I assumed it would be for patches and security alerts with followups as
needed.
I can see where use of announce can serve this purpose, however, if
someone is solely interested in the security advisory aspects, they may
not care about the announcement-of-the-day.
Just food for thought. I can see why you wouldn't want another
list..otoh, I can see where someone may not want to monitor announce for
the sole purpose of watching for security advisories and patches.
Perhaps the use of "[SECURITY]" in the subject, or some such item, would
better address the issue and simply continue to use announce? That way,
MUA filters can easily be used to find and highlight items of interest.
Greg
On Thu, 2002-08-22 at 17:48, Neil Conway wrote:
> Greg Copeland <greg@CopelandConsulting.Net> writes:
> > I think that's an excellent idea. It would allow people to subscribe to
> > what would seemingly be a low volume mailing list and still be alerted
> > to possible issues they should be aware of.
>
> Would the purpose of the list be for publicizing vulnerabilities and
> patches, or for the discussion of potential security problems, code
> auditing, and related development activity?
>
> If the former, I think pgsql-announce is adequate for that purpose. If
> the latter, I'd rather see that kind of discussion on -hackers, so
> that other developers are aware of what's going on.
>
