Extra security measures for next week's releases - Mailing list pgsql-hackers

From Tom Lane
Subject Extra security measures for next week's releases
Date
Msg-id 14040.1364490185@sss.pgh.pa.us
Whole thread Raw
Responses Re: Extra security measures for next week's releases
List pgsql-hackers
The core committee has decided that one of the security issues due to be
fixed next week is sufficiently bad that we need to take extra measures
to prevent it from becoming public before packages containing the fix
are available.  (This is a scenario we've discussed before, but never
had to actually implement.)

What we intend to do is shut off updates from the master git repo to
the anonymous-git mirror, and to github, from Monday afternoon until
Thursday morning.  Commit-log emails to pgsql-committers will also be
held for this period.  This will prevent the commits that fix and
document the bug from becoming visible to anyone except Postgres
committers.  Updates will resume as soon as the release announcement
is made.

Although committers will still be able to work normally, we realize
that this is likely to be a handicap for non-committers; and it will
also mean that buildfarm runs will not test any new commits until the
mirrors are allowed to update.  We do not intend to start doing this
as a routine thing, and apologize in advance for any disruption.
It seems necessary in this instance, however.
        regards, tom lane



pgsql-hackers by date:

Previous
From: Kohei KaiGai
Date:
Subject: Re: [sepgsql 1/3] add name qualified creation label
Next
From: Steve Singer
Date:
Subject: Re: pg_upgrade segfaults when given an invalid PGSERVICE value