>
> You are asking people to download and install the repo RPM package over
> HTTP. A MITM attack could serve an arbitrary RPM and trick users into
> installing arbitrary software.
Thanks for the heads up. I updated the links on that page, so that they point
to https://download.postgresql.org . Does it work for you?
Please let us know if you see more issues with this.
Regards,
--
Devrim GÜNDÜZ
Principal Systems Engineer @ EnterpriseDB: http://www.enterprisedb.com
PostgreSQL Danışmanı/Consultant, Red Hat Certified Engineer
Twitter: @DevrimGunduz , @DevrimGunduzTR